Configure the SmartPlant Foundation site (retired) - SmartPlant Foundation - SmartPlant Foundation 2020 - Help - Hexagon

SmartPlant Foundation and Web Client Modified and Retired Functionality

SmartPlant Foundation
Search by Category
SmartPlant Foundation / SDx Version
SmartPlant Markup Plus Version
10.0 (2019)

This functionality was removed in Update 23. From Update 23, Smart API Manager is the default authorization server provided with HxGN SDx. The following applies if you are configuring a SmartPlant Foundation site using a version of the software before Update 23.

  1. Navigate to the SmartPlant Foundation site virtual directory web.config file. For example:

    C:\SmartPlant Foundation Server Files\Web_Sites\[SPFserver]\web.config

  2. Locate the intergraph.webApi > OAuth security element.

  3. Edit the issuer value to match the URL of the Smart API Manager using the oauth suffix. For example:


    <oauth issuer="https://[SAMHostServer].[Domain]/sam/oauth" requiredScopes="ingr.api"/>

    <cors allowedOrigins="*" allowedMethods="*"allowedHeaders="*" exposedHeaders="" allowCredentials="false" preflightMaxAge="600"/>


  4. Locate the Intergraph.webApi >services configuration element.

  5. Update the ID element with the Service ID and Secret values generated creating the Smart API instance in Smart API Manager. For example:

    <services baseUri="">

    <service prefix="api" id="[Service Id]" secret="[Secret] instance=""/>


  6. Click Save.

  7. Recycle the server application pools.

If your site will not load and you get a Configuration file is not well-formed XML error, you need to get a properly-escaped secret that can be used in an XML file. This is because the secret generated may not work with the web.config file. For more information, see

SHARED Tip You can also configure the site using the Server Manager command line. The following example demonstrates how to configure the settings shown in the examples above:

SPFServerManager.exe /update /sn:SPF /oauthissuerurl:https://[SAMHostServer].[Domain]/sam/oauth /applicationid:[Service Id] /allowcredentials:false /secret:[Secret]