API Authentication
The Vault Data API supports following authentication mechanisms:
- Vault Account
- Windows Account
- Autodesk Account
Authenticating using Vault Account
Vault Account is a user account that is created and managed within the Vault server. To create a Session using Vault Account credentials, you need to provide the username and password associated with the account.
Request
curl -v 'https://test.vg.autodesk.com/AutodeskDM/Services/api/vault/v2/sessions' \
-X 'POST' \
-H 'Content-Type: application/json'\
-H 'Accept: application/json'\
-d '{
"input": {
"vault": "Vault",
"userName": "TestAccount",
"password": "Test123456!",
"appCode": "TC"
}
}'
Response
{
"id": "aac1705d-8956-4fba-962c-4d2b6bfaf398",
"accessToken": "V:aac1705d-8956-4fba-962c-4d2b6bfaf398",
"createDate": "2024-10-21T07:56:45.2277149Z",
"vaultInformation": {
"id": "117",
"name": "Vault",
"url": "/AutodeskDM/Services/api/vault/v2/vaults/117"
},
"userInformation": {
"id": "65",
"name": "TestAccount",
"email": "VaultAPITest@outlook.com",
"authTypes": "Vault, Autodesk",
"createDate": "2024-06-27T06:29:20.183Z",
"isActive": true,
"url": "/AutodeskDM/Services/api/vault/v2/users/65"
},
"url": "/AutodeskDM/Services/api/vault/v2/sessions/aac1705d-8956-4fba-962c-4d2b6bfaf398"
}
In this example, note the accessToken value - V:aac1705d-8956-4fba-962c-4d2b6bfaf398
. This token needs to be passed for any endpoints which require ‘Authentication Context’
Following is an example which demonstrates how to invoke an endpoint which requires Authentication context using the accessToken:
Request
curl -v 'https://test.vg.autodesk.com/AutodeskDM/Services/api/vault/v2/users?limit=2' \
-X 'GET' \
-H 'Accept: application/json'\
-H 'Authorization: Bearer V:aac1705d-8956-4fba-962c-4d2b6bfaf398'
Response
{
"pagination": {
"limit": 2,
"totalResults": 159,
"nextUrl": "/AutodeskDM/Services/api/vault/v2/users?limit=2&cursorState=SQBkAEMAdQByAHMAbwByAC0AdgAxADoAMwA_",
"indexingStatus": "NA"
},
"results": [
{
"id": "2",
"name": "Administrator",
"systemName": "Administrator",
"email": "",
"authTypes": "Vault",
"createDate": "2013-10-17T20:18:13.19Z",
"isActive": true,
"url": "/AutodeskDM/Services/api/vault/v2/users/2"
},
{
"id": "3",
"name": "Guest",
"systemName": "Guest",
"email": "",
"authTypes": "Vault",
"createDate": "2013-10-17T20:18:13.313Z",
"isActive": true,
"url": "/AutodeskDM/Services/api/vault/v2/users/3"
}
]
}
Authenticating using Windows Account
A Vault user account can be linked with a Windows Active Directory account, allowing the user to utilize their Windows credentials to create a session with the Vault Data API.
This is similar to the Vault Account, with one key difference: user credentials are not sent as part of the request payload. Instead, when the client tries to access this endpoint, the server issues an authentication challenge (using the NTLM Authentication Protocol). The client must handle this challenge, for example, the browser may prompt the user to enter their Windows credentials. Once the server validates the user credentials and confirms that the user account has Windows authentication enabled, it will issue session information, such as an accessToken. This accessToken can then be used in any API that requires an Authorization header.
Request
curl -v 'https://test.vg.autodesk.com/AutodeskDM/Services/api/vault/v2/sessions/win-auth' \
-X 'POST' \
-H 'Content-Type: application/json'\
-H 'Accept: application/json'\
--ntlm\
-u '<domain>\<user>:<password>' \
-d '{
"input": {
"vault": "Vault",
"appCode": "TC"
}
}'
Response
{
"id": "aac1705d-8956-4fba-962c-4d2b6bfaf398",
"accessToken": "V:aac1705d-8956-4fba-962c-4d2b6bfaf398",
"createDate": "2024-10-21T07:56:45.2277149Z",
"vaultInformation": {
"id": "117",
"name": "Vault",
"url": "/AutodeskDM/Services/api/vault/v2/vaults/117"
},
"userInformation": {
"id": "65",
"name": "TestAccount",
"email": "VaultAPITest@outlook.com",
"authTypes": "Vault, Autodesk",
"createDate": "2024-06-27T06:29:20.183Z",
"isActive": true,
"url": "/AutodeskDM/Services/api/vault/v2/users/65"
},
"url": "/AutodeskDM/Services/api/vault/v2/sessions/aac1705d-8956-4fba-962c-4d2b6bfaf398"
}
Authenticating using Autodesk Account
An Autodesk Account is a user account that is created and managed by Autodesk. In Vault Server, you can add an Autodesk account mapping for a new/existing user and please refer to this documentation for additional details: Add an Authentication Account to a User Profile
The Vault Data API endpoint supports implicit Autodesk Account
authentication wherein the three-legged token needs to be passed in the Authorization field for any endpoints which require ‘Authentication Context’.
