Authenticating in OAuth 2.0 with Aras RESTful API

Authenticating in OAuth 2.0 with Aras RESTful API

In our previous blogs posts we covered a range of topics on setting up REST calls, including querying part data, adding filters for more complex queries, and calling server-side methods. Since those posts Aras Innovator has changed quite a bit and in a good way.

For one we have updated the use of OAuth 2.0, promoting improved security practices for Aras Innovator 14+ versions. In this blog post we will be covering the steps to authenticate with the server and how to run requests.

Note: we will be using Postman in this post, but any API platform will work to send the same requests.

Authenticating

Before we get to the fun stuff we will need to authenticate our requests. Go ahead and open up Postman then create a new Collection workspace.

  1. Give the new workspace a name, such as 14+ AuthServer Requests
  2. Click on the Authentication tab on the workspace
  3. In the dropdown select OAuth 2.0
  4. Click Edit token configuration then scroll down to the bottom of this page to Configure New token
  5. Set the Configuration Options to the following:
  6. Specifically ensure the following fields are input correctly. Use the following values for the Callback URL, Auth URL, Access Token URL, and Scope 
    1. Callback URL: http://<servername>/<web alias>/Client/OAuth/PopupCallback
    2. Auth URL: http://<servername>/<web alias>/oauthserver/connect/authorize
    3. Access Token URL: http://<servername>/<web alias>/oauthserver/connect/token
    4. Scope: openid Innovator offline_access
  7. Once you have filled all of those values in, click the Get New Access Token button at the bottom left and log into the popup Aras Innovator window with your credentials
  8. If you log in correctly you will get another popup window with the access token. Within this window click Use Token.
  9. Now be sure to hit the Save button on the top right corner before proceeding to any next steps

Now you have officially completed authentication we can move on to the fun part, adding a query request!

Setting up GET requests for Part data

For the purposes of this blog post we will keep our query simple in order to confirm that we have authenticated our token correctly and can reach the Aras Innovator server endpoint. If you are looking for more complex query examples check out our other blog posts on RESTful API provided at the end of this post.

Now lets take a look at a simple query to grab all the Part data from Aras Innovator:

  1. Right click on the Meatballs Menu on the left hand side on your 14+ AuthServer Requests workspace and select Add Request
  2. Give the request a name, something like Part Request
  3. Click over to the Authorization tab and in the Type drop-down select Inherit auth from parent
  4. Make sure the request is a GET then in the Enter request URL field input the following URL: http://<servername>/<web alias>/Server/Odata/Part
  5. Go ahead and hit Send to run the request
  6. You should start seeing the return JSON with all the parts within your database:

If you are seeing the following screen you have successfully gotten data back from the server!

Conclusion

Congrats, you have learned how to authenticate in Aras Innovator 14+ versions using Postman workspaces (allowing you to create multiple requests using the same authentication tokens). Thanks for following along!

Check out prior blog posts for more complex queries (e.g. POST calls, filtering, and method calls): Using the Aras RESTful API, Complex Filters with the Aras RESTful API, and Server Side Methods with the Aras RESTful API. Note that these blog posts were created on older versions of Aras Innovator (12 SP18 and below) so they will require you to authenticate differently. However, the same calls will work with OAuth 2.0 if you are querying from 14+ versions of Aras Innovator.