This Help Center contains information about setting up Identity and Access Management for PTC products. Information is provided about how PTC products can be configured to participate in a single sign-on solution to enhance the interoperability of the systems, streamline user access to data, and integrate with enterprise directory services.

You can find information about installing, licensing, and upgrading PingFederate as the Central Authentication Server (CAS). You can also learn how to configure authentication with PingFederate as the CAS automatically, or configure authentication for third-party identity providers (IdPs) manually. Understand how you can use scopes to protect resources in an application. Browse the table of contents, use the search field to find key terms, or use the quick links below.

User authentication and authorization can be conducted without using PingFederate. By using Microsoft Entra ID {formerly Azure Active Directory (Azure AD)} or Azure AD Federation Services (AD FS) as both a Central Authentication Server (CAS) and an identity provider (IdP), your users can be authenticated to ThingWorx or Windchill and be authorized to access certain resources. Learn how to configure authentication and authorization with Microsoft Entra ID or AD FS as both the Central Auth Server and the identity provider:

We are interested in your feedback on the content of this Help Center.

For a collaborative approach to configuration and troubleshooting, post questions or solutions in the PTC Community.

For assistance with technical issues, log a case with our Support team.

Last Updated: February 2024