Allow Federation of ClientIDs and tokens from Entra ID into AVEVA Identity Manager

For clients who previously relied on claims authentication with PI Web API, it would be useful to be able to reproduce a similar authentication flow with bearer authentication and the AVEVA Identity Manager in PI Server 2023. Currently, federation of ClientIDs and tokens from Entra ID is not possible. AIM does not recognize Entra ID tokens and vice-versa.

Clients should be able to:

1. Request an Entra ID token from a client registered directly in Entra ID (using the client credentials grant type).

2. Supply a request to the PI Web API for data with the supplied Entra ID token in the authorization header.

3. Have the AIM server validate those tokens on behalf of Entra ID.

4. Have PI Web API return the requested data once the tokes passes validation.