Configuring the Central Auth Server

Examples of CAS Configurations > PingFederate as the Central Auth Server > Configuring the Central Auth Server – PingFederate

Configuring the Central Auth Server – PingFederate

PTC supports PingFederate as the Central Auth Server (CAS). The CAS manages the trust relationship between PTC products participating in the SSO framework. The CAS acts as a broker between applications by authorizing user logins, once the user has been authenticated, and by issuing and verifying access tokens that are exchanged between service providers and resource servers.

PTC products implement the following elements in the SSO framework:

1. Use SAML assertions to authenticate users with the IdP.

2. Then, after the user has been authenticated, PingFederate presents the user with a grants approval page where it asks the user if they want their data from the resource server to be shared with the application they are using.

Before you begin working with PingFederate to configure authentication and authorization, make sure to complete the following prerequisites:

• Installing PingFederate or Upgrading PingFederate

• Configuring Security Rules

• Configuring Authentication for Third-Party IdPs Manually (SAML)

• Create OAuth Clients for PTC Products

• Configuring PingFederate as the Central Auth Server Automatically

• Managing Scopes in Delegated Authorization

For procedural information about configuring authentication and authorization with PingFederate, see the SSO configuration examples in Examples of SSO Configurations.

Was this helpful?