Configuring the Central Auth Server – Azure AD B2C
PTC supports Azure AD B2C as the Central Auth Server (CAS) for ThingWorx 9.6 and later versions. Azure AD B2C offers a business-to-customer identity as a service, enabling users to sign in to their ThingWorx application using credentials from various social and enterprise identity providers. Azure AD B2C is capable of federating with identity providers that are compatible with OAuth 1.0, OAuth 2.0, OpenID Connect, and SAML protocols. This includes accounts with providers like Facebook, Microsoft, Google, Twitter, and Active Directory Federation Service (AD FS).
ThingWorx implements the following elements in the SSO framework:
1. OIDC assertions for user authentication.
2. After the user has been authenticated, Azure AD B2C acquires permissions for the users for using data from the resource server application.
Before you begin working with Azure AD B2C to configure authentication and authorization, be sure to complete the following lists of prerequisites:
For procedural information about configuring authentication and authorization with Azure AD B2C, see following SSO configuration example:
Azure AD B2C as the Central Auth Server