Hello @Ian Tracy ,
I'm not sure how you want to use Azure AD but Microsoft had documented how to create an SAS token if you want to make use of the REST API.
See also this blog post.
I'm trying to setup a SPA to interact with IoT hub's REST API using Azure AD. I get that users will need to login as the security principal request an OAuth 2.0 access token at runtime. This token request should point to the resource https://iothubs.azure.net. The problem that I have, is that I have created an app registration for the SPA, and I am trying to add a API scope permission for the IoT hub Rest API, but it is not an option on azure portal. I can see other Azure resources, like Cosmos, Time series Insights, but IoT hub is not an option.
How can I configure my app registration to have scope permissions to access IoT hub? Perhaps, I am trying to do something that is not possible.