1

Is it possible to get a 3-legged auth without user input ?

https://aps.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/

I have the below code which triggers the web browser to ask for login and press "allow" button. I can't run autoamted tasks like this, is there a way to call the API in adeffrent way in order to pass my credentials and get authorised programmatically ??

public async Task<string> GetCode()
    {
        
        var requesturl = $"https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code&client_id={client_id}&redirect_uri={redirecturl}&scope=data:create%20data:read%20data:write";
        Process.Start(new ProcessStartInfo(requesturl) { UseShellExecute = true });
       
       
        listener = new HttpListener();
        listener.Prefixes.Add(url);
        listener.Start();
        Console.WriteLine("Listening for connections on {0}", url);

        // Handle requests
        Task<string> listenTask = HandleIncomingConnections();

        this.code = listenTask.Result;

        GetToken();
        // Close the listener
        listener.Close();
        return code;

    }
Improve this question

1 Answer 1

Reset to default
1

In order to access private user data you need the permission of the user to access it. The way you request permission is with the oauth2 consent screen this is standard part of Oauth2.

So no you cant automate that. AutoDesk-forgue does return a refresh token as part of its oauth2 flow.

What you can do is request authorization once store your refresh token and use the refresh token to request a new access token whenever you need to access the api again.

In this way your automation will run just fine without you.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Is it possible ot refresh the refresh token without triggering the user input ever again after the first start-up where he has to manually log-in ?
I dont know a lot about AutoDesk. Assuming they are following Oauth2 specs then the refresh token should never expire. So you would not need to request access of the user again, just store that and keep using it. A bit of googling found this more-about-refresh-token and this aps.autodesk.com/blog/about-refresh-token
I'm also new to this, thanks for the tips, I will try to figure out what is possible and what isn't.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.