...
| Table of Contents | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
The instructions that follow assume that the IdP is Ping Federate. This assumption is made because Ping Federate is the only IdP for which PTC provides installation guidance.
...
Part 1 - Install and Configure Ping Federate as the IdP for Windchill
...
Note: The “Device Code" OAuth grant type is based on specific users and not on just a known single specific application-client to enforce the user-specific permissions and access controls as they connect to Windchill from the same specific application-client (“Syndeia”).
...
Be informed that Intercax selected a Device Code Grant Flow has been chosen both for its industry support, for high user “user ability”, and for cybersecurity controls - it is the only Grant Flow which supports offers authentication for both users using web browsers and for scripts making API calls while assuring that all such service requests are traced directly to the specific user making those requests and not to a single “application” identity or to a some “digital service account”.
...
Configure the Syndeia Cloud windchill-impl application
Log into the Syndeia Service
Code Block ssh MySyndeiaServer.company.comAlter its Windchill conf/application.conf according to the expansion region below this list
Code Block cd /opt/icx/syndeia-cloud-current/windchill-impl*/conf && sudo vi application.conf(see file below, edit, then exit vi with
:wq)
Restart the Syndeia Windchill microservice
sudo systemctl restart sc-windchill
Restart the Syndeia Web Gateway microservice
sudo systemctl restart sc-webgateway
...