PTC customers use a variety of different methods to authenticate and manage users authorized to access deployments of PTC products (“Identity and Access Management” or “IAM”). One such method is through Single Sign-On (“SSO”), which can facilitate use of a customer’s existing Identity Provider (“IdP”). To unify and standardize IAM implementation, PTC has developed this policy, which is applicable to all SSO-enabled products, except the following (which have their own policies):
In order to integrate these IdPs with a wide range of its products, PTC has chosen to work with partner PingIdentity and integrate with PingFederate software. PTC no longer provides PingFederate product or licenses on the PTC downloads page. Beginning April 1, 2022 new PTC products entitlements will not include a PingFederate license by default. New customers choosing to use PingFederate must contract directly with PingIdentity to purchase a PingFederate license. PTC customers, who were previously entitled prior to April 1st, 2022, can still request a PingFederate license by contacting PTC Technical Support, this includes requests for license renewals. PTC Cloud customers will be provided a PingFederate license if required as part of the provided PTC offering.
The identified PingFederate architectures validated to support the SSO solution for products are identified below and are covered by this policy (see “Standard” IAM architectures). To ensure that customers have the latest version of PingFederate available, PTC will direct all customers to download the software from the PingFederate download page. Accessing software in this manner does require creation of an account with PingIdentity but it is possible to do so free of charge.
Each PTC SSO enabled product provides a support matrix that will identify the PingFederate version(s) currently supported..Support Policy
PTC will test its SSO-enabled products against specific PingFederate builds (e.g. 8.4.4 Patch 3) and support that build as well as all subsequent maintenance (third digit) and patch (fourth digit) releases of PingFederate within that minor version (e.g. 8.4.x). PTC will identify supported PingFederate builds in the system requirements page for each respective product.
Except for those hosted via PTC Cloud, customers are responsible for deploying and maintaining PingFederate software.
PingIdentity regularly releases updates to PingFederate that include both security improvements and functional bug fixes. Towards this end, PTC strongly recommends that customers continuously update to the latest build of PingFederate within a supported minor version. If, for some reason, a customer experiences a problem with a supported PingFederate release, that customer may open a technical support ticket with PTC to resolve the issue.
Due to the wide range of available IdPs and the varying levels of technical expertise and time needed to ensure their compatibility and interoperability with PingFederate, PTC will only assist in configuring and supporting a limited range of “Standard” IAM architectures. In no case will PTC process technical support tickets related solely to the functionality or installation or setup of the IdP itself (e.g. not directly involved with its interaction with SSO-enabled PTC products).
For “Standard” IAM architectures, PTC will:
For “Non-Standard” IAM architectures, PTC will:
Standard architectures include the use of: