Prepare for Single Sign-On (SSO) > PingFederate Configuration > Vuforia Studio Client Configuration
  
Vuforia Studio Client Configuration
Complete the following steps to define a client on your PingFederate server for Vuforia Studio. Default values can be used for any setting not mentioned below.
1. Log in to the PingFederate administration application.
2. Select Applications from the navigation pane.
3. Click OAuth and then Clients. Then, click New Client
4. Specify the following values for the settings, and click Save:
Setting
Value
Notes
CLIENT ID
Set this value to PTC_Studio_Client_ID. However, configurable client IDs are accepted if your company does not support custom client IDs. This can be configured during the Experience Service configuration.
Make sure to remember this value, as you’ll need to enter it during your Experience Service installation.
NAME
Choose a descriptive name for the connection.
This value is displayed to the user when they authenticate to the Experience Service.
CLIENT AUTHENTICATION
Select None in order to configure the client to not require authentication.
Vuforia Studio is a public client, and therefore does not use any client authentication.
REDIRECT URIS
Add the <studio-redirect-uri> parameter identified in the “SSO Configuration Parameters” section above to the list of Redirection URIs.
ALLOWED GRANT TYPES
Select the following grant types:
Authorization Code
Refresh Token
DEFAULT ACCESS TOKEN MANAGER
Select the access token manager that was created when configuring PingFederate for ThingWorx.
REQUIRE PROOF KEY FOR CODE EXCHANGE (PKCE)
Select the checkbox.
PERSISTENT GRANTS MAX LIFETIME
We recommend 2 minutes, but this can be set as desired.
REFRESH TOKEN ROLLING POLICY
Set this equal to Roll.
5. Now that you’ve configured the Vuforia Studio client, you’ll need to configure the ThingWorx client.