• Spaces
  • People
  • Help
    • BMC Support Central BMC Community BMC.com
    ×
    BMC Helix Single Sign-On 22.1

    Page tree

     

    This documentation supports the 22.1 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS). 

    To view an earlier version, select the version from the Product version menu.

    BMC Helix Single Sign-On is designed to authenticate users via identity providers which store all user related data, such as usernames and passwords. Hence, users can change their password on an identity provider (IdP) side. 

    By design, identity providers do not automatically notify BMC Helix SSO about the password change. Hence, an end user's BMC Helix SSO session remains active until it expires, and is not revoked after password change on IdP. To force the logoff, and receive the request for entering a new password, an end user needs to ask a BMC Helix SSO administrator to delete all active sessions/OAuth of this end user.

    Related topics

    Login and logout experience for end users

    Invalidating and configuring end user sessions

    Enabling AR authentication for bypassing other authentication methods

    Password change mechanisms for AR identity provider 

    BMC Helix SSO enables end users to change their Action Request System (AR System) passwords directly in the BMC Helix SSO login page. This functionality is available only for AR authentication.

    As a BMC Helix SSO administrator, you configure whether or not end users can change passwords. The Change password link is available on the BMC Helix SSO login page, if you enable the Allow users to change passwords option for AR System authentication in BMC Helix SSO Admin Console. For more information about this option, see BMC Remedy AR System authentication process.

    End user password change scenarios

    The change password functionality supports the following scenarios:

    ScenarioProcess to change the password

    An end user tries to access an integrated BMC application (for example, BMC Helix Digital Workplace) and is redirected to the BMC Helix SSO login page.

    The user wants to change the current password and hence clicks the Change password link.

    To voluntarily change the password:

    1. In the BMC Helix SSO login page, click the Change password link.
    2. Enter your User Name.
    3. Enter your current Password.
    4. Enter the New password.
    5. Click Change and Login.
      The password is changed and the user is logged into the integrated BMC application.
    6. Contact the BMC Helix SSO administrator to invalidate your old sessions (if any).

    An end user tries to access an application (for example, BMC Helix Digital Workplace) and is redirected to the BMC Helix SSO login page.

    The user's password may have expired or the system forces the end user to change the password.

    To change the password when the system forces you to change the password:

    1. In the BMC Helix SSO login page, enter your credentials.
    2. Click Log In.
      The following message is displayed: Password change is required.
    3. Enter the New Password.
    4. Click Change and Log In.
      The password is changed and the user is logged into the integrated BMC application.
    5. Contact the BMC Helix SSO administrator to invalidate your old sessions (if any).

    An end user gets an email notification from AR System stating that the user's password has expired or will expire in a few days.

    The email contains an application URL with the following as the suffix: /_rsso/server/change-password. When the user accesses the URL, a page is displayed where the user changes the password.

    To change the password:

    1. Click the link in the email. 
    2. Enter the User Name in the page that is displayed.
    3. Enter the current Password.
    4. Enter the New password.
    5. Click Change.
      The password is changed and you stay on the same page. You need to click the integrated application's URL to access the application.
    6. Contact the BMC Helix SSO administrator to invalidate your old sessions (if any).

    Unsupported password change scenarios

    The change password functionality is not supported in the following scenarios:

    • When an authentication chain is implemented, the change password functionality is not available. This is true even if the authentication chain consists of more than one AR Systems as the authentication mechanism.
    • The change password functionality is not available on the reauthentication and bypassing login pages.
    • The BMC Helix SSO login page does not provide an option to reset your password.


    © Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.