So, from the different perspective - how do you invoke the creation service from the EMS? I thought that you're able to invoke the service at all, but it seems that the problem lies here.
The EMS itself is in the Thingworx Remote Things monitor as a connected Gateway?
Ok, now I understand the problem. I thought that you managed to connect EMS itself to the Platform and cannot create a Thing, but as far as I can see, you didn't connect the EMS yet (is my understanding correct - this 16281043324 is EMS itself?).
If so, then to connect EMS as a Gateway (so - there is no EMS - thing on the Platform side), you need to use the proper config.json configuration with auto_bind setting:
// ... other configurations
If you include above, the EMS would auto-create a Thing on the basis of SDKGateway template (it won't be available to be seen in the Composer, but it would be marked as a connected in the Remote Thing Monitor).
The above is one of possibilities to connect to Thingworx Platform from EMS NOT HAVING the Remote Thing created - it is called a Gateway (please refer to the Configuring Automatic Binding for WS EMS section of the Thingworx WebSocket-based EMS Developer's Guide).
Then you can process further - invoke a service to create Remote Thing and bind to that thing using LSR scripts.
I am not sure if I was clear on that before. Yes, I can get the EMS populated and posting data automatically without an issue. Currently I have to have the app key that remote thing uses to post data linked to the administrator group.
When I create a new user with limited permissions and link this permissions account to our remote thing then I run into the issues described above. I am trying to determine what permissions are required to get the EMS connected to the server and posting data. I do not want our remote things to have access to anything more than they need once they are up and running. The administrator group has access to everything; this is why I do not want our remote things using an app key with this permissions level.
I'm able to bind my remote to existing thing even if I'm using app key with no permissions at all. Does thing 16281043324 from your previous post exist?
Do you use Universal Access Visibility or it's disabled?
I have removed all of the collection permissions for the users that are not in the development and administrator groups.
I just read through the article. I had not see this before.
So far, I will work on creating a list of permissions I have setup so far.