OAuth - How to use Grant Type "Authorization Code" for token generation
Hi everyone, I recently read this excellent blog post about token authentication using the REST API for Innovator, and in it Christopher Gillis says that ' urrently, I believe "password" is the only authentication type allows [sic]. Aras as a whole is moving towards more types of authentication in 12.0, so this is likely to change in the upcoming releases.' With 12.0 released, I see that OAuthServer\OAuth.config now defines two allowedGrantTypes for the clientRegistry with ID "IOMApp": 'password' - the one that I have been using in my code when generating OAuth tokens for Innovator so far - but also 'authorization_code'. Hence, I was wondering if anyone knows a practical way yet to generate the access token with that grant type, instead of using "password"? Thanks a lot in advance for any info on this subject. Cheers, C
Renewing OAuth Certificates
Hello fellow Aras developers, Here's another niche topic I recently had to tackle: renewing OAuth certificates. If you've been applying Aras patches (upgrade packages) over the years, your OAuth certificates are likely outdated. They expire every few years depending on your configuration and need renewal. I found several instructions online for manually replacing certificates, but they consistently resulted in: Authentication errors on sign-in ANCM Out-Of-Process Startup Failure After multiple attempts working with Aras Support, I took a different approach: Downloaded the out-of-the-box installer for our version (Release 36) and ran it on our production environment. Yes, even though the upgraded Release 36 was already installed. Selected 'Custom Installation' and chose ONLY the OAuth module. This generated a clean OAuth folder with a fresh set of certificates. Copied (overwrite) all the certificates (CTRL + A) into these directories (probably overkill, but redundant certs are harmless and it makes the process much faster): OAuthServer\App_Data\Certificates\ Innovator\Server\App_Data\Certificates\ Innovator\Client\App_Data\Certificates\ SelfServiceReporting\App_Data\Certificates\ VaultServer\App_Data\Certificates\ Updated the OAuth.config file in \OAuthServer\ with our internal production endpoint. iisreset (from command prompt as Administrator) Note: If you run the installer on a machine that already hosts an existing Aras instance, make sure to run changeguid.exe on the innovatorsetup.msi first to avoid impacting the current installation. Done! Please let me know if this helped and/or how I can improve this post. Let's make it a community effort to have up-to-date information for all of us.
HTTP Error 502.5 - Process Failure - OAuth - Server
Hello, After installing ARAS Innovator 12 SP9 community edition, I got the HTTP Error 502.5 as I tried to login onto the new instance. First thing I did was checking the prerequisites for ARAS innovator, but everything was ok. So I started to analyse the underlying problem, and it turned out that the XML file .../OAuthServer/OAuth.config is not a valid XML document. At line 86, you find "1:" right before the "redirectUri" tag. Please remove this two characters and it will start to work. Hope this is helpful until this mistake is fixed. Best regards
