I've use Rest API calls on the same thingworxserver in order to "impersonate" de current user to a user which has Application Keys creation permissions (current users shoudn't have this kind of permissions).
Could you please explain what exactly is the purpose of doing this. Also, isn't it insecure to pass around appKeys between the client and the Twx application?
I'm not passing around appKeys between client and server, I'm doing it from localhost to localhost (server side), there isn't network transfer related information, also I'm passing the appKey on the Post content not on the URL.
I'm not passing around appKeys between client and server, I'm doing it from localhost to localhost (server side), there isn't network transfer related information, also I'm passing the appKey on the Post content not on the URL.
If the response provided by @CarlesColl answered your question, please mark it as the Accepted Solution for the benefit of others with the same question.
