Configure the PTC Identity Provider Authenticator

Install, License, and Configure ThingWorx Navigate > Install ThingWorx Navigate on an Existing ThingWorx Instance > Configure ThingWorx Navigate > Set Up ThingWorx Navigate with Windchill Authentication > Configure the PTC Identity Provider Authenticator

The following steps describe how to configure the PTC Identity Provider Authenticator.

1. Select Authenticator under SECURITY in the left navigation pane.

2. Click the ptc-identity-provider-authenticator link to display the general information about the extension. The General Information page opens.

3. On the General Information page, complete the following steps:

a. Select the Enabled checkbox.

b. Enter the value in the Priority field. By default, the priority is 1 indicating that this authenticator is the first authenticator to run.

The value in the Priority field is important if you want to implement check by multiple authenticators. If the authenticator with a priority of 1 fails, then the next authenticator does the authentication check and so on.

4. Click Configuration under ENTITY INFORMATION in the left navigation pane:

Use the two options, CreateUserDynamically and HomeMashup, with single sign-on so that users who are authenticated in Windchill are automatically added as users to ThingWorx and assigned a home mashup. When a user opens a browser to ThingWorx for the first time, they will be routed to Windchill for authentication. Once authenticated, a corresponding user is created in ThingWorxand the user is assigned a home mashup. Then the browser is routed to the specified home mashup.

◦ CreateUserDynamically– When selected, configures the authenticator to automatically create a user in ThingWorx if the user does not yet exist and the user has been authenticated by Windchill.

If the authenticator is not configured to automatically create users, the browser is still routed to Windchill for authentication, but fails to open ThingWorx if the user does not exist.

If the user receives Error Message #500, this user does not exist in ThingWorx.

◦ HomeMashup – Assigns a home mashup to the newly created users. If no home mashup is specified, ThingWorx routes the browser to the ThingWorx search page.

For ThingWorx Navigate, set to LandingPageAccessAppMashup.

5. Ensure that a home mashup value is set for either all dynamically created users using the HomeMashup field (described in the previous step) or for existing users (other than administrative users) on the General Information pages of users. If a home mashup is not set for a general user, that user is redirected to the default ThingWorx search page.

6. Click Save.

Users must be added to specified groups. For more information, see Modify ThingWorx Permissions: Users and Groups.