Posts about Security

This is the .NET version of how to strengthen the security of your Forge Viewing Application by using a proxy to avoid passing a token to the client JavaScript code.

Read More..

View your viewable data with viewables:read scope, the application will only be able to read the end user’s viewable data (e.g., PNG and SVF files) within the Autodesk ecosystem.

Read More..

All Forge webservice API calls will require a scoped Access Token from May 22nd 2017.

Read More..

Don't play against Casino

What if you want to develop a desktop application that directly connects to Forge servers?
You want just to compile my app and distribute the binary to my customers, and don't want to waste your time with maintaining a server.
No other services, no proxy, just directly calling the Forge endpoints.
How the Forge related secrets could be secured in this case? What are the best practices and what other challenges await us ahead?

Read More..

Start from the right foot by landing your Forge OAuth workflow!

Read More..