Single Sign-on Authentication
Single Sign-On (SSO) can be enabled in ThingWorx to allow mashups and applications built on the platform to participate in SSO scenarios involving other PTC products. ThingWorx supports these Central Auth Servers:
• PingFederate
• Azure AD – serves as both the Central Auth Server and the Identity Provider
• AD FS – serves as both the Central Auth Server and the Identity Provider
This section describes the configuration steps for enabling SSO in ThingWorx. You may need to consult with other PTC product administrators and identity provider administrators in your organization to configure other applications that are configured for SSO.
SSO Capabilities Supported for PingFederate
• SAML authentication
• OAuth delegated authorization with ThingWorx as a Service Provider
• ThingWorx as a Resource Provider
SSO Capabilities Supported for Azure AD
• SAML authentication
• OAuth delegated authorization with ThingWorx as a Service Provider
SSO Capabilities Supported for AD FS
• SAML authentication
• OAuth delegated authorization with ThingWorx as a Service Provider