Design of Authenticator Extension
The purpose of the PTC Identity Provider Authenticator Extension is to authenticate and grant ThingWorx users access to the different parts of a ThingWorx application.
The authentication flow is described in the following process:
1. After the remote IdP completes the authentication and has passed off the Windchill user name, the existing ThingWorx Authentication Filter invokes the PTC Identity Provider Authenticator Extension.
2. PTC Identity Provider Authenticator Extension performs the following steps:
a. Reads the user name from the request attribute.
b. If the user does not exist in the ThingWorx system, the extension creates the user in ThingWorx.
c. Optional: If you have configured a home mashup, sets the home mashup for newly created users and gives the users read access to the mashup.
If the user exists in ThingWorx, it does not set the user’s home mashup.
3. After a successful authentication, the ThingWorx internal controller redirects the users to their home mashup or the default ThingWorx search page.
