Welcome to the PTC Identity and Access Management Help Center
This Help Center contains information about setting up Identity and Access Management for PTC products. Information is provided about how PTC products can be configured to participate in a single sign-on solution to enhance the interoperability of the systems, streamline user access to data, and integrate with enterprise directory services.
Recommended for You
Using PingFederate as the Central Authentication Server
You can find information about installing, licensing, and upgrading PingFederate as the Central Authentication Server (CAS). You can also learn how to configure authentication with PingFederate as the CAS automatically, or configure authentication for third-party identity providers (IdPs) manually. Understand how you can use scopes to protect resources in an application. Browse the table of contents, use the search field to find key terms, or use the quick links below.
Using Microsoft Entra ID as the Central Authentication Server
User authentication and authorization can be conducted by using Microsoft Entra ID {formerly Azure Active Directory (Azure AD)} as both a Central Authentication Server (CAS) and an identity provider (IdP), your users can be authenticated to ThingWorx or Windchill and be authorized to access certain resources.
Learn how to configure authentication and authorization with Microsoft Entra ID as both the Central Auth Server and the identity provider:
Using Azure AD B2C as the Central Authentication Server
User authentication and authorization can be conducted by using Azure Active Directory (AD) B2C. Your users can use their social accounts (such as Google account), enterprise accounts (such as an account with one of the identity providers listed in this
Azure documentation), or local account (such as SignIn/SignUp users) to be authenticated to
ThingWorx and can be authorized to access certain resources.
Learn how to configure Azure AD B2C as a Central Auth Server in ThingWorx:
Using AD FS as the Central Authentication Server
User authentication and authorization can be conducted by using Active Directory Federation Services (AD FS) as a Central Authentication Server (CAS) and an identity provider (IdP), your users can be authenticated to ThingWorx or Windchill and be authorized to access certain resources.
Learn how to configure authentication and authorization with AD FS as Central Auth Server:
We Want Your Feedback
We are interested in your feedback on the content of this Help Center.
• Click the envelope icon in the upper right corner of any page to send feedback about that page.
Ask the Community
For a collaborative approach to configuration and troubleshooting, post questions or solutions in the
PTC Community.
Technical Support
For assistance with technical issues,
log a case with our Support team.
Last Updated: June 2024