In the left navigation panel of the Add Realm or Edit Realm page, click Authentication.
From the Authentication Type list, select PREAUTH.
In the User ID field, enter the name of the JWT entry to be used for user identification.
Important
Because a JWT is generated and provided by a third-party system, the name of the claim containing the User ID is arbitrary. Consult the documentation of your third-party product to find out the actual JWT claim name containing the User ID value used for integration.
In the Certificate field, copy the certificate of the server that signs the JWT.
Important
The certificate must be in Privacy Enhanced Mail (PEM) format.
proto://hostname:port - Allowed for exact match host:port.
For information about cross launching, see Enabling cross launch for applications integrated with different BMC Helix SSO servers.
Click Save.
After you have configured a realm for preauthentication, you must configure the BMC Helix SSO agent to expect JWT by GET
or POST
method. For more information, see Configuring the BMC Helix SSO agent.
Add Comment