Aha.io · Authentication Profile

Aha Authentication

Authentication

Aha.io secures its APIs with apiKey, http, and oauth2 across 3 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode flow(s).

Product ManagementRoadmappingIdea ManagementProduct DevelopmentRequirementsAgile
Methods: apiKey, http, oauth2 Schemes: 3 OAuth flows: authorizationCode API key in: cookie

Security Schemes

OAuth2 oauth2
· flows: authorizationCode
ApiKeyAuth http
scheme: bearer
CookieAuth apiKey
· in: cookie (session)

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/aha-openapi.json
summary:
  types:
  - apiKey
  - http
  - oauth2
  api_key_in:
  - cookie
  oauth2_flows:
  - authorizationCode
schemes:
- name: OAuth2
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://{account-domain}.aha.io/oauth/authorize
    tokenUrl: https://{account-domain}.aha.io/oauth/token
    scopes: 0
  description: OAuth2 authentication with bearer tokens
  sources:
  - openapi/aha-openapi.json
- name: ApiKeyAuth
  type: http
  scheme: bearer
  description: API key authentication using Bearer token in Authorization header. Generate API
    keys at https://secure.aha.io/settings/api_keys
  sources:
  - openapi/aha-openapi.json
- name: CookieAuth
  type: apiKey
  in: cookie
  parameter: session
  description: Cookie-based authentication for web browser integration
  sources:
  - openapi/aha-openapi.json