cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Want the oppurtunity to discuss enhancements to PTC products? Join a working group! X

Windchill SSO (OpenID Connect) with PingFederate as AS

ME_9656257
2-Guest
2-Guest
‎Jun 23, 2021 07:13 AM
‎Jun 23, 2021 07:13 AM

Windchill SSO (OpenID Connect) with PingFederate as AS

Hi everyone,

We have configured the SSO (PingFederate) solution with Windchill PDMLink 11.1 using OpenID Connect protocol (OIDC). We have enabled it at Apache (version 2.4) level by protecting all the resources with the mod_auth_oidc module on RHEL7 server.


All works fine, we have succeeded to login to Windchill application, DTI, and CAD tools with SSO but we are not able to call Web Services REST (OData and customized endpoints) and SOAP (Info*Engine) as before with basic authentication. We tried also to call the Web Services APIs with an access_token following the OpenID Connect flows (like client_credentials and password) but it did not work, the response is always the SSO authentication web page that means the user interaction is required for this process.

 

Another point, how to allow administrators users (like wcadmin) to access Windchill without SSO?

Does anyone accomplished this before or have any suggestions to solve those problems?

 

Thanks in advance.

Labels:
0 Kudos
Notify Moderator
1 REPLY 1
SS_10109560
1-Newbie
1-Newbie
(To:ME_9656257)
‎Jul 21, 2022 07:44 PM
‎Jul 21, 2022 07:44 PM

Hi,

 

We are using same set up OIDC on windchill 11.1. SSO works for windchill, but it fails while registering the cad worker and it shows the remote_user name is set as none when trying to publish file.

 

Do you have any idea how to set login name for creo worker request? 

We tried to set auth.propeties 

auth = $USER

 

Still it fails.

0 Kudos
Notify Moderator
Top Tags