Windchill Risk and Reliability supports SAML 2.0 authentication to enable participation in a federated single sign-on solution across web services. A single sign-on enables you to log in to a Windchill Risk and Reliability application or server and work or navigate across the integrated systems in a seamless manner, without the need to log in again.

Windchill Risk and Reliability Desktop Client application provides limited support to the single sign-on functionality. The Creation of CAPA Request and Editing the Windchill BOM Structure actions are not supported in Windchill Risk and Reliability Desktop Client application under single sign-on.

The authentication strategy relies on the web server to enforce authentication. PTC has tested and used Shibboleth Service Provider to confirm Windchill Risk and Reliability compatibility with SAML. This was tested under specific conditions and is provided as an example configuration. Each site will have unique methods of implementing SAML. The selection of a SAML service provider is up to each customer. PTC has only tested and verified the suitability of Shibboleth Service Provider and does not make any warranty about the suitability of other SAML service providers. PTC does not directly support the setup or configuration of a SAML service provider. For assistance configuring the SAML service provider that you select, refer to that product’s documentation or customer support. It is up to the customer how they establish or configure an identity provider within their federation. Refer to OASIS or Shibboleth documentation for information about establishing an identity provider, or consult with your identity provider administrator. Knowledge of the SAML 2.0 specification is a prerequisite to this configuration. For more information, refer to the SAML v2.0 documentation published by the OASIS Security Services Technical Committee, available at https://www.oasis-open.org/standards/#samlv2.0.