cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - You can subscribe to a forum, label or individual post and receive email notifications when someone posts a new topic or reply. Learn more! X

Future proofing REST API calls

Michail
10-Marble

Future proofing REST API calls

In the PTC article, it is stated that the 'appKey as URL parameter' feature will soon be depreciated. How to construct a REST API call with authorisation so that it would work with future versions of ThingWorx?

3 REPLIES 3
sharmon
13-Aquamarine
(To:Michail)

Pass the appkey as a header, instead of a URL parameter. Here's an example cURL call for getting a property for a Thing. (The items in curly braces are substitution variables, which works out great, as I don't have to obfuscate anything.):

curl -X GET \

  https://{{host}}{{port}}/Thingworx/Things/BikeSeatThing/Properties/BikeSeatLoad \

  -H 'accept: application/json' \

  -H 'appkey: {{appKey}}'

I used cURL for my example because it's so common. The technique is applicable across tools that make HTTP calls, though. Just construct your call so appkey is a header, not a URL parameter.

Michail
10-Marble
(To:sharmon)

Thank you Stephen Harmon​, I thought that passing an appKey in the header will be depreciated as well.

sharmon
13-Aquamarine
(To:Michail)

Huh. Not that I know of. I do know we're going to start specifically ignoring that URL parameter (unless you configure your ThingWorx instance otherwise, which is not advised). It's not out of the realm of possibility that we'll introduce new authentication methods for REST calls in future releases. I think the header method will work longer than the URL parameter method will, though.

Does anyone else in the community know about plans for the appkey header? In the meantime, I'll ask around.

Announcements


Top Tags