For example, assuming Autodesk Account Mapping is done for the user, the first step is to generate a token using the three-legged OAuth flow.
Assuming the token retrieved from this step is "eyJhbGciOiJSUzI1NiIsImtpZCI6IlU3c0dGRldUTzlBekNhSzBqZURRM2dQZXBURVdWN2VhIn0.eyJzY29wZSI6WyJkYXRhOnJlYWQiXSwiY2xpZW50X2lkIjoiRjZEbjh5cGVtMWo4UDZzVXo4SVgzcG1Tc09BOTlHVVQiLCJpc3MiOiJodHRwczovL2RldmVsb3Blci5hcGkuYXV0b2Rlc2suY29tIiwiYXVkIjoiaHR0cHM6Ly9hdXRvZGVzay5jb20iLCJqdGkiOiJUaDZMbWVLdzN2c0ZxSTNPR0hrUmhxUG9rTXJnR1RPanhjUW1hQXlRS2RnU1VTbzV5cEY5dTZqekM4UmwwVnNBIiwidXNlcmlkIjoiM1hWU0w3MkpMMlU1IiwiZXhwIjoxNjY5ODY5MDQ1fQ.diknPiZfHDSmgl3iPuQgXMZQhCRBVQGyvj3e0GCRQtSUjE5pVnm6a7PnGJwcrvnsaV7wrNOGi_dPDcQW_pYyrQV925kKtV4GYLLrrf639s0wpdlj7nHJGPgy_oRu4pFTSBtj5qW6i3hIaujtVtzLc9DtvKAWYPRSq-_j9niibM1TrLc_6mrIse-jtQP6qkmWj7IzZPxgX947_4rYW06-Vzb4Yyu1VlmGs7A1koUPMIp2N4RUTGzUyM1z9xszqQHZBkznKRVZVJOkzO6kHyAFWr3ksYgRNdGU2zY_x_OTe3MW4uBfLgQTw-Eo5xsc7a87xvX7vSDfl14ctwwE8lMnBw"
Following is an example which demonstrates how to invoke an endpoint which requires Authentication context using the token:
Request
curl -v 'https://test.vg.autodesk.com/AutodeskDM/Services/api/vault/v2/users?limit=2' \
-X 'GET' \
-H 'Accept: application/json'\
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IlU3c0dGRldUTzlBekNhSzBqZURRM2dQZXBURVdWN2VhIn0.eyJzY29wZSI6WyJkYXRhOnJlYWQiXSwiY2xpZW50X2lkIjoiRjZEbjh5cGVtMWo4UDZzVXo4SVgzcG1Tc09BOTlHVVQiLCJpc3MiOiJodHRwczovL2RldmVsb3Blci5hcGkuYXV0b2Rlc2suY29tIiwiYXVkIjoiaHR0cHM6Ly9hdXRvZGVzay5jb20iLCJqdGkiOiJUaDZMbWVLdzN2c0ZxSTNPR0hrUmhxUG9rTXJnR1RPanhjUW1hQXlRS2RnU1VTbzV5cEY5dTZqekM4UmwwVnNBIiwidXNlcmlkIjoiM1hWU0w3MkpMMlU1IiwiZXhwIjoxNjY5ODY5MDQ1fQ.diknPiZfHDSmgl3iPuQgXMZQhCRBVQGyvj3e0GCRQtSUjE5pVnm6a7PnGJwcrvnsaV7wrNOGi_dPDcQW_pYyrQV925kKtV4GYLLrrf639s0wpdlj7nHJGPgy_oRu4pFTSBtj5qW6i3hIaujtVtzLc9DtvKAWYPRSq-_j9niibM1TrLc_6mrIse-jtQP6qkmWj7IzZPxgX947_4rYW06-Vzb4Yyu1VlmGs7A1koUPMIp2N4RUTGzUyM1z9xszqQHZBkznKRVZVJOkzO6kHyAFWr3ksYgRNdGU2zY_x_OTe3MW4uBfLgQTw-Eo5xsc7a87xvX7vSDfl14ctwwE8lMnBw'
Response
{
"pagination": {
"limit": 2,
"totalResults": 159,
"nextUrl": "/AutodeskDM/Services/api/vault/v2/users?limit=2&cursorState=SQBkAEMAdQByAHMAbwByAC0AdgAxADoAMwA_",
"indexingStatus": "NA"
},
"results": [
{
"id": "2",
"name": "Administrator",
"systemName": "Administrator",
"email": "",
"authTypes": "Vault",
"createDate": "2013-10-17T20:18:13.19Z",
"isActive": true,
"url": "/AutodeskDM/Services/api/vault/v2/users/2"
},
{
"id": "3",
"name": "Guest",
"systemName": "Guest",
"email": "",
"authTypes": "Vault",
"createDate": "2013-10-17T20:18:13.313Z",
"isActive": true,
"url": "/AutodeskDM/Services/api/vault/v2/users/3"
}
]
}