Class AuthenticationClient
Namespace: Autodesk.Authentication
Assembly: Autodesk.Authentication.dll
Represents a collection of functions to interact with the API endpoints
public class AuthenticationClient
Inheritance
Inherited Members
object.Equals(object) , object.Equals(object, object) , object.GetHashCode() , object.GetType() , object.MemberwiseClone() , object.ReferenceEquals(object, object) , object.ToString()
Constructors
AuthenticationClient(SDKManager)
public AuthenticationClient(SDKManager sDKManager)
Parameters
sDKManager
SDKManager
Methods
GetKeysAsync(bool)
Operation: Get JWKS
public Task<Jwks> GetKeysAsync(bool throwOnError = true)
Parameters
throwOnError
bool
Returns
Remarks
Returns a set of public keys in the JSON Web Key Set (JWKS) format.
Public keys returned by this operation can be used to validate the asymmetric JWT signature of an access token without making network calls. It can be used to validate both two-legged access tokens and three-legged access tokens.
See the Developer’s Guide topic on Asymmetric Signing for more information.
Exceptions
Thrown when fails to make API call
GetOidcSpecAsync(bool)
Operation: Get OIDC Specification
public Task<OidcSpec> GetOidcSpecAsync(bool throwOnError = true)
Parameters
throwOnError
bool
Returns
Remarks
Returns an OpenID Connect Discovery Specification compliant JSON document. It contains a list of the OpenID/OAuth endpoints, supported scopes, claims, public keys used to sign the tokens, and other details.
Exceptions
Thrown when fails to make API call
GetThreeLeggedTokenAsync(string, string, string, string, string, bool)
Operation: Acquire Three Legged Token
public Task<ThreeLeggedToken> GetThreeLeggedTokenAsync(string clientId, string code, string redirectUri, string clientSecret = null, string codeVerifier = null, bool throwOnError = true)
Parameters
clientId
string
The Client ID of the calling application, as registered with APS.
code
string
The authorization code that was passed to your application when the user granted access permission to your application. It was passed as the code
parameter to the redirect URI when you called Authorize User .
redirectUri
string
The URI that APS redirects users to after they grant or deny access permission to the application. Must match the Callback URL for the application registered with APS.
clientSecret
string
The Client secret of the calling application, as registered with APS. Note The clientSecret is required only for Traditional Web Apps and Server-to-Server Apps. It is not required for Desktop, Mobile, and Single-Page Apps. (optional)
codeVerifier
string
A random URL-encoded string between 43 characters and 128 characters. In a PKCE grant flow, the authentication server uses this string to verify the code challenge that was passed when you called Authorize User . Required if code_challenge
was specified when you called Authorize User . (optional)
throwOnError
bool
Returns
Remarks
Returns a 3-legged access token. This operation has a rate limit of 500 calls per minute.
Exceptions
Thrown when fails to make API call
GetTwoLeggedTokenAsync(string, string, List<Scopes>, bool)
Operation: Acquire Two Legged Token
public Task<TwoLeggedToken> GetTwoLeggedTokenAsync(string clientId, string clientSecret, List<Scopes> scopes, bool throwOnError = true)
Parameters
clientId
string
The Client ID of the calling application, as registered with APS.
clientSecret
string
The Client secret of the calling application, as registered with APS.
A list of requested scopes. See the Developer’s Guide documentation on scopes for a list of valid values you can provide.
throwOnError
bool
Returns
Remarks
Returns a 2-legged access token. This operation has a rate limit of 500 calls per minute.
Exceptions
Thrown when fails to make API call
GetUserInfoAsync(string, bool)
Operation: Get User Info
public Task<UserInfo> GetUserInfoAsync(string authorization, bool throwOnError = true)
Parameters
authorization
string
The 3-legged access token of the currently logged in user.
throwOnError
bool
Returns
Task of ApiResponse<UserInfo>
Remarks
Retrieves information about the authenticated user.
Exceptions
Thrown when fails to make API call
IntrospectTokenAsync(string, string, string, bool)
Operation: Introspect Token
public Task<IntrospectToken> IntrospectTokenAsync(string token, string clientId, string clientSecret = null, bool throwOnError = true)
Parameters
token
string
The token to be introspected. (optional)
clientId
string
The Client ID of the calling application, as registered with APS.
clientSecret
string
The Client secret of the calling application, as registered with APS. Note The clientSecret is required only for Traditional Web Apps and Server-to-Server Apps. It is not required for Desktop, Mobile, and Single-Page Apps. (optional)
throwOnError
bool
Returns
Remarks
Returns metadata about the specified access token or reference token.
An application can only introspect its own tokens.
This operation has a rate limit of 500 calls per minute.
Exceptions
Thrown when fails to make API call
Logout(string)
Operation: Logout
public string Logout(string postLogoutRedirectUri = null)
Parameters
postLogoutRedirectUri
string
The URI to redirect your users to once logout is performed. If you do not specify this parameter your users are redirected to the Autodesk Sign-in page.
Note: You must provide a redirect URI that is pre-registered with APS. This precaution is taken to prevent unauthorized applications from hijacking the logout process. (optional)
Returns
Remarks
Signs out the currently authenticated user from the APS authorization server. Thereafter, this operation redirects the user to the postLogoutRedirectUri
, or to the Autodesk Sign-in page when no postLogoutRedirectUri
is provided.
This operation has a rate limit of 500 calls per minute.
Exceptions
Thrown when fails to make API call
RefreshTokenAsync(string, string, string, List<Scopes>, bool)
Operation: Acquire Refresh Token
public Task<ThreeLeggedToken> RefreshTokenAsync(string clientId, string clientSecret, string refreshToken, List<Scopes> scopes = null, bool throwOnError = true)
Parameters
clientId
string
The Client ID of the calling application, as registered with APS.
clientSecret
string
The Client secret of the calling application, as registered with APS. Note The clientSecret is required only for Traditional Web Apps and Server-to-Server Apps. It is not required for Desktop, Mobile, and Single-Page Apps. (optional)
refreshToken
string
A URL-encoded space-delimited list of requested scopes. See the Developer’s Guide documentation on scopes for a list of valid values you can provide. If specified, scopes have to be primarily same with or a subset of the scopes used to generate the refresh_token.(optional)
throwOnError
bool
Returns
Task of <ThreeLeggedToken>
Remarks
Returns a new 3-legged access token using the refresh token provided in the request. This operation has a rate limit of 500 calls per minute.
Exceptions
Thrown when fails to make API call
RevokeAsync(string, string, string, TokenTypeHint, bool)
Operation: Revoke Token
public Task<HttpResponseMessage> RevokeAsync(string token, string clientId, string clientSecret = null, TokenTypeHint tokenTypeHint = TokenTypeHint.AccessToken, bool throwOnError = true)
Parameters
token
string
The token to be revoked.
clientId
string
The Client ID of the calling application, as registered with APS.
clientSecret
string
The Client secret of the calling application, as registered with APS. Note The clientSecret is required only for Traditional Web Apps and Server-to-Server Apps. It is not required for Desktop, Mobile, and Single-Page Apps. (optional)
tokenTypeHint
TokenTypeHint
A refresh token or access token.
throwOnError
bool
Returns
Remarks
Revokes an active access token or refresh token.
An application can only revoke its own tokens.
This operation has a rate limit of 100 calls per minute.
Exceptions
Thrown when fails to make API call