This is a general procedure. The exact steps depend on
the particular identity provider (IdP) used.
- Configure B2C Service as a trusted client.
- Specify the primary audience to be the Connect REST API
endpoint, for example:
https://mysite.example.com/services/rest/
- Specify the secondary audience, if needed, to be the Knowledge
Advanced REST API endpoint, for example:
https://mysite.example.com/services/km/api/latest/
- Set the scope to
/all
, so that when an
OAuth access token is requested from the IdP, the primary and secondary
audiences are set in the token.
What to do next
Download a security certificate from the external IdP to
your local computer. Then Configure B2C Service for OAuth Authorization.