Removing instance credentials while accessing mash...

PM15 · ‎Jan 31, 2019

In our application, we have not made use of the Organization, nor added any user or user groups in Composer.
We have created our own database that stores custom username and password, based on those details the customer can log in and view different home page based on what credentials has been entered in the login screen.
We are facing issue with the composer login dialog box that pops up when our customers want to log in to the application that we have developed. We don’t want that to appear, instead our application URL must just redirect to the login mashup that we developed and the customers must be able to log in and proceed like they would in any other given application. P.S. We do not want to control access of Composer to users other than administrator.

CarlesColl · ‎Jan 31, 2019

You should read the Security section of documentation: http://support.ptc.com/help/thingworx_hc/thingworx_7_hc/#page/ThingWorx_Help_Center%2FThingWorxHelpCenterDITAFiles%2FSecurity%2FSecurity.html%23

you have all you need there.

PM15 · ‎Jan 31, 2019

Thanks for your quick response.
We built our application on Thingworx version 8.3.2
I wanted to know --Is there any way to access the mashups created, without the Thingworx instance credentials. Whenever we access the composer it asks for its credentials i.e Username and Password. I need to access the created Mashup locally or from other machines without using these credentials, basically whenever we try to access any mashup then it asks these credentials details. Related Screenshot attached in the query posted previously.
Like for any application, we just access the URL, say for example ptcu.com and then just enter our credentials to log in and proceed. It doesn't ask for any Thingworx composer credentials, similarly we do not want the composer log in dialog box appearing whenever our customers access our application URL from their systems.
We Can’t use organisation in our application as we have custom built login screen. We have also tried using Application Key .i.e passing appkey in the URL of the REST API call of the mashup but that also asks for the credentials for the first time. We just need to get the composer log in pop up removed as we cannot share composer log in details to customers

The issue is not related to giving access of Thingworx composer to different users, so creating users wont help.

CarlesColl · ‎Jan 31, 2019

You are talking about a SSO alike experience. And that's whats for the URL I've already shared (for version 8.X: http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FSecurity%2FSecurity.html%23 ).

For instance to implement SSO:

Authenticadors/Single Sign-on Authenticator: : http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FSecurity%2FAuthenticators%2FTwxSSOAuthenticator.html%23
Single SIgn-on Authentication: http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FSecurity%2FSSO%2FSingleSignOnAuthentication.html%23

You can also do a similar thing with Directory Services Authentication: http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FSecurity%2FDirectoryServicesAuthentication%2FDirectoryServicesAuthentication.html%23

That's not a straightforward answer I know, but you must understand what you are doing and how to do it right when you are talking about authentication/security. And there's different available approaches.

And it's nothing to write here like 10 lines of code.

Hope it helps.

Carles.

slangley · ‎Mar 14, 2019

Hi @PM15.

If the response provided by @CarlesColl answered your question, please mark it as the Accepted Solution for the benefit of others with the same question.

Regards.

--Sharon

Removing instance credentials while accessing mashups

Removing instance credentials while accessing mashups