Configure ThingWorx for SSO

Azure AD B2C as the CAS for ThingWorx > Example: Azure AD B2C as the Central Auth Server > Configuring Authentication with Azure AD B2C > Configure ThingWorx for SSO

1. Before you begin configuring ThingWorx for SSO, stop the ThingWorx server.

2. Perform the procedures outlined in the Configure ThingWorx for Single Sign-On topic from the ThingWorx Help Center.

3. Generate a JKS keystore file with the name sso-keystore.jks and save it in the ssoSecurityConfig folder. Generate a key pair and specify the common name of the certificate as ThingWorx. Note the following:

◦ The key/name pair should be used where the keyStoreKey value is required.

◦ The password that was set for the sso-keystore.jks file should be used where the keyStoreKeyPass value is required.

◦ For more information about these values, see KeyManagerSettings section in the Configure the sso–settings.json File topic from in the ThingWorx Help Center.

4. Import the Azure AD B2C signing certificate into sso-keystore.jks. This certificate is the Certificate (Raw) that you downloaded during creation of the enterprise application in Azure AD B2C.

5. Copy the updated sso-keystore.jks file to the <ThingWorx Installation Folder>/ThingworxPlatform/ssoSecurityConfig folder.

6. Start the ThingWorx server.

7. Verify that the Azure AD B2C authentication has been configured properly by using the appropriate credentials to log in to ThingWorx Composer as the Administrator user.

Was this helpful?