OAuth - How to use Grant Type "Authorization Code" for token generation
Hi everyone, I recently read this excellent blog post about token authentication using the REST API for Innovator, and in it Christopher Gillis says that ' urrently, I believe "password" is the only authentication type allows [sic]. Aras as a whole is moving towards more types of authentication in 12.0, so this is likely to change in the upcoming releases.' With 12.0 released, I see that OAuthServer\OAuth.config now defines two allowedGrantTypes for the clientRegistry with ID "IOMApp": 'password' - the one that I have been using in my code when generating OAuth tokens for Innovator so far - but also 'authorization_code'. Hence, I was wondering if anyone knows a practical way yet to generate the access token with that grant type, instead of using "password"? Thanks a lot in advance for any info on this subject. Cheers, C
Attribute suppression with multiple parameters
Hi, I'm looking to add a suppression to my ItemAnalysis.Suppressions xml file using 2 parameters in the same attribute suppression. How do I go about this/is this even possible? Currently we're on Aras 11SP12. We're looking at the following case. We want to enable appointing assignees in a workflow using the batchloader. To do so I need to use the following AML: <AML><Item action="add" type="Activity Assignment"> <source_id><Item type="Activity" action="get" where="[Activity].id IN ( SELECT a.ID AS ID FROM innovator.[ACTIVITY] a LEFT JOIN innovator.[WORKFLOW_PROCESS_ACTIVITY] wpa on a.id = wpa.RELATED_ID LEFT JOIN innovator.[WORKFLOW_PROCESS] wp on wpa.SOURCE_ID = wp.ID LEFT JOIN innovator.[WORKFLOW] w on w.RELATED_ID = wp.id LEFT JOIN innovator.[DOCUMENT] d on d.ID = w.SOURCE_ID WHERE a.LABEL_NL = 'name of some activity recognizable to the user, or @parameter1' AND wp.STATE = 'Active' AND d.ITEM_NUMBER = 'itemnumber of some document, or @parameter2' AND d.IS_CURRENT = '1')"> </Item> </source_id> <related_id><Item type="Identity" action="get" where="[Identity].keyed_name='some known identity'"></Item></related_id> </Item> </AML> So to find the right activity I need the name of that activity (or at least what a user recognizes as such) and the itemnumber of the document the activity assignment ultimately relates to. In order to fit this in the format required by the ItemAnalysis.Suppressions I'd have to supply 2 separate parameters but I don't think this is supported. How can I get this to work, with the knowledge that we're looking to migrate to Aras 12 and therefor adding <operating_parameter key="parse_item" value="false"/> to InnovatorServerConfig.xml won't be a longterm solution?
Security for Project to just allow identities of the relationship of the "Project Team" to see/edit
I have looked into MAC and DAC and basic identity based securities and cannot figure out a solution for this. What I am trying to do is to only allow identities that are on the "Project Team" of the out of the box relationship to project to read/write. Now this is different than a normal "Team" again because it is just a relationship to project that is identities. Any help is appreciated, thank you!
Apply information security header: X-Content-Type-Options:nosniff File Upload not work
Dear All, Apply information security header: X-Content-Type-Options:nosniff File Upload not work My Env description as follows: 1. IIS 10 2. Aras Innovator 11Sp12 Error Message: Refused to execute script from 'localhost/.../include.aspx Because its MINE type ('text/css') is not executable, and strict MIME type checking is enabled. How to resolve the issue?
