Configuring Windchill Risk and Reliability Web Services for Single Sign-on
These settings are applicable for Windchill Risk and Reliability Data Engine APIs and REST services.
Creating OAuth Client Connection for Windchill Risk and Reliability
Windchill Risk and Reliability connects to a PingFederate OAuth client to verify the authenticity of the access tokens it receives from the application used to access Windchill Risk and Reliability Web Services. To create this OAuth client, complete the following steps:
1. Go to > > , click Add Client.
2. Enter a CLIENT ID. Make a note of this value, it will be needed when configuring the appsettings.config file.
3. In CLIENT AUTHENTICATION, select CLIENT SECRET radio button.
4. Select CHANGE SECRET checkbox.
5. Enter a CLIENT SECRET. Make a note of this value, it will be needed when configuring the appsettings.config file.
6. In the NAME field, enter a descriptive value. This is displayed in the PingFederate Clients list.
7. Enter a DESCRIPTION.
8. In the ALLOWED GRANT TYPES section, select Access Token Validation (Client is a Resource Server), Refresh Token, and Authorization Code.
9. Use the default settings for the remaining fields.
10. Click Save
Registering Scope for Windchill Risk and Reliability
1. Go to > > , in the Scope Value, enter WRR_READ.
2. In the Scope Description, enter a description for the scope.
3. Click Add
4. Click Save
Authorization server settings
1. Go to > > , in the
PASSWORD CREDENTIAL VALIDATOR, select the specific validator created for the LDAP server. To know more about creating a validator, see
Create and configure IdP adapter.
2. In the REQUIRED SCOPE, select WRR_READ.
3. Click Save