In order for a device to send data to the Platform, it needs to be authenticated. One authentication method is to use an Application Key. Application Keys, or appKeys, are security tokens used for authentication in ThingWorx. They are associated with a given User and have all of the permissions granted to the User with which they are associated. This is one of the most common ways of assigning permission control to a connected device. NOTE: This guide's content aligns with ThingWorx 9.3. The estimated time to complete this guide is 30 minutes.
Step 1: Learning Path Overview
This guide explains the steps to create a ThingWorx Application Key, and is part of a Learning Path.
You can use this guide independently from the full Learning Path. If you want to learn to create a ThingWorx Application Key, this guide will be useful to you. When used as part of the Industrial Plant Learning Path, you should already have installed ThingWorx Kepware Server. We will use the Application Key to send information from ThingWorx Kepware Server into ThingWorx Foundation.
Other guides demonstrate Foundation's Mashup Builder to construct a website dashboard that displays information from ThingWorx Kepware Server. We hope you enjoy this Learning Path.
Step 2: Create Application Key
Application Keys are assigned to a specific User for secure access to the platform.
Using the Application Key for the default User (Administrator) is not recommended. If administrative access is absolutely necessary, create a User and place the User as a member of the SecurityAdministrators and Administrators User groups.
Create the User the Application Key will be assigned to.
1. On the Home screen of Composer click + New.
2. In the dropdown list, click Applications Key.
3. Give your application key a name (i.e. MyAppKey).
4. If Project is not already set, click the + in the Project text box and select the PTCDefaultProject.
5. Set the User Name Reference to a User you created.
6. Update the Expiration Date field, otherwise it will default to 1 day.
7. Click Save.
A Key ID has been generated and can be used to make secure connections.
IP Whitelisting for Application Keys
One of the features of an Application Key is the ability to set an IP whitelist. This allows the server to specify that only certain IP addresses should be able to use a given Key ID for access. This is a great way to lock down security on the platform for anything that will maintain a static IP address.
For example, connected Web-based business systems may have a static IP from which all calls should be made. Similarly, you can use wildcards to specify a network to narrow the range of IP addresses allowed while still offering some flexibility for devices with dynamic IP addresses.
Extremely mobile devices should likely not attempt to implement this, however, as they will often change networks and IP addresses and may lose the ability to connect when the IP whitelist feature is used.
Interact with Application Keys Programmatically
Returns the ID of this Application Key
Get the username associated with this Application Key
Returns if this Application Key is expired
Resets the expiration date of the Application Key to the default time based on configuration in the UserManagement subsystem
Sets the client name for this Application Key
Sets the expiration date of this Application Key to a provided date
Sets the values for the IP whitelist for this Application Key
Sets the associated user name for this Application Key
Tip: To learn more about Application Keys, refer to the Help Center
Step 3: Next Steps
Congratulations! You have successfully created an application key. We hope you found this guide useful.