I'm trying to set up an Signed URL for an Design Automation Workflow which is triggered by an Webhook inside of the BIM360 OSS. If a file is added the webhooks triggers an endpoint to start a Design Automation. The webhook is working. And the Design Automation is working too. The Problem occurs if i try to wire both up. I#m trying to create a Signed URL of the File like suggested in this post from Petr Broz link stackoverflow.
To use this API it is requierd to use an Token which is obatined by 2-Legged-Auth which is working with all necessary Scopes. In the response of the Webhook is an ID for the Folder and Version. The API is recognizing the ID.
The problem occurs in the response of this endpoint to create the signed url: https://developer.api.autodesk.com/oss/v2/buckets/:bucketKey/objects/:objectKey/signed
I'm using the wip.dm.emea as bucket because the file is stored in the EU BIM360 OSS.
The response is a 403 Forbidden:
{
"reason": "Only the bucket creator is allowed to access this api."
}
Is it even possible to get the File ID like in this example Forge how to Download File ?
Because this Solution requires a 3-Legged-Auth Flow which is not possible for a complete Automation.
The thing which makes me question is, that you can achieve this Workflow in plane Forge. But not in BIM360 where i have no control over the Buckets that are created by the System!?
I think this is an architectural missmatch between the Forge API and the BIM360 implementation!? Will there be a solution for this in the future?
Best regards
Jan
Unfortunately, I can confirm that it's not possible to create a signed URL for your BIM360 storage currently, as the error message mentioned, the endpoint requires the bucket owner to do this operation, this is what it is now. But I agree with you that this should be an architecture mismatch between Forge OSS and BIM360 implementation, and it's already been requested in our system, please keep "CPOSS-1066" to check with us about the progress.
As for the current way, you can keep the 3 legged token and using that for the output Url and also in the onComplete() callback, I have the blog post https://forge.autodesk.com/blog/upload-your-design-automation-output-file-bim360-docs which details the way to work, hope it helps at this moment.
Related
I've been trying to enforce a predefined naming-standard on an Autodesk BIM360 Docs folder.
There exists an API endpoint to get the naming-standard that is enforced for a BIM360 Docs folder by calling
GET projects/:project_id/folders/:folder_id
and also
GET https://developer.api.autodesk.com/bim360/docs/v1/projects/:projectId/naming-standards/:id
to get the details of the defined naming standard.
But there seems to be no public API to enforce a naming standard on a newly created folder. Which is strange since one can set a naming standard via the UI.
I've checked what happens when a user enforces a naming standard via the UI. The UI calls this API
POST /dm/v3/projects/<ProjectId>/folders/naming-standards:batch-enforce
with this data
[{"folderUrn":"<folderId>", "namingStandardId":"<namingStandardId>", "includeSubfolders":false,"operation":"add"}]
I tried calling the same API programmatically and got an error that my registered forge app has no access to the specified api product, although the data-management api is enabled for this app.
Am a little helpless of how to continue. Perhaps someone can give me a push in the right direction?
Thanks
Unfortunately, the naming standard API is READ-ONLY currently. The Write API is still on the way to come. Please stay tuned with us.
Note. The API you found is for Docs Service itself only.
we are generated client id and secret id. And also we have got access token using Internal Token.
when running the project we can view Revit file which we are uploaded using forge bucket.
Then again are trying to get all elelments (Building,floor,rooms,equipments etc)in Revit model using API.
using this Link:https://forge.autodesk.com/en/docs/model-derivative/v2/reference/http/urn-metadata-GET/
we have using API in onDocumentLoadSuccess this event.
we are passing url:https://developer.api.autodesk.com/modelderivative/v2/designdata/:urn/metadata
headers :'Authorization': 'Bearer ' + access_token.
In this we are passing urn,access_token parameters also fine.
But we face "Token does not have the privilege for this request" error.(we have already have access token through API.But for the second time we face the error)
How to solve this, please help me on this.
Note that the different endpoints provided by the Forge services require a specific "scope" that the access token must be generated for. For example, according to the GET :urn/metadata docs, this endpoint requires the the access token to be generated with the "data:read" scope.
Also, note that properties of a design processed by the Model Derivative service are actually obtained by a different endpoint - not using GET :urn/metadata, but using GET :urn/metadata/:guid/properties.
I'm not really familiar with Autodesk's instruments, so maybe anyone could help me with Auth:
I have 2-legged auth with forge, and i need to refresh token automatically or simply make my viewer persistent.
Also any help/links/references on points of interest or how to add floor switching feature to the project?
Typically, when setting up the viewer, you provide a function the viewer will call whenever it needs a fresh 2-legged token. This function should make a request to your server-side logic to generate the new token. The Learn Forge - View Your Models tutorial guides you through this process, using different languages and runtimes. For example, here's how you could implement the token updating in Node.js:
https://github.com/Autodesk-Forge/learn.forge.viewmodels/blob/nodejs/routes/oauth.js#L26-L36
https://github.com/Autodesk-Forge/learn.forge.viewmodels/blob/nodejs/public/js/ForgeViewer.js#L46-L52
Btw. a "refresh token" is only available in 3-legged auth workflows.
For features like floor switching, take a look at these:
https://forge.autodesk.com/blog/view-each-floor-using-vertical-explode
https://twitter.com/ipetrbroz/status/1227901732023201795
I'm the administrator of a Bim360 Docs Hub,and i'm trying to retrieve some data from the forge API. I've already created a test app, and i get a Bim 360 Account Id.
I'm not able to get an authentication bearear token (OAuth), to make simple get requests towards projects.
Where do i get the auth token ?
Thanks
See tutorial here to aquire OAuth tokens and note that you will need different permutations of OAuth scopes (esp. data:read data:write etc.) for different operations, as is specified in the docs of each and every API, see an example here.
You may use a RESTful client like Postman to talk to our APIs and manage the authentication flow and operate on response data with JavaScript as you like so as to build workflows such as to create a new project.
Last but not least before you can access BIM360 APIs make sure you provision access to your app.
I went through the Quickstart on how to upload a file to Google Drive (for Android) and everything works fine. However, it isn't clear whether I am responsible for storing tokens and handling exceptions if they expire. Does the SDK code used in the Quickstart handle this for me behind the scenes?:
https://developers.google.com/drive/quickstart-android
If I regularly call this code (taken from the Quickstart):
credential = GoogleAccountCredential.usingOAuth2(this, DriveScopes.DRIVE);
credential.setSelectedAccountName(accountName);
service = getDriveService(credential);
and then call some drive method, will it eventually generate an exception when the token expires or does the SDK code catch this internally and automatically attempt to retrieve a refreshed token?
To be even more specific, am I required to implement the code shown here:
https://developers.google.com/drive/credentials
What also isn't clear to me is the difference between an access token and refresh token. Then there is "short lived" tokens and "long lived" tokens. Kind of confusing.
On Android, when you use Google Play Services, all of the work is handled for you, including getting the token and refreshing it. This is explained in the quickstart guide that you have linked, and there is nothing more that you need to do.