Hi all,
I have followed the instructions on the ACC API web page link here.
Under headers, it says "<token> is obtained via a three-legged OAuth flow."
Question 1:
Is there any way to use a two-legged OAuth flow? The three-legged ones require a user to log in. I hope to have this script run in headless mode as I am just trying to get a CSV of all assets from a build project regularly like I have set up for BIM360 (to download Revit files).
When I tried to use a two-legged OAuth flow I set the scope to "data:read" and get a status_code of 200 back. When I check the token it does not have a scope attached (which could be the following problem). When I use the token with the endpoint "
The screenshot below shows that my app has the two required APIs checked (Autodesk construction Cloud API and Data Management API).
Everything from question one is what leads me to question 2. When following the documentation to receive a three-legged token it requires one to enter a redirect_uri for after the token has been grated. I am running this script from a secure local computer (again why I want to use a two-legged token) so I do not need a redirect_uri. Since it does require one though I gave it "https://www.google.com/". When I run this code I get the following warning.
code for a two-legged token
import base64
import requests
# Step 1: Convert Client ID and Secret to Base64 encoded string
client_id = 'xxx'
client_secret = 'xxx'
project_id = 'b.xxx'
# Concatenate and encode to Base64
combined_credentials = f'{client_id}:{client_secret}'
base64_encoded_credentials = base64.b64encode(combined_credentials.encode()).decode()
print(f'Base64 Encoded String: {base64_encoded_credentials}')
# Step 2: Use encoded string to obtain an Access Token
token_url = 'https://developer.api.autodesk.com/authentication/v2/token'
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json',
'Authorization': f'Basic {base64_encoded_credentials}'
}
payload = {
'grant_type': 'client_credentials',
'scope': 'data:read'
}
# Make the POST request to obtain the access token
token_response = requests.post(token_url, headers=headers, data=payload)
print('Token:')
print(token_response.json())
# Check the response
if token_response.status_code == 200:
access_token = token_response.json().get('access_token')
granted_scopes = token_response.json().get('scope')
# Print the granted scopes
print(f'Access Token: {access_token}')
print(f'Granted Scopes: {granted_scopes}')
# Construct the API endpoint URL
api_url = f'https://developer.api.autodesk.com/construction/assets/v2/projects/{project_id}/assets'
# Make the API request
headers = {'Authorization': f'Bearer {access_token}'}
print(headers)
response = requests.get(api_url, headers=headers)
print(response)
# Check the response
if response.status_code == 200:
asset_data = response.json()
# Process the asset data as needed
for asset in asset_data['data']:
print(f"Asset ID: {asset['id']}, Asset Name: {asset['name']}")
# Check for pagination
next_url = asset_data.get('links', {}).get('next', None)
if next_url:
print(f"Next page URL: {next_url}")
else:
print(f"Error: {response.status_code}, {response.text}")
else:
print(f'Token request failed. Status code: {token_response.status_code}, {token_response.text}')
code for three-legged token
import requests
# Step 1: Direct the User to the Authorization Web Flow
authorize_url = "https://developer.api.autodesk.com/authentication/v2/authorize"
client_id = 'xxx'
client_secret = 'xxx'
project_id = 'b.xxx'
redirect_uri = "https://www.google.com/"
scope = "data:read"
auth_url = f"{authorize_url}?response_type=code&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}"
print(f"Click on the following link to grant access: {auth_url}")
# Step 2: Implement Code that Extracts the Authorization Code
# After the user grants access, the authorization code will be received in the callback URL.
authorization_code = input("Enter the authorization code from the callback URL: ")
# Step 3: Exchange the Authorization Code for an Access Token
token_url = "https://developer.api.autodesk.com/authentication/v2/token"
client_secret = "Your_Client_Secret"
headers = {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": f"Basic Your_Base64_Encoded_Client_ID_and_Secret"
}
payload = {
"grant_type": "authorization_code",
"code": authorization_code,
"redirect_uri": redirect_uri
}
response = requests.post(token_url, headers=headers, data=payload)
if response.status_code == 200:
token_data = response.json()
access_token = token_data["access_token"]
refresh_token = token_data["refresh_token"]
print(f"Access Token: {access_token}")
print(f"Refresh Token: {refresh_token}")
else:
print(f"Error: {response.status_code} - {response.text}")
Any help would be greatly appreciated.
Steven
