cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - You can change your system assigned username to something more personal in your community settings. X

Is there any API to get the Logged-in Users' Access-Token as shown as a sample.

Go to solution
Manoj_Dokku4
11-Garnet
11-Garnet
‎Jul 17, 2024 09:06 AM
‎Jul 17, 2024 09:06 AM

Is there any API to get the Logged-in Users' Access-Token as shown as a sample.

 

 

{
"access_token":"RsT5OjbzRn430zqMLgV3Ia",
"expires_in":3600
}

 

 

 

@HelesicPetr 

Labels:
0 Kudos
Notify Moderator
1 ACCEPTED SOLUTION

Accepted Solutions
HelesicPetr
22-Sapphire I
22-Sapphire I
(To:Manoj_Dokku4)
‎Jul 18, 2024 03:36 AM
‎Jul 18, 2024 03:36 AM

Hi @Manoj_Dokku4 

I know only api to get CSRFToken

curl -X 'GET' \
  'https://server.com:443/Windchill/servlet/odata/v3/PTC/GetCSRFToken()' \
  -H 'accept: application/json'

also you can check if the CSRF is valid by java script

 

var CSRFProtector = Java.type('com.ptc.core.appsec.CSRFProtector');
CSRFProtector.checkNonce(data.getHttpRequest());

 

PS> i guess that access token is different token that is used by Shibbleth and I guess that this information could be in the HTTP request as a parameter

 

PetH 

AVENG

View solution in original post

0 Kudos
Notify Moderator
3 REPLIES 3
Catalina
Moderator
Moderator
(To:Manoj_Dokku4)
‎Jul 17, 2024 10:12 AM
‎Jul 17, 2024 10:12 AM

Hi @Manoj_Dokku4 

Thank you for your question!


I’d like to recommend to bring more details and context to your initial inquiry. 

It also helps to have screenshot(s) to better understand what you are trying to do in your process. 

This will increase your chances to receive meaningful help from other Community members. 

 

Thank you,

Catalina

Community Moderator

Catalina
PTC Community Moderator
0 Kudos
Notify Moderator
Manoj_Dokku4
11-Garnet
11-Garnet
(To:Manoj_Dokku4)
‎Jul 18, 2024 03:25 AM
‎Jul 18, 2024 03:25 AM

if Windchill SSO is configured as below.

 

Windchill(Shibbleth) <-> PingFederate(SAM,OATH2)

0 Kudos
Notify Moderator
HelesicPetr
22-Sapphire I
22-Sapphire I
(To:Manoj_Dokku4)
‎Jul 18, 2024 03:36 AM
‎Jul 18, 2024 03:36 AM

Hi @Manoj_Dokku4 

I know only api to get CSRFToken

curl -X 'GET' \
  'https://server.com:443/Windchill/servlet/odata/v3/PTC/GetCSRFToken()' \
  -H 'accept: application/json'

also you can check if the CSRF is valid by java script

 

var CSRFProtector = Java.type('com.ptc.core.appsec.CSRFProtector');
CSRFProtector.checkNonce(data.getHttpRequest());

 

PS> i guess that access token is different token that is used by Shibbleth and I guess that this information could be in the HTTP request as a parameter

 

PetH 

AVENG
0 Kudos
Notify Moderator
Top Tags