Introduction
Autodesk Platform Services (APS), formerly known as Forge, provides powerful APIs that enable developers to integrate Autodesk's cloud-based tools into their applications. Whether you're building solutions for visualization, collaboration, or data management, authentication is the gateway to unlocking APS's capabilities.
The APS Authentication SDK for .NET simplifies the process of implementing secure access to these services. It abstracts the complexities of OAuth 2.0, allowing developers to focus on building robust features rather than managing authentication details. With this SDK, you can seamlessly authenticate users, obtain access tokens, and manage secure sessions for your application.
In this blog post, we’ll guide you through setting up and using the APS Authentication SDK for .NET, covering:
- How to install and configure the SDK.
- Setting up your APS app credentials in the Autodesk Developer Portal.
- Authenticating users using the SDK's streamlined methods.
- Managing access tokens and implementing secure workflows.
Whether you're a seasoned .NET developer or new to APS, this guide will help you quickly get started with authentication and integrate Autodesk Platform Services into your application. Let's dive in!
Install and configure the SDK
Nuget.org is the best place allow you can look to overall package library published from Autodesk Platform Services .NET, today we just focus on Autodesk.Authentication
Create an App
Before an app can use APS APIs, you must register that app. APS then assigns a Client ID and a Client Secret to the app. The Client ID uniquely identifies the app. The Client Secret is similar to a password. You use it to validate your Client ID when obtaining an access token.
The tutorial you can take a look with the detail at Create an App
Set up Environment Variable
First of all, you need to open the edit Environment Variable from search
Authentication
2-legged OAuth
using Autodesk.SDKManager;
using Autodesk.Authentication.Model;
using Autodesk.Authentication;
string? client_id = System.Environment.GetEnvironmentVariable("APS_CLIENT_ID");
string? client_secret = System.Environment.GetEnvironmentVariable("APS_CLIENT_SECRET");
SDKManager sdkManager = SdkManagerBuilder
.Create() // Creates SDK Manager Builder itself.
.Build();
var _authClient = new AuthenticationClient(sdkManager);
TwoLeggedToken twoLeggedToken = await _authClient.GetTwoLeggedTokenAsync(client_id, client_secret,
new List<Scopes>() { Scopes.DataRead, Scopes.BucketRead });
3-Legged OAuth Authentication
The 3-Legged OAuth workflow is used to authenticate users and grant access to their Autodesk data securely. This approach involves user consent and requires both an authorization_code and a redirect_uri. Once the user approves your app's request, an authorization_code is returned, which can be exchanged for an access token.
This is particularly useful when building applications that need to interact with a user's private data in Autodesk services, such as BIM 360 or Fusion 360.
Some steps include :
- Register Your App same like tutorial on top.
- Generate the Authorization URL: Use the SDK to construct the authorization URL where users will grant consent.
string url = _authClient.Authorize(client_id, ResponseType.Code, redirectUri: redirect_uri,
new List<Scopes>() { Scopes.DataRead, Scopes.BucketRead });
- Exchange Authorization Code for Access Token: Once the user grants consent, they are redirected to the redirect_uri with an authorization_code. Use this code to request an access token.
Below is a complete example demonstrating the 3-Legged authentication flow:
ThreeLeggedToken threeLeggedToken =
await _authClient.GetThreeLeggedTokenAsync(client_id, client_secret, authorization_code, redirect_uri);
string threeLeggedToken_accesstoken = threeLeggedToken.AccessToken;
Assert.IsNotNull(threeLeggedToken_accesstoken);
Refresh Token
Refresh Token returns a new 3-legged access token using the refresh token provided in the request.
ThreeLeggedToken newToken = await _authClient.RefreshTokenAsync("refreshToken", client_id, client_secret);
Assert.IsNotNull(newToken.AccessToken);
Retrieves the list of public keys in the JWKS format (JSON Web Key Set). A public key is used to validate the asymmetric JWT signature of an OAuth 2.0 access token by an authorizing end user in both two-legged & three-legged context. From the list of keys returned to the response, identify the key to be used to validate a given token using the token’s kid (key ID) parameter.
OidcSpec oidcSpec = await _authClient.GetOidcSpecAsync();
Assert.IsNotNull(oidcSpec);
Get User Info
Fetches basic information for the given authenticated user. Only supports 3-legged access tokens.
UserInfo userInfo = await _authClient.GetUserInfoAsync(threeLeggedTokenAccesstoken);
Revoke Token
Takes an access token or refresh token and revokes it. Once the token is revoked, it becomes inactive and returns no body response.
A client can only revoke its own tokens.
HttpResponseMessage response = await _authClient.RevokeAsync(token, client_id, client_secret);
Limitation
- Some API is limit for BIM 360
- The latest version is under.NET8 at the time write post, so if you are using .NET Framework, that is bad news for you.
Reference
- https://chuongmep.com/posts/2024-05-07-get-3leg-aps-with-csharp.html
- https://github.com/autodesk-platform-services/aps-sdk-net.git
- https://portal.productboard.com/autodeskforge/20-autodesk-platform-services-roadmap/tabs/52-in-progress
- https://aps.autodesk.com/en/docs/oauth/v2/reference/dot-net-sdk/Autodesk.Authentication/
- https://aps.autodesk.com/blog/migrating-new-aps-net-sdk
Top comments (0)