• Spaces
  • People
  • Help
    • BMC Support Central BMC Community BMC.com
    ×
    BMC Helix Single Sign-On 22.1

    Page tree

     

    This documentation supports the 22.1 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS). 

    To view an earlier version, select the version from the Product version menu.


    This section contains information about configuring BMC Helix SSO for various authentication types, and other administrative tasks such as configuring branding details or viewing user sessions.

     

    Related topics

    Roles and permissions

    Administering tasks for BMC Helix SSO subscribers

    The following task applies to you if you have the permissions of a tenant administrator on the BMC Helix SSO server: 

    TaskReference
    Create, edit and delete users and groups for realms with local authentication type

    Managing local users and passwords

    Administering tasks for BMC Helix SSO on-premises users

    The following tasks apply to you if you have the permissions of a SaaS administrator in the BMC Helix SSO Admin Console: 

    TaskReference

    Create internal administrators (SaaS administrators and tenant administrators) with access to the BMC Helix SSO Admin Console.

    		Setting up BMC Helix SSO administrator accounts

    Set up multiple tenants on the BMC Helix SSO server.

    		Activating tenants

    Configure the following settings on the BMC Helix SSO server:

    • General settings—cookie domain, session settings, and server logging
    • Advanced settingscookie name, service URL, and service provider options for SAML authentication
    • Admin authentication settings—Enable authentication for internal administrator users, and configure access to BMC Helix SSO Admin Console for users from an external LDAP directory.
    		Configuring the BMC Helix SSO server

    Configure BMC Helix SSO for end user authentication:

    • Add and configure authentication for realms
    • Enable AR authentication for bypass
    • Enable BMC Helix SSO to authenticate applications in iframes
    • Rebrand the BMC Helix SSO end user login page
    • Set up the user ID transformation
    • Enable and configure authentication chains for a realm
    		Setting up end user authentication
    Create, edit and delete users and groups for realms with local authentication type.

    Managing local users and passwords

    Configure OAuth 2.0 protocol for one or more of the following tasks:

    • Register OAuth 2.0 native client applications
    • Register OAuth 2.0 non-native client applications
    • Set up token timeout for client applications
    • Generate JWKs for OAuth 2.0 flow
    • View and delete tokens of active user sessions
    		Configuring OAuth 2.0









    Configure the start page for applications protected by BMC Helix SSO.

    		Adding applications to the Digital Service Management page

    Create a backup of the BMC Helix SSO server before upgrade.

    Restore the BMC Helix SSO configuration from backup.

    		Exporting and importing BMC Helix SSO server configuration
    Kill end users sessions.Invalidating and configuring end user sessions

    View audit records for actions performed by all BMC Helix SSO administrators.

    		Reviewing audit records



    © Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.