Parameter
|
Description
|
Value
|
||
---|---|---|---|---|
tokenUsernameAttribute
|
Optional: The claim name that holds the username for the resource request.
|
Default value "unique_name"
|
||
tokenPublicKeyUrl
|
Mandatory: The Azure AD B2C public key endpoint (jwks_uri).
|
The value is constructed as follows: https://infracbsb2c.b2clogin.com/infracbsb2c.onmicrosoft.com/{user flow name}/discovery/v2.0/keys
|
||
administratorAlias
|
Optional.
Mandatory only if you want to access RP with ThingWorx administrator.
|
The administrator username as it is configured in Azure AD B2C.
|
||
administratorInternalName
|
Optional: The administrator username as it is configured in ThingWorx.
|
Administrator
|
||
tokenValidationType
|
Mandatory: The property point of the access token (JWT).
|
local
|
||
issuer
|
Optional: Issuer value for additional token validation check
|
The issuer value as it appears in the ISS claim in the token.
|
Parameter
|
Description
|
Value
|
---|---|---|
globalScopes
|
List of comma-separated global scopes. Includes the minimum set of scopes required to access any resource. If this parameter is missing or empty, THINGWORX is set as a default global scope. Do not leave this parameter empty. If there is no dedicated scope, then set THINGWORX as a value.
In the case of ThingWorx as Resource Server configuration, this is the scope that was created in Step 2 of Configure ThingWorx as a Resource Server.
|
"globalScopes":
"THINGWORX_APP1,THINGWORX_APP2" |
Parameter
|
Description
|
Value
|
||
---|---|---|---|---|
uri
|
URI pattern
Defines the resource or resource group that requires additional scope(s) to the global scope(s).
|
Thingworx/Things/** - control all Things
Thingworx/Things/Thing1 – control Thing1 |
||
scopes
|
Comma-delimited list of additional scopes.
Only the user that has grants to all listed scopes (including global) is allowed to get resource.
|
|||
method
|
Optional: Defines the URI method that the scope will be applied to.
|
Possible values are any methods allowed in REST protocol, such as GET or POST.
|