29 Nov 2018
In a recent interaction with a Forge customer, we noticed that all of their resources are stored in a server protected with user login credentials, unlike generic cloud storage service providers which follow oAuth bearer token authorization to access files from their respective cloud storage. These home grown servers follow the rules of basic access authentication.
For example, when you try access a drawing resource, a login window pops up, breaking the design automation workflow. In order to continue the workflow, the design automation service must be able to understand relevant authorization information.
So to use Basic Authentication, a header is added to the HTTP Request. It looks like this:
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==, where "QWxhZGRpbjpvcGVuIHNlc2FtZQ==" is just "username:password" encoded in Base64
A typical Workitem payload with Basic Authentication passed in Header:
{
"Arguments": {
"InputArguments": [
{
"Resource": "http://120.138.8.50:8080/drawings/1543468882182_FloorPlanSample_Master.dwg",
"Name": "HostDwg",
"Headers": [
{
"Name": "Authorization",
"Value": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
}
]
}
],
"OutputArguments": [
{
"Name": "Result",
"HttpVerb": "POST"
}
]
},
"ActivityId": "PlotToPDF"
}As I discussed above, the value QWxhZGRpbjpvcGVuIHNlc2FtZQ== in Headers is a base64 encode of username:password [Note: a colon between the username & password is important. The encoded value should be prefixed with Basic].
A technology agnostic, constant learner, and a Forge advocate who works primarily on AutoCAD and Forge Design Automation using both desktop and cloud programming techniques. He has been with Autodesk since 2013, started his career as C++ programmer, explored everything that has come in his way be it Lisp or Wix, passionate about modern technologies and loves troubleshooting. In his free time if not on desk, he...