Prerequisites

PTC Arbortext Content Delivery Deployment > Single sign-on > Prerequisites

Prerequisites

Before you set up PTC Arbortext Content Delivery for SSO, PTC recommends that you read the PTC Identity and Access Management Help Center to understand the PTC SSO architecture, key terms, and configuration settings.

Before configuring PTC Arbortext Content Delivery for SSO, ensure you have the following setup:

• ACD 7.1.4.0 or later releases

• PingFederate 9.3.3–Patch 3 already installed at your site. If you do not have PingFederate installed, you can download a supported version of PingFederate from the PingFederate website. For installation instructions, see the PingFederate documentation.

• The PingFederate license downloaded from the PTC software download website at https://support.ptc.com/appserver/auth/it/esd/index.jsp. Follow the instructions included in the ZIP file to deploy the PingFederate license file.

• If you are using a third-party Identity Provider (IdP), ensure that it is already identified and setup. The following attributes and files are provided by the IdP:

◦ Uid (mandatory)

◦ Email (optional)

◦ Group used for user provisioning (optional)

◦ Metadata file

◦ Signing certificates (X.509 SAML signing certificates)

• Update/Upgrade Prerequisites:

If you are updating or upgrading from an earlier release to 7.1.4.0, use the following table for reference to execute query on your respective database type to support the SSO configuration.

Database	Query to be Added
Oracle database	CREATE TABLE <E3C_Schema_Name>.OAUTH_CLIENT_TOKEN ( TOKEN BLOB, AUTHENTICATION_ID varchar(256) PRIMARY KEY NOT NULL );
MS SQL database	CREATE TABLE <E3C_Schema_Name>.[OAUTH_CLIENT_TOKEN]( [TOKEN] [image] NULL, [AUTHENTICATION_ID] [nvarchar](255) NOT NULL, CONSTRAINT [OAUTH_CLIENT_TOKEN_PK2] PRIMARY KEY ( [AUTHENTICATION_ID] ASC ))
PostgreSQL database	CREATE TABLE <E3C_Schema_Name>.oauth_client_token ( token bytea, authentication_id character varying(255) NOT NULL PRIMARY KEY );

It is assumed that you are familiar with SSO using SAML authentication and delegated authorization (OAuth).

PTC Arbortext Content Delivery supports the SAML 2.0 protocol for user authentication and OAuth 2.0 protocol for delegated authorization.