You can only configure IWA with SDx 10.0 and SPO 10.0.
-
Create a service account to perform API calls. For example, user SAP and assign full access to this user.
If you are using SDx, an SDx Administrator role is required to perform this action.
-
Create an authorization server with the following details:
Client Name
As a service account name, in this example SAP.
Client ID
As a service account name, in this example SAP.
Secret
any value
Scope
ingr.api
-
Run Postman to get the token. Use the following format:
grant_type
client_credentials
Client_ID
SAP (in this example)
client_secret
your secret value
Scope
ingr.api
Resource
your resource (OOTB: EE9C5479-A52E-4D11-80AE-BFDDCE9A603F)
For Client credentials type of authentication, you do not need to specify username and password.
-
Assign scope to <SAP> user using API call:
Request Method
POST
URL
https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/SetConfig
Authorization
Bearer Token
Header
Content-Type: application/json
Body
{"QueryConfigUIDs": ["PL_PlantA"], "CreateConfigUID": "PL_PlantA"}
Expected response
1
-
Verify which roles are selected from assigned for <SAP> user:
Request Method
GET
URL
https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/User/Roles
Authorization
Bearer Token
Header
Content-Type: application/json
Body
Expected response
{
"@odata.context": "https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/$metadata#User/Roles",
"value": [
{
"RoleUID": "RL_SDx_Administrator",
"Description": "SDx Administrator",
"DisplayName": "SDx Administrator",
"Selected": true
},
{
"RoleUID": "RL_Manager",
"Description": "Role for all managers in operations, maintenance, reliability etc and who can view, navigate, report and also approve the relelvant requests",
"DisplayName": "Manager",
"Selected": false
},
{
"RoleUID": "RL_Business_Administrator",
"Description": "Manages project, contracts, disicplines, users, WBS, PBS…",
"DisplayName": "Business Administrator",
"Selected": false
}
]
}
-
To select more roles for the user, run the following API call by copying the highlighted response from the previous call into the body of the next call. Change the Selected attribute value from False to True.
Request Method
GET
URL
https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/User/Roles
Authorization
Bearer Token
Header
Content-Type: application/json
Body
[
{
"RoleUID": "RL_SDx_Administrator",
"Description": "SDx Administrator",
"DisplayName": "SDx Administrator",
"Selected": true
},
{
"RoleUID": "RL_Manager",
"Description": "Role for all managers in operations, maintenance, reliability etc and who can view, navigate, report and also approve the relelvant requests",
"DisplayName": "Manager",
"Selected": true
},
{
"RoleUID": "RL_Business_Administrator",
"Description": "Manages project, contracts, disicplines, users, WBS, PBS…",
"DisplayName": "Business Administrator",
"Selected": true
}
]
Expected response
1
-
In SAP, delete the rows for username and password entries from the table /INGR/API_PARM_V.