Configure Smart Engineering Manager Web API for authentication with SAM - Intergraph Smart Engineering Manager - 7.0 - Installation & Upgrade - Hexagon

Intergraph Smart Engineering Manager Web API Installation and Configuration
ft:locale
en-US
Product
Intergraph Smart Engineering Manager
Subproduct
Web API
Search by Category
Installation & Upgrade
Smart Engineering Manager Web Version
7.0

Using PowerShell

To configure SEM Web API for authentication with Smart API Manager (SAM), you must run AuthenticationConfiguartion.psi in PowerShell using parameters shown in the example script below.

  • Open PowerShell in Administration mode.

  • Replace the values in italics with your own values.

  • The script registers a Smart API for the SEM Web API and updates the application configuration files with a new Service ID.

Sample script

powershell.exe -file "[path]\PostInstallation\AuthenticationConfiguration.ps1" -installationType "SEM_WebAPI" -oauthIssuerUrl "https://samadmin.MyDomain.com/sam/oauth/" -username "SemAdmin" -password "MyAdmin123" -client_id "10AABBCC-1234-5678-9ABC-DEF123456789" -client_secret "MyClientSecret123" -serviceDescriptionUrl "https://MyServerDomain/Mywebapi7.0/sem/v4/description" -Verbose

Parameter

Description

oauthIssuerUrl

URL of the SAM authentication server.

username

Username of the registered admin user for logging into the authentication server. This user must be in the System Administrators group in SAM.

password

Password of the registered admin user.

client_id

The ID of the Smart Client application that consumes the Smart APIs. For example: Postman, and Power BI. This is required for obtaining an authentication token. For additional information, see Smart Clients.

client_secret

The parameter is generated for the Smart Client when it is registered. Depending on the authorization flow, the parameter might be necessary for obtaining an authentication token. For additional information, see Smart Clients.

serviceDescriptionUrl

This URL is required for requesting the Smart API service description in Postman.

Using Smart API Manager (SAM)

  1. Log in to SAM as a registered admin user.

  2. Find a group and add users to it. If necessary, create a new group. See, Register a new group.

    Make sure to add the registered admin user to the System Administrators group. See Add a user to a group.

  3. Register a new Smart API.

    SHARED Tip Smart API service description URL format: https://[IIS website address]/webapi7.0/sem/v4/description

  4. To the Smart API, add the enumeration claim type and assign a role with the appropriate user access level. See, Add a new claim type to a Smart API.

  5. After saving the Smart API, copy the Resource Identifier.

  6. Add the Resource Identifier and Issuer URL to the appsetting.json file located in the gRpcClient folder.

    SHARED Tip Issuer URL format: https://Your-SAM-server.com/sam/oauth/

  7. Give a group access to a Smart API.

  8. Create a new Smart Client with Resource Owner Authorization Flow. See, Register a new Smart Client.

  9. Copy the Client ID and Client Secret from SAM, to use in Postman for obtaining the access token. See, Use Postman to get an access token for authentication using SAM.