Configure ThingWorx as a Resource Server
If you are configuring your ThingWorx application to also serve as a Resource Server, complete the procedures in the steps below.
Step 1: Add an Additional Identifier to ThingWorx
1. In the Microsoft Azure portal, navigate to Enterprise applications and select your enterprise application.
2. From the Manage menu, click Single sign-on and in the Basic SAML Configuration section, click Edit.
3. In the Basic SAML configuration window, add a new identifier. The identifier must include the prefix api:// and then the Enterprise Application ID of the ThingWorx application that will act as the Resource Server.
4. Click Save.
Step 2: Create and Expose a Scope in ThingWorx – When ThingWorx is the Resource Server
1. In the Microsoft Azure portal, under the Manage menu, select App registrations.
2. From All applications, select your ThingWorx application.
3. Under the Manage menu, select Expose an API.
4. Click Add a scope.
5. In the Add a scope pop-up window, add the scope details and click Add scope.
Step 3: Add the Exposed ThingWorx Scope to the Client Application
1. In the Microsoft Azure portal, under the Manage menu, select App registrations.
2. From All applications, select your client application.
3. Under the Manage menu, click API permissions.
4. Click Add a permission. A popup window opens.
5. Click APIs my organization uses and select your ThingWorx Resource Server application.
6. In the Request API permissions popup window, under Select permissions, select the exposed scopes of your ThingWorx Resource Server.
7. Click Add permission.
The Configured Permissions list is updated to show the added permissions.
Step 4: Configure the resourceServerSetting.json File
Based on your ThingWorx version, refer to either of the topics below for detailed configuration steps.