Custom Auth API

My Custom Auth workflow seems to work fine in Queries from the App, but when that same resource is used in a Workflow, it doesn't seem to honor the same "check if valid, else re-authenticate" logic. Is this a known limitation, or have I missed a setting somewhere?