Configure Access Tokens for Authorization and Public Access

This section describes how to configure the OAuth access tokens that theExperience Service will use to synchronize group memberships with ThingWorx and to allow public Experiences to access ThingWorx data.

Configure Access Token for Group Synchronization

The es-authorization user account is used to synchronize group memberships. Use the following step to configure the access token that will be used to synchronize group memberships:

1. From a standard web browser, navigate to the following URL where <es-base-url> should equal what is defined in the “SSO Configuration Parameters” section in PingFederate Configuration:

<es-base-url>/ExperienceService/username

2. When prompted, enter your OpenID provider credentials for the es-authorization user account.

In Step 1, you may need to start a new browser session to ensure that you are prompted to login

3. When prompted to authorize scopes, authorize all requested scopes.

4. Once complete, the es-authorization username appears in the browser window.

Configure Access Token for Public Access

The es-public-access user account is used to enable public access to ThingWorx data. Use the following step to configure the access token used to enable public access to ThingWorx data:

1. From a standard web browser, navigate to the following URL where <es-base-url> should equal what is defined in the “SSO Configuration Parameters” section in PingFederate Configuration:

<es-base-url>/ExperienceService/username

2. When prompted, enter your OpenID provider credentials for the es-public-access user account.

In Step 1, you may need to start a new browser session to ensure that you are prompted to login

3. When prompted, authorize all requested scopes.

4. Once complete, the es-public-access username appears in the browser window.