2
votes

I'm trying to create an app that create some webhooks to catch Autodesk Data Management API events.

When I create the app with a personal account for testing, it works fine. I get the token and then, I use it to create the webhook. But when I change the client id and the client secret to use the bussiness account where I need to work, it fails. The app is created and integrated by the account manager, and I get the token well, with the correct scopes (the same that I'm using with my personal account that works). The error is 403, FORBIDEN ACCESS.

I'm testing with this cUrl commands: 1. GET THE TOKEN:

curl -v 'https://developer.api.autodesk.com/authentication/v1/authenticate' \
  -X 'POST' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'client_id=<HERE_THE_CLIENT_ID>&client_secret=<HERE_THE_CLIENT_SECRET>&grant_type=client_credentials&scope=data:read%20data:create%20data:write%20user-profile:read%20viewables:read%20data:search%20account:read%20bucket:create%20bucket:read'
  1. CREATE THE WEBHOOK:
curl -X 'POST' -v 'https://developer.api.autodesk.com/webhooks/v1/systems/data/events/dm.version.added/hooks' -H 'Content-Type: application/json' \
 -H 'authorization: Bearer <TOKEN_OBTAINED>' -d '{"callbackUrl": "http://<URL>.ngrok.io/api/forge/hook/callback","scope": {"folder": <FOLDER_URN>},"hookAttribute": {"projectId": "b.<PROJECT_ID>"}}'

This is the error message I receive:

  "status" : 403,
  "code" : "FORBIDDEN_ERROR",
  "detail" : [ "Access denied for resource <FOLDER_URN> in scope <FOLDER_URN> that you are trying to create hook on." ]
2

2 Answers

0
votes

Webhooks for Data Management folders require 3 legged tokens (i.e. it need user permission). See this nodejs sample.