Everything you need to implement ThingWorx Navigate for PLM data

Define Compliance and Security Requirements

Utilize the information below to prepare to install ThingWorx Navigate on-premises before beginning the installation. Once complete, follow the instructions to download, install, and configure your software. Work with the PTC Cloud team if ThingWorx Navigate will be deployed on the PTC-hosted cloud.

01. Define compliance and regulatory requirements

Depending on industry, compliance and regulatory guidelines may impact the project. These may include:

  • Restrictions on what you're able to do
  • Mandates on things you have to do

ThingWorx Navigate can help any organization with compliance. As an example, ThingWorx Navigate 9.3 introduced the ability to require an e-signature on any Change Management Task.

Meet with regulatory or quality assurance teams to understand restrictions or mandates specific to your industry. Document and share those requirements with the team who will be implementing ThingWorx Navigate.

02. Determine authentication and security requirements

Consider which internal personnel should have administrative rights.  These individuals will have more capabilities than other users and as an administrator can configure all tasks to retrieve and show exactly the information that users in your organization need. Tasks can be tailored individually or collectively.

ThingWorx Navigate uses Windchill’s existing security capabilities to control access to data. Decide how users will authenticate by discussing authentication with admins, IT leads, project sponsors, and stakeholders involved in security. Depending on your current IT practices, the size of the company, and other security needs, you might choose:

  • Single sign-on (SSO)
    • PTC recommends Single Sign-on authentication. Users will utilize a single login to access multiple enterprise applications. PTC supports industry SSO standards and has incorporated PingFederate as an SSO solution.
  • Windchill Authentication
    • This option uses Windchill authentication for ThingWorx. A user that opens a browser to a mashup or any ThingWorx URL is routed to Windchill for authentication. Once authenticated, the browser is routed back to the mashup or another page in ThingWorx and the user is able to access ThingWorx or the mashup as the user authenticated in Windchill.
  • Fixed Authentication (Service Account)
    • If there is a need for a quick setup for testing, or to demonstrate ThingWorx Navigate functionality, fixed authentication is a viable solution.  Fixed Authentication is not secure and should never be used in production.

The decision regarding authentication will affect project costs, timeline, and skills needed. SSO is the recommended authentication method, however, does require knowledge of Identity and access management standards.

If any system outside of Windchill, ThingWorx, and ThingWorx Navigate will be required, plan accordingly by considering a custom option.

Recommended Resources

Did you find this helpful?


Contact Us

Have a question? Submit your contact information and we’ll reach out within 1 business day. You’re never obligated to purchase or commit.