We have Windchill PDM Link 13.0.2.4. At the moment we went with the simple PTC supported solution with Shibboleth and Microsoft Entra.

It seems to work fine during testing. We would need just to manage the Windchill users like wcadmin or other accounts created. 

Hi,

Are you using ProjectLink with external users? How you configured your workers for SSO as TrustedHost is not supported by PTC. If you can give some insight, that will be great

Best Regards

PR

Hi @plmcore 

It is an apache issue.

In the apache configuration you have to configure the apache to use a basic authentication for the the incoming requests based on some rule.for example server IP ... 

PetrH 

Hi,

Could you please clarify a little more details.. We have project link external users and they don't have any AD entry. We would like to enable SSO across windchill and thingworx including the worker. We do not want to use basic authentication as it is a risk

I am talking about the basic auth and how to configure it to use parallelly with SSO.

You want to use SSO. so it is different issue.

PetrH

CS372501 is no longer customer visible (not sure why) but it described a way to allow Basic login in conjunction with SSO. I tried it and it worked but broke Navigate so I dropped it. I ended up just creating accounts in Microsoft for wcadmin and the others to use SSO. If you use private browsing mode, you can manually login as those accounts. 

Agreed on this.

Hi,

Project Link users are external users and will join using email id and they don't have any corporate AD entries. So we are not able to configure with corporate AD. As now we are creating them as windchill specific LDAP as local user. So sso will not work for them