cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Need help navigating or using the PTC Community? Contact the community team. X

Electronic signature authentication against active directory

Nyandu
5-Regular Member

Electronic signature authentication against active directory

Hi!

 

I'm looking for suggestions on how I can implement an Electronic signature feature that authenticates users against Active Directory.

 

I want to prompt an already signed in user for their AD username and password before they're allowed to update any existing setpoint values and store which user changed what value. 

 

I've been reading the authentication extension guide but I'm not sure if this accomplishes what I'm after or if this is just another way for users to log in. 

https://developer.thingworx.com/en/resources/guides/create-authentication-extension/

 

ACCEPTED SOLUTION

Accepted Solutions
PaiChung
22-Sapphire I
(To:Nyandu)

Not too sure if there is a way to do it vs. AD, because I don't think we expose a password check service in the 'Active Directory' thing.

I know some clients have maintained credentials within ThingWorx for something like this but I don't recommend that.

You may have to explore creating a custom extension, although first check the AD Thing to see if it has services you might need.

View solution in original post

3 REPLIES 3
PaiChung
22-Sapphire I
(To:Nyandu)

Why would you want to have them put in their user name and password again?

If the user is already signed in, wouldn't just an acknowledge be sufficient, you can then record CurrentUser to be associated with what they confirm.

 

Or are you concerned that users walk away from their station and other people use their credentials to do actions?

Nyandu
5-Regular Member
(To:PaiChung)

Or are you concerned that users walk away from their station and other people use their credentials to do actions?


Exactly this and furthermore, sometimes the logged in user is not authorized to make certain actions but can get someone who is authorized and can sign off on the change without switching user.

 

It's a requirement when working with medical solutions.

PaiChung
22-Sapphire I
(To:Nyandu)

Not too sure if there is a way to do it vs. AD, because I don't think we expose a password check service in the 'Active Directory' thing.

I know some clients have maintained credentials within ThingWorx for something like this but I don't recommend that.

You may have to explore creating a custom extension, although first check the AD Thing to see if it has services you might need.

Announcements


Top Tags