• Spaces
  • Collections
  • Help
    • ×
     
     
    •  
    BMC Helix Single Sign-On 22.1

    Page tree

     

    This documentation supports the 22.1 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS). 

    To view an earlier version, select the version from the Product version menu.

    End user sessions are automatically invalidated when the maximum time set for the session elapses. As a BMC Helix Single Sign-On administrator, you can set the end user session maximum time, and when required, invalidate the sessions before they elapse.

    For example, you might need to invalidate a session if you have previously set a long period of time as the maximum time for the session, and during this time an end user leaves an organization.

    If you have applications which act as OAuth clients and interact with BMC Helix SSO, the end user sessions token might be valid during a long period of time, and you might also need to invalidate sessions.

    When you invalidate an end user session on the BMC Helix SSO server, the user is not immediately logged out from the integrated applications. The user will be asked to log in on opening an application integrated with BMC Helix SSO in another browser. The time duration when the user continues to be logged in depends on the logout settings of the BMC Helix SSO agent. 

    Related topics

    Configuring the BMC Helix SSO server

    Configuring OAuth 2.0

    Configuring the BMC Helix SSO agent

    To view session details

    Perform the following steps to view the session details:

    1. Log in to the BMC Helix SSO Admin Console.

    2. Click the Session tab.

    3. In the Search field, enter the user or realm ID for which you want to view the session details.
      The system displays the following information:

      Field

      Description

      User IDUser ID associated with the session.
      RealmRealm ID associated with the session.
      Time RemainingTime remaining for the session.
      Maximum Session TimeTime that was associated for the session.
    4. (Optional) To invalidate/kill a user session, click Delete in the Action column, for the required session.

    To invalidate an end user session for AR authentication

    1. Log in to the BMC Helix SSO Admin Console.

    2. From the menu, click Session.

    3. On the Session Report page, locate the required session.
    4. Click Delete in the Action column.

    To invalidate an end user session for OAuth authentication

    1. Log in to the BMC Helix SSO Admin Console.

    2. From the menu, click OAuth2.

    3. On the Server Configuration page, click the Tokens tab.
    4. Locate the required token.
    5. Click Delete in the Action column.
    © Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.