Community Tip - You can change your system assigned username to something more personal in your community settings. X
I know only api to get CSRFToken
curl -X 'GET' \
'https://server.com:443/Windchill/servlet/odata/v3/PTC/GetCSRFToken()' \
-H 'accept: application/json'
also you can check if the CSRF is valid by java script
var CSRFProtector = Java.type('com.ptc.core.appsec.CSRFProtector');
CSRFProtector.checkNonce(data.getHttpRequest());
PS> i guess that access token is different token that is used by Shibbleth and I guess that this information could be in the HTTP request as a parameter
PetH
Hi @Manoj_Dokku4
Thank you for your question!
I’d like to recommend to bring more details and context to your initial inquiry.
It also helps to have screenshot(s) to better understand what you are trying to do in your process.
This will increase your chances to receive meaningful help from other Community members.
Thank you,
Catalina
Community Moderator
if Windchill SSO is configured as below.
Windchill(Shibbleth) <-> PingFederate(SAM,OATH2)
I know only api to get CSRFToken
curl -X 'GET' \
'https://server.com:443/Windchill/servlet/odata/v3/PTC/GetCSRFToken()' \
-H 'accept: application/json'
also you can check if the CSRF is valid by java script
var CSRFProtector = Java.type('com.ptc.core.appsec.CSRFProtector');
CSRFProtector.checkNonce(data.getHttpRequest());
PS> i guess that access token is different token that is used by Shibbleth and I guess that this information could be in the HTTP request as a parameter
PetH