Integration with Other Applications > Digital Product Traceability > Configuring the Windchill Digital Product Traceability (DPT) Extension in ThingWorx > Prerequisites
  
Prerequisites
ThingWorx is enabled to allow import of Windchill extension.
The import of extension is disabled in ThingWorx for all users by default. To enable import, configure the platform-settings.json file. For more information see platform-settings.json Configuration Details in the ThingWorx Platform Help Center.
1. Open the platform-settings.json file. By default, the file is located in the ThingworxPlatform folder.
2. Add or update the following ExtensionPackageImportPolicy parameters to true to allow import of extensions.
* 
All parameters are set to false by default. Reference platform-settings.json for more information about each parameter.
"ExtensionPackageImportPolicy": {
"importEnabled": false,
"allowJarResources": false,
"allowJavascriptResources": false,
"allowCSSResources": false,
"allowJSONResources": false,
"allowWebAppResources": false,
"allowEntities": false,
"allowExtensibleEntities": false
},
3. Save and close the platform-settings.json file.
To know about best practices on configuration, see Importing Extensions in the ThingWorx Platform Help Center.
* 
Refer to the documentation for your supported version of ThingWorx application.
ThingWorx is configured to allow Cross-Origin requests.
Add a Cross-Origin Resource Sharing (CORS) filter to the ThingWorx Flow server to enable Cross-Origin requests. This setting will allow external OSLC server to access data from the ThingWorx Flow server.
Complete the following steps to enable a website to make a REST call to ThingWorx Flow:
1. Shut down any running Nginx instances.
2. Open the vhost-flow.conf file from the following location in Nginx installation directory.
Windows: C:/Program Files/nginx-<version>/conf/conf.d
Linux: /etc/nginx/conf/conf.d
3. In the vhost-flow.conf file, under the location /Thingworx section, locate the proxy_set_header X-Content-Type-Options nosniff; line, and add the following lines:
set $cors '';
# Right side of condition can be regular expression:
# if ($http_origin ~ '^https?://(localhost|www\.yourdomain\.com|www\.yourotherdomain\.com)')
if ($http_origin = '<Origin_that_calls_ThingWorx_Flow>') {
set $cors 'true';
}
if ($cors = 'true') {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
}
# OPTIONS indicates a CORS pre-flight request
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '$http_origin';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
4. Replace <Origin_that_calls_ThingWorx_Flow> with the URL of the website that is trying to access ThingWorx Flow.
5. Restart the Nginx service.
To know more about the Cross-Origin Resource Sharing (CORS) setting, see Making a REST Call from an External Website to ThingWorx Flow in the ThingWorx Platform Help Center.
* 
Refer to the documentation for your supported version of ThingWorx application.
Windchill server is added as a secured domain in allow list of OSLC servers.
Add Windchill as a secured domains in OSLC servers configured with Windchill RV&S, Windchill Modeler, and IBM Rational Doors NG, to enable access to the delegated interface from Windchill. For more information about how to add domains as secured, see the Windchill RV&S OSLC Server guide (12.3.0.0 onwards) on Reference Documents, OSLC integration with Integrity Modeler and OSLC integration with IBM Rational DOORS Next Generation in the Windchill Modeler Help Center.
* 
Refer to the documentation for your supported version of Windchill RV&S and Windchill Modeler applications.
Windchill_Digital_Product_Traceability_Bundle zip file is downloaded from the PTC Software Download page on PTC.com. The zip is available under the Windchill PDMLink product family and its contents are:
1. Windchill_Digital_Product_Traceability-extension — the Windchill DPT extension zip.
2. Windchill_Digital_Product_Traceability_Config_Things — the zip of example things XML files.
* 
If you get certificate error in the browser, use Standard SSL certificates that are issued and verified by a trusted Certificate Authority (CA). If you have self-signed certificates, import the self-signed certificate as trusted certificate in your browser.
* 
Windchill DPT does not support ThingWorx configured with Windchill authentication. For more information, see the article Support for ThingWorx Platform which implements Windchill PDMLink Authentication with Digital Product Traceability (DPT) on PTC.com.
For information on permissions required by the ThingWorx user profiles, see Permissions for ThingWorx Platform Entities.
For more information on configuring the DPT extension, see Configuring the Windchill DPT Extension.