Integrate CONNECT Services with AIM-A
- Last UpdatedDec 02, 2024
- 4 minute read
CONNECT allows account administrators to create and manage service applications. For each service application created, a relevant Auth0, non-interactive application must be created. Administrators must be able to copy the client credentials for this application from the Connect portal.
Important: Service application integration in CONNECT is restricted functionality. Please contact your AVEVA representative for more information.
For more information, refer to the CONNECT Help Service Applications document that is available upon request through AVEVA representatives.
Service application creation and role assignments
Following these steps below, CONNECT account administrators can create a service application:
-
Login to CONNECT at https://connect.aveva.com/.
-
Select Integrations.
-
Selecting Create service application displays a list of service applications.
-
Create a new service application by providing the name and description and select Service Role. CONNECT will prompt to select Service, Folder and Role. Select Data Pipeline/Load Reporting or Asset Information Management - Advanced based on which API you want to use this token for. Also select the respective service role.
-
Select Create. The list of service applications page is displayed.
-
The status of the new service application is Creating. The status will be updated to Active on successful application creation.
-
Copy the client credentials for the service application from the menu as shown below.
Service application token generation
Using the service application client credentials and the Client Credentials Flow mechanism, an access token can be generated. Follow the guidelines available in the Auth0 portal at https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow to generate an access token.
C# Sample Application
var client = new HttpClient(new HttpClientHandler() { UseDefaultCredentials = false });
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded"));
var postData = new List<KeyValuePair<string, string>>()
{
new KeyValuePair<string, string>("grant_type", "client_credentials"),
new KeyValuePair<string, string>("scope", "connect"),
new KeyValuePair<string, string>("client_id", clientId),
new KeyValuePair<string, string>("client_secret", clientSecret)
};
var tokenResponse = client.PostAsync("https://signin.connect.aveva.com/oauth/token", new FormUrlEncodedContent(postData)).Result;
var token = await tokenResponse.Content.ReadAsAsync<AccessTokenModel>();
Notes
-
Always cache the token that is generated. The token is valid for 30 minutes.
-
The token generation is rate limited, that is, a maximum of 5 tokens can be generated per service application within a 5 minutes window.
3DVis Integration
-
Log into your AVEVA CONNECT account.
-
Go to Folder Management.
-
Open the folder where your AIM-h service is enabled, to further enable the 3DVis Cloud Streaming Service in the same folder.
-
After selecting the Folder, identify the 3DVis Cloud Streaming Service and open the sub-menu using the vertical 3 dots.
-
Select Manage integrations.
All the 3DVis integration points for the CONNECT account will be listed.
-
Enable the correct integration for the Folder/environment.
-
After selecting the Folder, identify the 3DVis Cloud Streaming Service and open the sub-menu using the vertical 3 dots.
-
To apply roles, open the sub-menu using the vertical 3 dots on 3DVis Cloud Streaming Service and select Manage roles.
-
After selecting Manage roles, the Roles screen will open. Use Assign role to create any new role assignments as follows:
Type= Service role
Service = 3DVis Cloud Streaming Service
Folder = <The folder associated to the AIM instance>
Role = Render User
Models The access tags = Any
Groups = <Your CONNECT group you may wish to apply, for example, Power User>
Users = <specific usernames outside of groups>
-
Select Save.