Configure an AIL (Jump Interface) for IWA - HxGN SDx - v10 - Installation & Upgrade - Hexagon

You can only configure IWA with HxGN SDx 10.0 and SPO 10.0.

1. Create a service account to perform API calls. For example, user SAP and assign full access to this user.

   If you are using a HxGN SDx, an SDx Administrator role is required to perform this action.

2. Create an authorization server with the following details:

   Client Name	As a service account name, in this example SAP.
   Client ID	As a service account name, in this example SAP.
   Secret	any value
   Scope	ingr.api

3. Run Postman to get the token. Use the following format:

   grant_type	client_credentials
   Client_ID	SAP (in this example)
   client_secret	your secret value
   Scope	ingr.api
   Resource	your resource (OOTB: EE9C5479-A52E-4D11-80AE-BFDDCE9A603F)

   For Client credentials type of authentication, you do not need to specify username and password.

4. Assign scope to <SAP> user using API call:

   Request Method	POST
   URL	https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/SetConfig
   Authorization	Bearer Token
   Header	Content-Type: application/json
   Body	{"QueryConfigUIDs": ["PL_PlantA"], "CreateConfigUID": "PL_PlantA"}
   Expected response	1

5. Verify which roles are selected from assigned for <SAP> user:

   Request Method	GET
   URL	https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/User/Roles
   Authorization	Bearer Token
   Header	Content-Type: application/json
   Body
   Expected response	{     "@odata.context": "https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/$metadata#User/Roles",     "value": [         {             "RoleUID": "RL_SDx_Administrator",             "Description": "SDx Administrator",             "DisplayName": "SDx Administrator",             "Selected": true         },         {             "RoleUID": "RL_Manager",             "Description": "Role for all  managers in operations, maintenance, reliability etc and who can view, navigate, report and also approve the relelvant requests",             "DisplayName": "Manager",             "Selected": false         },         {             "RoleUID": "RL_Business_Administrator",             "Description": "Manages project, contracts, disicplines, users, WBS, PBS…",             "DisplayName": "Business Administrator",             "Selected": false         }     ] }

6. To select more roles for the user, run the following API call by copying the highlighted response from the previous call into the body of the next call. Change the Selected attribute value from False to True.

   Request Method	GET
   URL	https://sdxma.devdemo.hexagonppm.com/SDXMDG/api/v2/SDA/User/Roles
   Authorization	Bearer Token
   Header	Content-Type: application/json
   Body	[         {             "RoleUID": "RL_SDx_Administrator",             "Description": "SDx Administrator",             "DisplayName": "SDx Administrator",             "Selected": true         },         {             "RoleUID": "RL_Manager",             "Description": "Role for all  managers in operations, maintenance, reliability etc and who can view, navigate, report and also approve the relelvant requests",             "DisplayName": "Manager",             "Selected": true         },         {             "RoleUID": "RL_Business_Administrator",             "Description": "Manages project, contracts, disicplines, users, WBS, PBS…",             "DisplayName": "Business Administrator",             "Selected": true         }     ]
   Expected response	1

7. In SAP, delete the rows for username and password entries from the table /INGR/API_PARM_V.