Generating an authorization token using Authorization code with proof key (retired) - SmartPlant Foundation - SmartPlant Foundation 2020 - Help - Hexagon PPM

SmartPlant Foundation and Web Client Modified and Retired Functionality

English (United States)
SmartPlant Foundation
Search by Category
SmartPlant Foundation / SDx Version

This functionality was removed in Update 23.

You can configure the authorization between the client and the server using the authorization flow Authorization code with proof key to secure access. This involves creating a client secret relevant to register the authorization flow, and then re-using the client secret when exchanging the authorization code for an access token.

The following example shows the changes you must make to the server web.config file.



<oauth issuer="" requiredScopes="" />

<cors allowedOrigins="*" allowedMethods="*" allowedHeaders="*" exposedHeaders="" allowCredentials="false" preflightMaxAge="600" />


<services baseUri="">

<service prefix="API/V2" id="CF188428-F90A-48E0-B788-A592197932DC" secret="E*re|;C+/Ax=/oNu/D5qpV+i].[QV-Bhr%J?+%O[R0DC^1bK^HNQN8emoyn;Lv@6" instance="" />



  • The scope value must be set to empty so that the client can request all scopes.

  • The resource id value must be set to identify the API that is being used. This value can be found in the id attribute and client secret when registering the service in Smart API Manager. The id attribute value changes each time a different issuer is used.