2-Legged OAuth Tutorial

This tutorial describes the basic steps of authenticating into Fusion Manage using a 2-legged OAuth token. This is commonly used in integrations, where no user interaction is required (“server talking to server” situations).

1. Get started

1. Sign in to Autodesk Platform Services (APS).

2. Read the overview of the platform.

3. Create an application.

4. Add the application to the Allowed List in Fusion Manage (Administration > General Settings > Security Settings).

   This enables all tokens generated for that application to be used when authenticating into Fusion Manage.

   

5. Request a 2-legged token performing a POST call.

2. Call the Fusion Manage REST v3 API Endpoints

When performing a request, add:

• The Authentication token, in the format “Bearer BEARER_TOKEN”

• The X-user-id value as an e-mail (a valid, active user address in the system)

  • This user is going to be impersonated in all calls using the token above.
  • In most integrations, this is a “service” user, with proper permissions to accomplish the workflows in the integration.
  • All calls in the system are done as if being performed by this user; in other words, permissions, validation, workspaces, and more. They are all tied to the user specified here.

• The “Accept” header value, if applicable, depending on the endpoint being called

  

cURL Example

curl -X GET -H "Authorization: Bearer [your access token]" -H " "X-user-id: [user e-mail]" -H "Accept: application/json" -H "Content-Type: application/json" " https://[tenant name].autodeskplm360.net/api/v3/workspaces?unlimited=true