Autodesk Viewer stopped working - returns 401 on /modeldata/manifest/

Question

We've been working on an application for a couple of years now, featuring the Forge (Autodesk) Viewer.

Our approach is similar to the one described in https://tutorials.autodesk.io/, except we use three-legged authentication.

We store the access token received after a successful three-legged authentication in the database:

function getAutodeskClient(): AuthClientThreeLegged {
  if (oAuth2ThreeLegged) return oAuth2ThreeLegged;

  oAuth2ThreeLegged = new ForgeSDK.AuthClientThreeLegged(
    AUTODESK_CLIENT_ID,
    AUTODESK_CLIENT_SECRET,
    AUTODESK_REDIRECT_URL,
    [
      "data:read",
      "data:write",
      "bucket:read",
      "bucket:update",
      "bucket:create",
    ],
    autoRefresh,
  );

  return oAuth2ThreeLegged;
}

Then we use the access token obtained during this process on the client side to initialize the viewer:

const options: Autodesk.Viewing.InitializerOptions = {
  env: "AutodeskProduction2",
  api: "streamingV2",
  getAccessToken: getForgeToken,
};

function launchViewer(urn: string, container: HTMLElement) {
  Autodesk.Viewing.Initializer(options, () => {
    viewer.current = new Autodesk.Viewing.GuiViewer3D(container, {
      extensions: ["Autodesk.DocumentBrowser"],
    });
    viewer.current.start();
    const documentId = `urn:${urn}`;

    Autodesk.Viewing.Document.load(
      documentId,
      onDocumentLoadSuccess,
      onDocumentLoadFailure,
    );
  });
}

This code was working fine for 1+ years, but about a week ago we started receiving 401 errors when we tried to load model files.

While I can open https://viewer.autodesk.com/id/dXJuOmFkc2sub2JqZWN0czpvcy5vYmplY3Q6YTM2MHZpZXdlci1wcm90ZWN0ZWQvdDE2OTA0MzgxNDNfNGE1MjIzMTUtODI4Yy00ZjVkLWEzNzItNzgwZGEzM2U0YzRhLnJ2dA?sheetId=NTgzYjMzZDUtMmM1Mi1lMzBhLTA4ZTgtN2MwYTE3N2YzNjlh just fine, when I try to load the same file using the viewer API, I get a 401 error:

curl 'https://cdn.derivative.autodesk.com/modeldata/manifest/dXJuOmFkc2sub2JqZWN0czpvcy5vYmplY3Q6YTM2MHZpZXdlci1wcm90ZWN0ZWQvdDE2OTA0MzgxNDNfNGE1MjIzMTUtODI4Yy00ZjVkLWEzNzItNzgwZGEzM2U0YzRhLnJ2dA?domain=http%3A%2F%2Flocalhost%3A3000' \
  -H 'authority: cdn.derivative.autodesk.com' \
  -H 'accept: */*' \
  -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8,sr;q=0.7' \
  -H 'authorization: Bearer <our bearer token>' \
  -H 'origin: http://localhost:3000' \
  -H 'referer: http://localhost:3000/' \
  -H 'sec-ch-ua: "Not/A)Brand";v="99", "Brave";v="115", "Chromium";v="115"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "macOS"' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: cross-site' \
  -H 'sec-gpc: 1' \
  -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' \
  --compressed

This request originatest from:

Autodesk.Viewing.Document.load(
  documentId,
  onDocumentLoadSuccess,
  onDocumentLoadFailure,
);

The response is {"diagnostic":"Unauthorized"} and here are the response headers:

My application has access to all APIs:

When using 3 legged authorization you need to have access to that file. In your case with what you provided I see both URN's are under the a360viewer-protected bucket which the site viewer.autodesk.com is the owner, hence you are not authorized to have such access. You will need to have this on your own ACC or BIM 360 project in order to make the modeldata/manifest call. If you point to a URN within your environment this should not give you an error anymore. — Jaime Rosales, Aug 14 '23 at 21:13
Thanks, @Jaime Rosales. We'll try this soon and get back to you. What was the recent change that caused this? We couldn't find anything in the changelog for the model derivative API, and these URLs worked for us before. — Akos K, Aug 16 '23 at 04:47
I don't believe there was a chance on Model Derivative service, but probably there was a fix on the viewer website to not allowed unauthorized access to the files hosted there. I would recommend test with your own storage or ACC or BIM 360 location if that persists, I can ask the MD engineers about it. — Jaime Rosales, Aug 16 '23 at 16:35
Thanks @JaimeRosales. Where can I access my bucket, and what's the procedure for copying this model https://aps-simple-viewer-nodejs.autodesk.io/#dXJuOmFkc2sub2JqZWN0czpvcy5vYmplY3Q6cGV0cmJyb3otc2FtcGxlcy9BdXRvZGVza19Ib3NwaXRhbF9BcmNoaXRlY3R1cmFsLm53Yw into my own bucket, thanks! — Akos K, Aug 30 '23 at 14:37
Are you the owner of the model? Just upload it into your own bucket, you can use our oss-manager.autodesk.io site or VS Code Extension (Autodesk Platform Services) to setup your set of API keys and upload it to your own bucket. — Jaime Rosales, Aug 31 '23 at 20:24

Autodesk Viewer stopped working - returns 401 on /modeldata/manifest/

0 Answers0