As a SaaS administrator, you can create and fully manage other SaaS administrators, tenant administrators, and tenants in BMC Helix Single Sign-On. Review the following concepts, and follow the links to learn more about the capabilities of the SaaS administrator in BMC Helix SSO.
The following diagram illustrates the basic actions that a SaaS administrator can perform in BMC Helix SSO:
To learn more about each task, see the following sections:
Create SaaS and tenant administrators by navigating to the Admin User tab in the BMC Helix SSO Admin Console.
For more information, see Setting up BMC Helix SSO administrator accounts.
You can configure the following authentication methods for a realm on the BMC Helix SSO server:
For more information, see Configuring authentication.
Configure the BMC Helix SSO server settings such as log level, maximum session time for end users and administrators, lockout functionality, or retention policy. For example, you can disable interactive self-help for administrators.
For more information, see Configuring the BMC Helix SSO server.
Add and search for local users, change local user's password, add groups (roles) to a realm, or add users to or remove users from a role.
For more information, see Managing local users and passwords.
By default, the Audit tab shows all logged administrator, end-user actions, or actions of both for the last day. You can filter audit data by a certain date.
For more information, see Reviewing audit records.
Internal authentication is configured as the default method for logging in to the BMC Helix SSO Admin Console. Only administrators created on the BMC Helix SSO server by default can log in to the BMC Helix SSO Admin Console. You can use any external LDAP as an identity provider for BMC Helix SSO administrator accounts.
For more information, see Configuring authentication for BMC Helix SSO administrators.
After you have mastered the SaaS administration tasks, explore the following features: