SOLVED

Access Token in Query Parameter Deprecation

Go to solution
Michael_Florin
Level 10

Access Token in Query Parameter Deprecation

  • Access Token in Query Parameter Deprecation: Support for authentication using access tokens in a query parameter of a Marketo Engage REST API call will be removed in a future release (specific date TBD). Existing integrations should migrate to usage of the Authorization header described here. New development should only use the Authorization header for authentication with Marketo Engage.

https://experienceleague.adobe.com/en/docs/marketo/using/release-notes/previous-releases/2024/releas...

 

This is from the Marketo Release Notes in July. The date of this change seems to be June 30th 2025.


My question now: How exactly does my webhook custom header need to look like? It works for me in Postman, as Postman seems to encode automatically to Base64, but how I do that in Marketo?

 

Thanks!
Michael

1 ACCEPTED SOLUTION

Accepted Solutions
SanfordWhiteman
Level 10 - Community Moderator

Re: Access Token in Query Parameter Deprecation

That doesn’t change.

View solution in original post

4 REPLIES 4
SanfordWhiteman
Level 10 - Community Moderator

Re: Access Token in Query Parameter Deprecation

The access token is already header-safe. You don’t (and should not) encode it. Just add the header:

Authorization: Bearer <token here>

 

Michael_Florin
Level 10

Re: Access Token in Query Parameter Deprecation

Ah, sorry, I meant the call that retrieves the bearer token. How do I replace this in the new world:

GET <Identity URL>/oauth/token?grant_type=client_credentials&client_id=<Client Id>&client_secret=<Client Secret>

 

SanfordWhiteman
Level 10 - Community Moderator

Re: Access Token in Query Parameter Deprecation

That doesn’t change.

Michael_Florin
Level 10

Re: Access Token in Query Parameter Deprecation

Oh, thank you very much, Sanford. I misread the article.