This documentation supports the 21.3 version of Action Request System.

To view an earlier version, select the version from the Product version menu.

Facilitating application access to users having different email domains

Important

The features and enhancements in this topic are under controlled availability to select customers.

Allow multiple users with different email domains and authentication mechanisms to access the same application URL by enabling multiple service providers (MSP) based on BMC Helix Single Sign-On (SSO) authentication system.

MSP incorporates a robust authentication mechanism, ensuring exclusive and secure access to the application.

Related topic

Configuring realm identification for multiple service providers Open link in BMC Helix Single Sign-On documentation

To enable the MSP feature in your environment, you must have a dedicated tenant on BMC Helix Single Sign-On version 23.x or later. For smooth operation of MSP, you need to share the information about configuring authorization patterns in your environment.

For information about logging and troubleshooting, contact BMC support Open link .


Scenario: Enabling BMC Helix SSO based MSP at Apex Global

To resolve employees IT access related queries, Apex Global maintains an IT helpdesk. Employees from different departments such as R&D, HR, and finance access the IT helpdesk to resolve their IT access and operation-related queries.

Seth, the administrator at Apex Global has enabled MSP in their environment.

This feature helps users from different departments get an exclusive and secure access to IT helpdesk because they can access it with their exclusive email IDs and get authenticated with specific authentication mechanism; for example, Mary@hr.apexglobal.com, Ajay@fin.apexgloabl.com.



Benefits of enabling MSP

Enabling MSP in your environment provides with the following benefits:

  • Optimize access with an exclusive URL for the same application.
  • Secure access to an application through a robust authentication mechanism.


Workflow to enable MSP in your environment

The following table describes a simple workflow to enable MSP in your environment:

TaskAction

Reference in BMC Helix Single Sign-On documentation

1

Make sure that you have a dedicated tenant on  BMC Helix Single Sign-On version 23.x or later


Setting up tenants Open link  

2Share your requirements about configuring authorization patterns with BMC Software

To activate the MSP functionality for a tenant Open link  


3Configure custom headers for the OAuth 2.0 client

Configure custom header Open link  



Example

Consider this scenario at Apex Global. Mary, an HR executive accesses the IT helpdesk to raise a change request to replace her headset. 

  1. Mary logs in to the IT helpdesk application with her email ID, Mary@hr.apexglobal.com. The following login screen asking for user authorization is displayed:
    Here, Mary enters the user name for authorization.



  2. After the authorization is successful, she is redirected to the following IT helpdesk application login screen asking for the application login credentials for authentication:



  3. Mary logs into the application. The following screenshot shows the access to the application:




Was this page helpful? Yes No Submitting... Thank you

Comments