Microsoft Entra ID as the CAS and IdP for ThingWorx > Example: Microsoft Entra ID as Central Auth Server and Identity Provider > Configuring Authorization with Microsoft Entra ID with ThingWorx as a Resource Server or a Different Application as a Resource Server > Configure ThingWorx to Integrate with Other Resource Servers > Configure ThingWorx to Work with the Resource Server
Configure ThingWorx to Work with the Resource Server
When configuring ThingWorx, make sure that the scope value matches the scope you added in the API permissions of the ThingWorx application.
For example:
<RP Application ID URI>/<RPScopeName>
For the OAuth (M2M) connection type, the scope should be defined as <RP Application ID URI>/.default. This ".default" scope contains only the roles defined for this RP application. The M2M connector can only access resources protected by roles.
Was this helpful?