Authentication - HxGN SDx - Update 54 - Installation & Upgrade

Infrastructure Planning and Deployment for HxGN SDx

Search by Category
Installation & Upgrade
SmartPlant Foundation / SDx Version

HxGN SDx uses OAuth 2 as the authorization framework that enables client applications to obtain access to data on the HxGN SDx Server API. There are four key OAuth roles involved during the authorization process:

  • Resource Owner

  • Client

  • Resource Server

  • Authorization Server

Resource Owner: User

The resource owner is the user who authorizes an application to access data in HxGN SDx. The application's access to the account is limited to the "scope" of the authorization granted.

Client: Application

The client is the application that requires access to the user's account. Before that it must be authorized by the user, and authorization must be validated by the API.

Resource Server: API

The resource server hosts the protected data.

Authorization Server

The Authorization Server verifies the identity of the user and then issues access tokens to the application.

  • Application Registration - Before using OAuth with HxGN SDx, the application must be registered with the Authorization Server using Authorization Code with PKCE as the selected OAuth flow.

  • Client ID and Client Secret - Once HxGN SDx has been registered, the service will issue "client credentials" in the form of a client identifier and client secret.