Parameter
|
Description
|
Value
|
---|---|---|
clientId
|
The client Application ID from AD FS portal.
|
|
clientSecret
|
The client application secret from AD FS.
|
|
chainedGrantType
|
Reserved for future use.
|
password
|
tokenUsernameAttribute
|
The claim name that holds the username for the resource request.
|
Default value: “unique_name”
|
tokenPublicKeyUrl
|
The AD FS public key endpoint (used to validate the access tokens).
|
The value is constructed as follows:
https://<ADFS host FQDN>adfs/discovery/keys
|
administratorAlias
|
The administrator username as it is configure in AD FS.
|
|
administratorInternalName
|
The administrator username as it is configured in ThingWorx.
|
Administrator
|
tokenValidationType
|
The property point that the access token (JWT) validation done locally.
|
local
|
Parameter
|
Description
|
Value
|
---|---|---|
globalScopes
|
List of comma-separated global scopes. Includes the minimum set of scopes required to access any resource. If this parameter is missing or empty, THINGWORX is set as a default global scope. Do not leave this parameter empty. If there is no dedicated scope, then set THINGWORX as a value.
|
"globalScopes": "THINGWORX_APP1,THINGWORX_APP2"
|
Parameter
|
Description
|
Value
|
||
---|---|---|---|---|
uri
|
URI pattern. Defines the resource or resource group that requires additional scope(s) to the global scope(s).
|
Thingworx/Things/** - control all Things
Thingworx/Things/Thing1 – control Thing1
|
||
scopes
|
Comma-delimited list of additional scopes. Only the user that has grants to all listed scopes (including global) is allowed to get resource.
|
|||
method
|
Optional. Defines the URI method that the scope will be applied to.
|
Possible values are any methods allowed in REST protocol, such as GET or POST.
|