1

I am developing an app using forge viewer API. Currently, we are displaying 3d model stored in my own bucket, for that we are using only 2 legged token Oauth.

Some of our clients are using BIM360 document, so we got their model URNs by using document derivatives API and we set up the viewer with this URN. The method is similar to the following: Creating a viewer application with an URN from Autodesk A360 but with BIM360.

I implemented 3 legged token Oauth for using forge viewer with this kind of URN. Both authorization methods are used, so I would like to find a way to manage token workflow. To ask or test if I need 2 or 3 legged tokens.

  • Do there is a request to know the authentification required to read an urn with forge viewer?

Also, I tried to display URN from BIM360 document and I noticed that do not need a 3 legged token, after all, just a 2 legged token is necessary.

  • Do you know why?
LouisC
  • 11
  • 1

1 Answers1

2

Can tell if one Forge API/endpoints require 2 or 3 legged authentication by the Authentication Context description at the start of the documentation, say: enter image description here (2 legged required and 3 legged optional)

enter image description here (2 legged only)

enter image description here (3 legged required)

Usually for endpoints that requires user specific data 3 legged authentication is mandatory so user can explicitly approve your app to access their data with specified scopes (access level).

Bryan Huang
  • 5,247
  • 2
  • 15
  • 20