Skip to main content
M
Manoj_Dokku414-Alexandrite
14-Alexandrite
July 17, 2024
Question

Is there any API to get the Logged-in Users' Access-Token as shown as a sample.

  • July 17, 2024
  • 2 replies
  • 1389 views

 

 

{
"access_token":"RsT5OjbzRn430zqMLgV3Ia",
"expires_in":3600
}

 

 

 

@HelesicPetr 

2 replies

Catalina
CatalinaCommunity Manager
Community Moderator
July 17, 2024

Hi @Manoj_Dokku4 

Thank you for your question!


Iā€™d like to recommend to bring more details and context to your initial inquiry. 

It also helps to have screenshot(s) to better understand what you are trying to do in your process. 

This will increase your chances to receive meaningful help from other Community members. 

 

Thank you,

Catalina

Community Moderator

Catalina | PTC Community Moderator
M
Manoj_Dokku414-AlexandriteAuthor
14-Alexandrite
July 18, 2024

if Windchill SSO is configured as below.

 

Windchill(Shibbleth) <-> PingFederate(SAM,OATH2)

HelesicPetr
22-Sapphire II
HelesicPetr22-Sapphire II
22-Sapphire II
July 18, 2024

Hi @Manoj_Dokku4 

I know only api to get CSRFToken

curl -X 'GET' \
 'https://server.com:443/Windchill/servlet/odata/v3/PTC/GetCSRFToken()' \
 -H 'accept: application/json'

also you can check if the CSRF is valid by java script

 

var CSRFProtector = Java.type('com.ptc.core.appsec.CSRFProtector');
CSRFProtector.checkNonce(data.getHttpRequest());

 

PS> i guess that access token is different token that is used by Shibbleth and I guess that this information could be in the HTTP request as a parameter

 

PetH 

M
Manoj_Dokku414-AlexandriteAuthor
14-Alexandrite
July 26, 2024

CSRF and JWT Tokens are different than Windchill Access token.

For the reference there is an article from PTC.

https://support.ptc.com/help/windchill_rest_services/r2.2/en/index.html#page/windchill_rest_services/oauth_for_wrs.html

but this architecture is a bit different from the once which is configured.

    Terms & ConditionsCookie settingsAccessibility statement