I'm experimenting with the automatic setup of projects in BIM 360 Field using the Autodesk Forge API. The code is designed to run on internal systems and currently uses the two legged authentication method. I've managed to get a project setup, I'm now trying to add a project admin using the recommended V2 import endpoint:
POST projects/:project_id/users/import
As I'm using two legged authentication I'm specifying my x-user-id in the header. When I run this I receive the following error:
{fault.name} - The client_id specified does not have access to the api product
This happens no matter which V2 endpoint I use; even though all services are enabled in the Forge Dev Centre for the app. I've looked at this answer and Mikako's solution works, but this is by using the V1 endpoint, I'd like to be able to use this endpoint, and other V2 endpoints. What could be going wrong with my V2 implementations?
I think it is because your project is Field classic. Field classic is a pre-Forge era web services. It's not a part of Forge.
You may try Field API:
https://bim360field.autodesk.com/apidoc/index.html#api/v1/project_users_method_3
The newer version of Field is under preview right now for customers who has Field.
For more info about what is Forge, what is not, please refer to this post:
https://fieldofviewblog.wordpress.com/2017/01/17/bim-360-and-forge-overview/
or about Field classic in general:
https://fieldofviewblog.wordpress.com/forge/
Related
The Forge documentation mentions “If you need an end user to authorize your app to act on the user’s behalf, you’ll want to check out this tutorial.” This makes it sound as if our app will be doing something from OurApp → Forge, reaching into Fusion data, pulling it out. Our desired action would be the user acting on their own behalf, with authorized permission, sending files to their account on OurApp.
I've genericized it, but our specific situation is as follows: we want Fusion360 users to be able to install our plugin and then send models in STL format (model derivative v2 API) to our service for 3D Printing or sharing with others. This same behavior exists for Tinkercad and is very popular, but the requirements change for Fusion, now that it is not a web app like Tinkercad.
Autodesk Forge uses OAuth 2.0 as its authentication strategy, and as part of that, the platform allows you to choose between two-legged and three-legged authentication.
Two-legged authentication means that a trust is established between your own application (with credentials that are generated for you when you create a Forge app on https://forge.autodesk.com) and the Forge services. Your application can manage its own data but it does not have access to your users data in other Forge applications.
Three-legged authentication means that a trust is established among 3 entities: your application, Forge, and your user. With an access token generated using 3-legged authentication, your application can also access the user's content in other Forge applications, for example, in BIM360 or Fusion Teams.
With that, if you plan on having your users upload STL files from a locally running instance of Fusion 360, you can use the simple 2-legged authentication and have your Forge application own and manage the uploaded data and the translated derivatives. But if you wanted to upload or download STLs to/from something like Fusion Teams, you would need the 3-legged auth workflow.
I'm trying to set up an Signed URL for an Design Automation Workflow which is triggered by an Webhook inside of the BIM360 OSS. If a file is added the webhooks triggers an endpoint to start a Design Automation. The webhook is working. And the Design Automation is working too. The Problem occurs if i try to wire both up. I#m trying to create a Signed URL of the File like suggested in this post from Petr Broz link stackoverflow.
To use this API it is requierd to use an Token which is obatined by 2-Legged-Auth which is working with all necessary Scopes. In the response of the Webhook is an ID for the Folder and Version. The API is recognizing the ID.
The problem occurs in the response of this endpoint to create the signed url: https://developer.api.autodesk.com/oss/v2/buckets/:bucketKey/objects/:objectKey/signed
I'm using the wip.dm.emea as bucket because the file is stored in the EU BIM360 OSS.
The response is a 403 Forbidden:
{
"reason": "Only the bucket creator is allowed to access this api."
}
Is it even possible to get the File ID like in this example Forge how to Download File ?
Because this Solution requires a 3-Legged-Auth Flow which is not possible for a complete Automation.
The thing which makes me question is, that you can achieve this Workflow in plane Forge. But not in BIM360 where i have no control over the Buckets that are created by the System!?
I think this is an architectural missmatch between the Forge API and the BIM360 implementation!? Will there be a solution for this in the future?
Best regards
Jan
Unfortunately, I can confirm that it's not possible to create a signed URL for your BIM360 storage currently, as the error message mentioned, the endpoint requires the bucket owner to do this operation, this is what it is now. But I agree with you that this should be an architecture mismatch between Forge OSS and BIM360 implementation, and it's already been requested in our system, please keep "CPOSS-1066" to check with us about the progress.
As for the current way, you can keep the 3 legged token and using that for the output Url and also in the onComplete() callback, I have the blog post https://forge.autodesk.com/blog/upload-your-design-automation-output-file-bim360-docs which details the way to work, hope it helps at this moment.
I'm the administrator of a Bim360 Docs Hub,and i'm trying to retrieve some data from the forge API. I've already created a test app, and i get a Bim 360 Account Id.
I'm not able to get an authentication bearear token (OAuth), to make simple get requests towards projects.
Where do i get the auth token ?
Thanks
See tutorial here to aquire OAuth tokens and note that you will need different permutations of OAuth scopes (esp. data:read data:write etc.) for different operations, as is specified in the docs of each and every API, see an example here.
You may use a RESTful client like Postman to talk to our APIs and manage the authentication flow and operate on response data with JavaScript as you like so as to build workflows such as to create a new project.
Last but not least before you can access BIM360 APIs make sure you provision access to your app.
I have 2 different restful api-s, and I would like to use Tyk for gateway.
My plan is to have a common url (like: http://viktorservices) which can towards messages to those two api endpoints.
For example, the first api is a user manager api, and has an endpoint:
GET: http://localhost:8080/usermanager/users
And the other api is a car manager api, and it's endpoint:
GET: http://localhost:8081/carmanager/cars
Is it possible somehow, to upload a Swagger JSON for the Tyk Catalog (For developer portal) to be able to se only one API called: User and Car Manager?
And when I click on "View Documentation" in Tyk's developer site, all of the endpoints from both APIs are visible, grouped by their main API names?
I tried to put the two swagger jsons into one as an array, but then it is not visible on the Developer Site.
I am able to upload the swaggers one by one, but then I will have two API-s on the Dev site of Tyk.
I think the main point here is that developer portal documentation/swagger does not have to correlate with the actual APIs you have. Portal gets organized by catalogues/policies. So you can have multiple internal Tyk APIs, but expose them as the single catalog in Portal, by creating Policy which gives access to both APIs. So, just create new "public" swagger file for documentation purpose, which includes endpoints from both of your internal APIs.
Does it make sense?
I get an issue when I call endpoint Users import:
{fault.name} - The client_id specified does not have access to the api product
see attachment
note: when I use endpoint v1, I don't have problems. Also I use 2-legged token and can access anothers endpoint (ie: Add a project admin)
Please help me out of this problem.
I mean v2 of endpoints where I can't access (see attachments)
Best,
image_1
image_2
The reason mainly could be the following:
I don't think there is a V2 of BIM 360 API, or because you probably do not have an enable integration for the use of the BIM 360 API. You can check this post in order to get the necessary steps to request such access.
https://fieldofviewblog.wordpress.com/2017/08/18/no-custom-integrations-tab/
Here you can also read more about why do you need such access and why this specific API does not work in the same way as the other Forge services.
https://fieldofviewblog.wordpress.com/2017/01/17/bim-360-and-forge-overview/