locked
WebApplicationUtilities.GetPersonInfo requires appId in config file?? RRS feed

  • Question

  • I'm using the overload version of WebApplicationUtilities.GetPersonInfo(String authToken, Guid appId).  I'm providing an app id because I am not setting the AppId in the web config file (per my requirements).  However I receive the error message below:

    [InvalidConfigurationException: To use this constructor, the application ID must be specified in the web or application configuration file.]
    Microsoft.Health.HealthServiceConnection..ctor() +414
    Microsoft.Health.ApplicationConnection..ctor() +24
    Microsoft.Health.AuthenticatedConnection..ctor(Credential credential) +79
    Microsoft.Health.Web.WebApplicationConnection..ctor(Credential credential) +29
    Microsoft.Health.Web.WebApplicationUtilities.GetPersonInfo(String authToken, Guid appId) +115
    HealthVaultAccess.TestSuccess.Page_Load(Object sender, EventArgs e) +717
    System.Web.UI.Control.OnLoad(EventArgs e) +99
    System.Web.UI.Control.LoadRecursive() +47
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1436

    Basically I need to retreive the Person Id and Record Id from the wctoken I have received from an AppAuthSuccess, without the need to specify appId in the web config.

    Any Thoughts?

    Thanks
    Friday, August 14, 2009 7:53 PM

Answers

  • Hello,

    There’s lots of ways to accomplish the steps involved here, basic overall process is:
    1. Authorize new user, which results in an active online session for the App ID used in the authorization process
    2. Wctoken is returned for the online session
    3. App can connect to HealthVault using the wctoken to retrieve the PersonID and RecordID
    4. After that, the app can create Offline connections and specify the App ID in the offline connection directly, without the web.config

    Technically the web.config App ID isn’t needed for the first 3 steps… but that’s the easiest way to do it and how the .NET SDK is designed to operate for online connections.  It isn’t required at a web service level, and the SDK can be modified or XML API calls can be made directly to bypass the .NET SDK.

    But the easiest way to do it is to use the app ID in the web.config for the online connection.  Can you share the reason why do you want to omit the AppId in web.config.

    If you are thinking in a security perspective, security for an application is not based on the application ID—that is public information.  Including it in the web.config is not a security risk.  Security for an application’s identity is based on access to the private key in the certificate.


    -Mahesh
    Friday, August 14, 2009 8:55 PM