cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Thingwporx appkey encryption and use in a Thingworx REST API call

SM_9588025
Regular Member

Thingwporx appkey encryption and use in a Thingworx REST API call

Hi All,

We are calling Thingworx API from a AWS SNS topic when messages arrive at the topic. Currently we are using the APPKey in the REST API call from the SNS endpoint configuration. Is it possible to encrypt the APPKey and send it as an encrypted version in the endpoint configuration in the  SNS. For security purpose we have restricted to specific users only but still that poses a danger if the Appkey is exposed somehow.

Tags (2)
1 REPLY 1

Re: Thingwporx appkey encryption and use in a Thingworx REST API call

Hello @SM_9588025 ,

 

Application keys are security tokens encrypted in the ThingWorx database that can be used to log in to the ThingWorx application instead of using standard credentials.
You can pass application key tokens on the header in the URL of a request. The request is run using the security context of the user associated with the application key.
By default, a session is not created when a request is made using an application key.
This is the recommended way for other systems and applications to make a request to the ThingWorx application.

Reference doc at Application Keys

 

Hope it helps,

Announcements

Check out the upcoming Expert Session: Understanding ThingWorx Navigate Licensing in Community "Customer Events" section.