This documentation supports the 22.1 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS).
To view an earlier version, select the version from the Product version menu.
To set the cookie domain
If your ITSM and BMC Helix Digital Workplace applications are available on itsm.yourcompany.com and dwp.yourcompany.com, and BMC Helix SSO is on sso.yourcompany.com, then the cookie domain must be set to sso.yourcompany.com.
- In the BMC Helix SSO Admin Console, select General > Basic.
In the Cookie Domain field, enter the cookie domain value.
Important
The cookie domain value must contain a dot (".").
Ensure that the value is correct because a wrong value can cause a redirection loop.
- Click Save.
To prevent BMC Helix SSO cookie sharing between different applications hosted on a single domain
- Log in to the BMC Helix SSO Admin Console as a SaaS administrator.
- On the navigation panel, click Tenant, and edit the existing tenant or create a new one.
- In the section to the right, select the Path-specific session cookie check box.
- Click Save.
For more information, see Setting up tenants.
To configure the maximum session time for end users
- In the BMC Helix SSO Admin Console, select General > Basic.
In the Max Session Time field, set the time after which the user session should expire.
By default, the session timeout is set as 4 hours. When this value is selected, time constraints are automatically enforced.Click Save.
To configure the log level for the BMC Helix SSO server
- In the BMC Helix SSO Admin Console, select General > Basic.
From the Server Log Level list, select a severity level for logging messages.
Important
The DEBUG level affects the BMC Helix SSO server performance.
Click Save.
To set the cookie name
If you configure BMC Helix SSO across multiple staged environments within the same domain, you must specify a unique cookie name for each environment. For example, if you have four environments (DEV, QA, STAGING, and PRODUCTION), each group of applications within the same domain must have the environment's unique cookie name.
- In the BMC Helix SSO Admin Console, select General > Advanced.
In the Cookie Name field, enter a unique value.
Click Save.
To manage the cookie security for end users
For end users, the secure cookie is disabled by default. To enable the secure cookie:
- In the BMC Helix SSO Admin Console, select General > Advanced.
- Select the Enable Secured Cookie check box.
- Click Save.
If this check box is selected, the end user cannot log in to BMC applications integrated with BMC Helix SSO without HTTPS.
To enable a secure cross site cookie
To enable a cross site cookie for a browser, perform the following steps:
- In the BMC Helix SSO Admin Console, select General > Advanced.
- Select the Enable Secured Cookie check box.
Secure cookie is by default enabled. - Select the Use Cross Site Cookie check box.
This check box is grayed out unless you enable the secure cookie. - Click Save.
To set the service URL on the BMC Helix SSO server
The service URL provides information about the location of the BMC Helix SSO server, and the BMC Helix SSO server uses the service URL to generate session tokens.
- In the BMC Helix SSO Admin Console, select General > Advanced.
- In the Service URL field, set the BMC Helix SSO service URL.
- Click Save.
To manage the cookie security for administrators
For administrators, the secure cookie is disabled by default. To enable the secure cookie:
- In the BMC Helix SSO Admin Console, select General > Advanced.
- In the Admin Cookie section, select the Secure cookie check box.
- Click Save.
If this check box is selected, the administrator cannot log in to the BMC Helix SSO Admin Console without HTTPS.
Overview
Content Tools
Apps
Reporter Replacement
com.bmc.atlassian.bmc-util-plugin-2.section.label
Tasks