Urgent: Migrating shotgun_api3 to Autodesk ID - Are Personal Access Tokens sufficient?

Our company has not found a way to definitively prove that personal access tokens, combined with legacy authentication as provided by the shotgun_api3 library, are sufficient for continued pipeline functionality after Friday.

Would appreciate confirmation, as we’re operating on a hunch here and if we’re wrong… not good.

Here’s the associated GitHub issue for context.

As far as I’ve understood from @patrick-hubert-adsk 's documents, PAT’s are only required if your scripts are interacting with the Status of a HumanUser record.

So for example, if you have automated scripts that Activate or Deactivate SG accounts.

According to the response on the repo issue, PATs are apparently needed whenever you instantiate a Shotgun() instance.

1 Like

Hi @mgb-ingenuity

API access indeed requires a PAT to be defined when authenticating with HumanUser credentials. Using API Use, a Script Name and API Key suffice.

It all depends on the type of work done… users interacting with the application, or a service synchronizing data.

This post describe how you can check that your PAT is indeed used, while still being in dual login mode: When do I create a PAT before or after ShotGrid Migration - #7 by patrick-hubert-adsk

Hoping this helps,


1 Like

To be clear, a migrated user would use their Autodesk ID to log into SG web, but would need to use their legacy login/password + PAT to use any scripts authenticating with HumanUser credentials.

There is no way for the API to use their Autodesk ID credentials, right?

Hi @schicky

Autodesk Identity credentials can only be used in a Web Browser context. Not for command-line or API access.

Which is why we had to resort to offering an alternate way, using a PAT and the legacy login and passphrase.


Got it. Thanks!

Hmm, how does this work for completely new SG accounts that did not exists before the ADSK ID migration?

Are those credentials the same as their ADSK ID?

Hi @Ricardo_Musch

For new users, they need to visit their ShotGrid user settings, and set an initial passphrase.

Users should also note what is their login (usually their email, but it may vary. Admins can change that)