Thingworx 90 SSO with Windows ADFS error

Question

I follow the document to implement Thingworx SSO https://support.ptc.com/help/identity_and_access_management/en/index.html#page/iam/ExampleAdfsIdentityProviderWindchillResourceProvider.html But when I try to loging to Thingworx . 
The ADFS server show event id 197 & 364 error.  
Does anyone know how to solve it?   
 
Thanks.++++++++++++++++++++++++++++++++++++++++++The Federation Service could not satisfy a token request because the accompanying credentials do not meet the authentication type requirement of 'urn:oasis:names:tc:SAML:2.0:ac:classes:password' for the relying party 'microsoft:identityserver:twx90'. Authentication type: Desired authentication type(s): urn:oasis:names:tc:SAML:2.0:ac:classes:password 
****************************************************************

Ciprian-Traian · Answer

Hello @tzhang11 ,

I would go over again the setup to check if there is some setting missing or misconfigured.

Have you updated and configure Tomcat to allow ThingWorx to operate in cross-domain environments.

There is an article with more details about it https://www.ptc.com/en/support/article/CS318637

Does the SSO Application Endpoint URL redirect to the IdP ?

Do you have enabled SSO from platform-settings.json ?

In the Mapping of LDAP attributes to outgoing claim types table, have you selected the values from the lists to map the ADFS attributes to the Active Directory attributes ?
If you do not map these attributes correctly, single sign-on will not work
https://support.ptc.com/help/identity_and_access_management/en/index.html#page/iam/ExampleAdfsIdentityProviderWindchillResourceProvider.html

Hope it helps,

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded