To use Smart API Manager as your authentication server, you make changes to the configuration files on both the application server and the Web Client server.
Application Server Configuration
The web.config file in the application server directory needs to be modified to include the settings from your Smart API.
<intergraph.webApi>
<security>
<oauth issuer="https://[SAM_SERVER]/oauth" requiredScopes="ingr.api" />
<cors allowedOrigins="[ALLOWED_ORIGINS]" allowedMethods="*" allowedHeaders="*" exposedHeaders="" allowCredentials="true" preflightMaxAge="600" />
</security>
<services baseUri="">
<service prefix="api" id="[SAM_API_ID]" secret="[SAM_API_SECRET]" instance="" />
</services>
</intergraph.webApi>
The placeholders in the code snippet are defined below:
SAM_SERVER - Name of the Smart API Manager server
ALLOWED_ORIGINS - List of domains (with transport protocol) that are allowed to access this resource
SAM_API_ID - Smart API ID associated with this resource
SAM_API_SECRET - Smart API secret generated for this Smart API
Web Client Configuration
The Web Client settings.json file needs to be modified to include the following settings:
AUTHORIZATION_CLIENT_ID - Smart Client ID, created in SAM, associated with this resource
AUTHORIZATION_DUMMYCLIENTSECRET - Smart Client Secret, created in SAM during API client creation
AUTHORIZATION_IDENTITYPROVIDER - Can be set to a specific Identity Provider ID
AUTHORIZATION_USEPKCE – Set to true, indicates to the client that Authorization Code with PKCE is to be used rather than implicit flow