Update the ThingWorx App Registration in Entra ID

Prepare for Single Sign-On (SSO) > Microsoft Entra ID Configuration Example > Update the ThingWorx App Registration in Entra ID

1. Open the app that was created for ThingWorx when you configured SSO for ThingWorx.

This should have been completed prior to beginning configuration for the Experience Service. For more information, see Create an Enterprise Application in Microsoft Entra ID in the ThingWorx Help Center.

2. In the left navigation pane, click Expose an API under Manage. Click Add a scope, and in the Add a scope window, enter THINGWORX as the Scope name, and then click Add scope.

3. In the left navigation pane, click API permissions under Manage. Click Add a permission.

4. When the Request API permissions pop-up appears, click Microsoft Graph.

5. On the next screen, select Delegated permission.

6. Under OpenId permissions, select the following optional permissions and then click Add permissions:

◦ email

◦ offline_access

◦ openid

◦ profile

7. Next, under User, select User.Read and click Add permissions.

8. Click on theAPI permissions tab again in the left navigation pane. Click Grant admin consent for <your org>. When a confirmation pop-up appears, click Yes.

9. Next, you’ll register the Experience Service as an app in Entra ID.