Hi,
I'm writing a program which extract informations from PW datasource, using the Web Services Gateway.
We use Bentley IMS to connect to datasource, so I want to use the same method. The documentation mention Bentley STS and OAuth2, but is not very precise and I don't find a way to achieve that :
All requests having a {RepositoryId} parameter must have one of the following:
Does anyone can explain how to configure the header using the token, or give an example ?
Thanks
Benjamin
I've just been doing some work in this area and it was pointed out that there has been no answer to this.Here's a very simple PowerShell script using WSG to download files. You will need at least version 1.11.2.0 of PWPS_DAB to run this script.
$wsgURL = 'decide-pwce-us-ws.bentley.com/.../Bentley.PW--'$dsn = 'decide-pwce-us.bentley.com~3Adecide-pwce-us-10'$class = 'PW_WSG/Document'$id = '560ff1f5-bcab-4527-916b-6d240e0c45f8'
# $downloadUrl = 'decide-pwce-us-ws.bentley.com/.../$file'
$downloadUrl = "$wsgURL$dsn/$class/$id/" + '$file'
# requires federated account$token2 = Get-PWConnectionClientToken -ConnectedProjectUser dave.brumbaugh@eagle.bentley.com -ConnectedProjectPassword (Read-Host -Prompt Password -AsSecureString)
# just for information to see the underlying SAMLConvertFrom-EncodedToken $token2
$random = Get-RandomString -Length 10 -Characters "abcdefghijklmnopqrstuvwxyz"
Invoke-WebRequest -Method Get -Uri $downloadUrl -Headers @{Authorization = 'Token ' + $token2} -OutFile ("c:\temp\" + ($random) + ".pdf")
# alternative method for connecting to WSG with logical user account$logicalToken = Get-EncodedLogicalToken -User "MyUser" -Password (Read-Host -Prompt Password -AsSecureString)
Invoke-WebRequest -Method Get -Uri $downloadUrl -Headers @{Authorization = 'Basic ' + $logicalToken} -OutFile ("c:\temp\" + ($random) + ".pdf")
Hi Dave,
Thank you for this workaround, it works but now my problem is to get the token, because I need to be able to use other language than powershell (like python).
Currently my workaround is every week I have to use Get-PWConnectionClientToken from pwps_dab to get a token and store it in a file. Then I can read it from my script and use it.
It's not convenient and not secure.
It would be much better if I could directly get the token from Bentley IMS using oauth2 / imsoidc. But I'm very not familiar with that, and I didn't find any documentation from bentley.
Our goal is to integrate our in-house applications with ProjectWise. And we want to do it using Rest API, because some of apps are desktop apps, but other are web apps.
We have a significant project coming up that is looking for OAuth2 authentication agaisnt the PW WSG. Has there been any progress on this?
Sorry, Damian. This fell off my radar. I will get some of the guys to start looking at it. Dave.
Damian, did you consider using ProjectWise Flow connector (https://us.flow.microsoft.com/en-us/connectors/shared_bentley/projectwise-design-integration/) via either Microsoft Flow or Azure Logic Apps? This is probably not exactly answering this question but I hope it may help. Please let me know if you have further questions about capabilities and use of the connector.
Hi Audrius,
I have a use case (real) :
My issue is, since we only use IMS accounts, and we are federated, currently I don't know how to get a token directly from my script.
I have to use a powershell cmdlet from pwps_dab to get a token from the connection client, store it in a file, and then use it in my script.
In fact I would like to understand how to implement almost the same authentication method that you used for the Flow connector.
Benjamin, thanks for sharing your use case.
I have no answer for how to get token as this is not my area of expertise. All I can say is that OAuth2 is currently only supported via Flow and it is not easily available for other applications.
Using Flow connector would certainly be a secure way and it would take care of handling connections. I have flows (same can be done with Logic Apps) that are running for months without needing any attention.
If you would consider using Flow connector for extracting data for PowerBI, here are points worth knowing:
Hope this helps.
Thank you for sharing the information.
In any case this new release of the Flow connector looks very promising.
Hi All,Thank you Benjamin for your post and questions: I am in a similar situation, trying to obtain an access token only with regular REST calls.Did you find a solution eventually?@Bentley Why does it have to be so hard?The Flow connector must be doing this internally. @Audrius, maybe you can ask your developer colleagues to answer this post and document the query (url, headers, body) to the token endpoint, so that the rest of us do not have to waste so much time with workarounds.Thank you