Aproove fits the stack you already run

Why it matters

Most marketing platforms with automated approval workflows and version control have integration limits. The cost of a workflow platform that does not integrate well is rarely visible upfront. It shows up later, in three predictable ways.

The first is duplicate data entry. If Aproove cannot pull project data from your project management system, project managers create projects twice: once in the upstream system, once in Aproove. The error rate on the second copy is the cost of poor integration.

The second is broken workflows at the seams. If decisions in Aproove cannot trigger downstream actions in your ERP, MAM, or scheduling system, those handoffs become email tasks. Human steps that should be automated stay manual, and the audit trail breaks at the seam.

The third is identity sprawl. If user provisioning is not automated through your identity provider, IT teams maintain user lists in Aproove separately from their main identity directory. People come and go from the organization without their Aproove access changing accordingly. The compliance posture degrades.

Enterprise application integration tools address all three. Project data flows in from upstream systems automatically. Aproove decisions trigger downstream actions in real time. User accounts come and go with the identity provider. The platform stays connected.

The integration toolkit

Aproove RPC API V2.0. The full programmatic surface of the platform. Project creation, file upload, workflow trigger, decision retrieval, audit data export, configuration management, and user management are all accessible via REST/RPC calls. The API is documented and stable, with versioning support.

Concoord middleware. Built on Node-RED, Concoord provides a visual integration builder where flows are constructed by connecting nodes. Pre-built nodes include the Aproove RPC node (for any Aproove API call) and the Adobe Workfront connector (for any Workfront API call). Custom nodes can be added for other systems. Concoord can be deployed alongside Aproove or independently, and it can run integration logic that spans multiple systems and includes branching, conditional logic, transformation, and error handling.

Aproove webhooks. When events happen in Aproove (project creation, workflow step completion, decision made, file uploaded, AI Agent invocation, and so on), Aproove can fire webhook calls to subscribed endpoints. Concoord, your own integration layer, or any HTTP-listening service can receive these events and act on them in real time.

Hot folders. For file-based integration with legacy systems that do not have APIs, Aproove supports hot folders: filesystem locations that automatically ingest files when they appear, with metadata derived from filename conventions or accompanying sidecar files.

Workflow Actions calling external systems. Inside an Aproove workflow, individual steps can include Actions that call external systems mid-workflow. The "Concoord Call" Action invokes a Concoord flow synchronously or asynchronously. The "Concoord Call and wait for callback" Action invokes a Concoord flow and pauses the workflow until the external system responds. This means external systems can participate in Aproove workflows as full participants, not just observers.

Pre-built integrations

Adobe Workfront. The most documented pre-built integration. Workfront-initiated project creation flows from a Workfront custom form into Aproove via Concoord, with project metadata, files, and milestone synchronization. Both polling-based and webhook-based patterns are supported. Aproove decisions can flow back to Workfront to update task status. The Workfront Connector includes built-in pagination and follows Workfront's REST architecture.

Identity providers. SAML 2.0 SSO with auto-provisioning is a first-class capability. Documented integrations exist for Active Directory (Kroger pattern), Azure AD (Kingspan pattern, generally), and Okta. LDAP is supported for legacy identity systems. Group provisioning and deprovisioning means users joining or leaving an identity group automatically gain or lose Aproove access, including their contact group memberships.

Custom integrations via Concoord. Beyond the pre-built connectors, Concoord can integrate with virtually any system that has a REST API or webhook endpoint. Customer-built integrations exist for ERP systems, scheduling systems, asset management platforms, and homegrown applications. The Kroger deployment, for example, includes a "deep dynamic integration between the Kroger scheduling system and Aproove" that drives 600+ scheduled workflow triggers per week (per the Kroger Promotional Execution Centre of Excellence Transformation white paper, Aproove, October 2021).

Identity integration

Identity is its own integration story because of how much it touches: user lifecycle, permission management, audit attribution, and compliance posture.

Aproove supports SAML 2.0 SSO, with the customer's identity provider acting as the IDP and Aproove acting as the Service Provider. Authentication flows through the customer's existing infrastructure. Aproove never holds passwords for SSO users.

Auto-provisioning extends this. When users join an identity group in the customer's directory, they are provisioned into Aproove with appropriate role and contact group memberships. When they leave, their access is deprovisioned. The identity provider is the source of truth; Aproove follows it.

For SSO users, Aproove also supports an "Enforce user identity" feature, which re-validates the user's SSO identity at specific decision points. This supports FDA 21 CFR Part 11 e-signature requirements and similar credential-confirmation flows where the original SSO authentication is not sufficient.

Common integration patterns

Form-driven project creation. A user fills out a custom form in the upstream system (Workfront, SharePoint, a custom intake portal). The form submission triggers a Concoord flow that creates a project in Aproove with the captured metadata, attaches the files, and starts the workflow.

Event-driven workflow orchestration. Aproove fires webhooks at key workflow events. External systems subscribe to those webhooks and take action: updating an ERP record, releasing a production order, posting to a chat channel, triggering a downstream review.

Mid-workflow external calls. A workflow step in Aproove invokes an external system to perform a task. The step waits for the external response and then continues. This pattern lets Aproove orchestrate work that includes external steps, with the audit trail capturing the external participation.

Hot folder automation. Legacy systems drop files into a watched directory. Aproove ingests them automatically, with project assignment driven by filename or sidecar metadata. No human in the middle.

Identity-driven user lifecycle. Users are added or removed from identity groups in the customer's directory. Aproove provisioning follows automatically. Role assignments, contact group memberships, and access permissions update in step with the directory.

Benefits

• No duplicate data entry. Project data flows in from upstream systems automatically.
• Workflows do not break at seams. Aproove decisions can trigger downstream actions, and external systems can participate as workflow steps.
• Identity stays clean. SAML 2.0 SSO with auto-provisioning and deprovisioning keeps user access aligned with the source of truth.
• Pre-built where it matters, custom where you need it. Adobe Workfront has a documented pre-built integration. Anything else integrates via Concoord and the API.
• Integration logic is visual, not buried in code. Concoord's Node-RED foundation means integration flows are built and maintained visually, by integration architects, not just by developers.
• The audit trail spans the integration boundary. Webhook events and Concoord call events are captured in the project record alongside in-platform events.‍
• Open architecture, no vendor lock-in. REST/RPC APIs, standard protocols (SAML, webhooks), open middleware (Node-RED). Nothing proprietary blocks the integration path.

Who it's for

• IT and integration architects evaluating workflow platforms for fit with existing enterprise systems.
• Marketing operations leaders running review programs that depend on upstream project management, scheduling, or ERP systems.
• Identity and access management teams requiring automated user provisioning and deprovisioning through the corporate identity provider.
• Customers with Adobe Workfront specifically, who want a pre-built integration rather than a custom build.‍
• Customers with legacy systems that need integration via webhooks, hot folders, or scheduled API calls rather than modern API-first integration.

Under the Hood

Aproove's integration architecture is built around four pillars: the Aproove RPC API (REST-over-HTTP, versioned, fully documented), the Aproove webhook framework (configurable event subscriptions firing HTTP POST callbacks to subscriber endpoints), the Concoord middleware (a Node-RED-based integration platform with pre-built Aproove RPC and Adobe Workfront connectors), and the SAML 2.0 SSO framework (Aproove acts as Service Provider; customer IDP issues authentication assertions; group provisioning supported via SAML attributes). Workflow Actions include Concoord Call and Concoord Call-and-wait-for-callback, allowing workflow steps to invoke external systems synchronously or asynchronously. Hot folders provide filesystem-based automated input for legacy file-driven integration. Workflow events (project creation, step completion, decision made, file events, AI Agent events) are available as webhook subscriptions. The Aproove Concoord deployment can run alongside Aproove or independently, with documented examples of complex integration flows (Workfront project creation flow CD/560859786, Workfront integration sample CD/560859689, Concoord input endpoint and Aproove RPC node CD/566493214). The integration layer maintains the same audit trail standards as the platform proper: events crossing the integration boundary are captured in the project record with timestamps, attribution, and payload details where appropriate.