This guide is still WIP

Follow this guide to build a new Mendix application which will allow you to explore your Altium 365 workspaces and modify the lifecycle status of your library components.

If you haven't checked out our Altium 365 Platform Mendix App, you can find it on the Mendix Marketplace.

Creating an Application

1. Install Mendix Studio Pro 10.15.0 or higher

2. Create the App in the Mendix Home online portal, and open it with Mendix Studio Pro.

Setting up Authentication and Authorization

1. Install the OIDC SSO module from the Marketplace into the app along with all the dependencies listed in https://docs.mendix.com/appstore/modules/oidc/#dependencies.

There will be about 19 errors after this step.
CE463 - right click on one of the errors in the Error list and select, 'Update All Widgets'
CE6087 - Right click on the error in the Error list and select, 'Update all renamed design properties in project'

2. Set the Encryption/Private - String en/de-cryption/Apis/EncryptionKey constant in your settings 32-character string that you generate, for example you can use a randomly generated GUID (https://wasteaguid.info/, remove the dashes). You’ll need to set one for each of your App Settings Configuration. Shared is fine.
   (See https://docs.mendix.com/appstore/modules/oidc/#setting-encryption-key for more on setting the EncryptionKey)
   
   

   
   

Configuring Roles

1. Set the Security level of the app to Prototype/demo by double clicking on App > Security
   

2. Add the Anonymous role, by clicking ‘User Roles’ > New
   

3. Edit each Role to have the Module Roles associated with it, to match the table in: https://docs.mendix.com/appstore/modules/oidc/#configuring-roles Section 3.1.
   
   You may need to add a Module Role to a module to do this. You can do this by going to: The module > Security > Module roles > New.

   
   

    

   User Role	Module Name	Status
   Administrator	Administration.Administrator	Already associated with role
   	System.Administrator	Already associated with role
   	MxModelReflection.ModelAdministrator	Need to add to role
   	System.Administrator	Need to add to role
   	OIDC.Administrator	Need to add to role
   	MyFirstModule.Admin	Need to create, not strictly necessary to be added as a role
   Anonymous	System.User	Need to add to role
   	OIDC.Anonymous	Need to add to role
   User	Administration.User	Already associated with role
   	System.User	Already associated with role
   	MyFirstModule.User	Need to add to role
   	OIDC.User	Need to add to role

   
   
   
4. Ensure Anonymous Users is allowed
   
5. Install the Mx Model Reflection module: (Section 3.a Installing MX Model Reflection)
6. Once the Mx Model Reflection module has been imported into your app, you need to configure it.
   In the App Explorer, add the page MxObjects_Overview from the MxModelReflection folder to the Navigation menu.
   
   
   Run the app and click the newly-added navigation link to use Mx Model Reflection. Make sure to click, Save and Continue. Allow access from your Windows Defender Firewall.
   Click, View App to see the app
   Ensure you have selected the demo_administrator user:
   You will now see the icon for your MxModelReflection page. Click on this to enter the Module Reflection page
   Ensure the Administration, MxModelReflection, OIDC and System modules are selected, and click both ‘Click To Refresh' buttons
   
7. To enable the use of app constants to configure the OIDC SSO module, configure your app to run the Startup microflow in the OIDC module (OIDC.Startup.ASU_OIDC_Startup) as (part of ) the after startup microflow. You can do  this by going to your app > Settings > Runtime > After Startup > Select > Marketplace modules/OIDC/Startup/ASU_OIDC_Startup
   

   

8. (4.3 Navigation Configuration) The OIDC SSO module works without a specified sign-in page. Therefore, in the navigation section of your app, set Sign-in page (in the Authentication section) to none.
   
9. Set a Role-based home page for role Anonymous to OIDC/Implementation/Login_Web_Button.
   

[ In addition, administrators will need to have access to configure OIDC and also manage end-users. You can do this by including the pages Administration.Account_Overview and OIDC.OIDC_Client_Overview into the app navigation, or a separate administration page. ]

Add User-Agent

1. Some IdS providers, such as Altium Identity, require a User-Agent field in the header. To add this, double click on the handleAuthorizationCode microflow in the OIDC module (OIDC/Implementation/2. Login Flow/2b. Callback/shared/handleAuthorizationCode).
   

2. Look for a call REST (POST) action, which returns an OAuthTokenResponse variable named TokenResponse_1. Double-click the action. Under HTTP Headers, in Custom HTTP Headers, add a new header with key User-Agent and set the value to 'Mendix/10.15.0'.
   

Add Altium Identity as OIDC Provider

1. Add the OIDC/Implementation/OIDC_Client_Overviewpage to the navigation
   
2.  Re-run the application and log in as an Administrator.
   Under IdPs for SSO and API security, click New. In the form, add these details:
   
   
   

   Alias	Altium Identity (UAT)
   Client ID	20C490ED-58EF-11EF-9194-02A5C34CA889
   Client authentication method	client_secret_basic
   Client Secret	dummy
   Active	Yes
   Automatic Configuration URL	https://auth.uat1.altium.com/.well-known/openid-configuration

   
   Add the following scopes:
   
   Click, Import Configuration.

Add Nexar Identity as OIDC Provider (Optional, but recommended.)

Add Logout to Navigation

Navigation → New Menu Item Action → Sign out

Testing OIDC workflow

Log out, then try and log back in using Altium Identity.

Installing Altium365 Platform Module

Right click on the root node with your App name and select, Import module package….

Locate your MPK file, and import the module

continue

You will see the new module at the bottom of the App Explorer panel:

1. Assign User module role to your app User role. You can do that by going to your app > Security > User Roles > User > Module Roles > Edit > Select Module Roles >Altium365 > User
   

2. Set the Altium365/_USE ME/GlobalPlatformUrl depending on where your workspace is. This can be one of the following based on your location:

   • Asia-pacific: https://asp.365.altium.com/napi/gateway/graphql

   • Europe: https://eur.365.altium.com/napi/gateway/graphql

   • GovCloud: https://use.365-gov.altium.com/napi/gateway/graphql

   • US-East: https://use.365.altium.com/napi/gateway/graphql

   • US-West: https://usw.365.altium.com/napi/gateway/graphql

You can do this by going into your app > Settings > Configurations > Default > Edit > Constants > New > Marketplace Modules > Altium365 > GlobalPlatformUrl

Set the constant value, choosing from a-e of the locations above. For example:

Using the A365 Module

Primary Workspace Navigation Button

Add your primary workspace to the navigation bar by clicking Add a New Item > On Click > Call a Nanoflow 

Call the Nanoflow /A365/_USE_ME/ACT_Workspaces_FirstWorkspace

(Optional) Workspace Selector

If you have multiple workspaces. Add Workspace Overview to Navigation bar by clicking Add a New Item > On Click > Show A Page