×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

 

This documentation supports the 22.4 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS). 

To view an earlier version, select the version from the Product version menu.

BMC

BMC Helix Single Sign-On 22.4

All versions
With BMC Helix Single Sign-On, your end users can present credentials for authentication only once in a multi software environment. Administrators enable single sign-on experience for applications, configure authentication methods, and review audit records.

Release notes and notices
updated 27 Feb

Learn what’s new or changed for BMC Helix Single Sign-On 22.4, including new features, urgent issues, documentation updates, and fixes or patches.

Tip

To stay informed of changes to this list, click the icon on top of this page.

Related topics

Known and corrected issues

Support information

Date

Summary

Reference

December 9, 2022

Issues that were corrected by 22.4: Patch 2 and issues that remain open

22.4 enhancements and patches

November 14, 2022

Updates available in 22.4 patch 1:

  • Configurable idle timeout settings
  • Support of idle timeout for the BMC Helix SSO agent
  • Removed interactive self-help from the BMC Helix SSO UI

22.4 enhancements and patches

October 10, 2022

Enhancements available in this release:

  • UI idle timeout for integrated BMC applications

  • Customize webhooks payload for SAML 2.0

  • Сustom attributes for the userinfo endpoint

  • Administrator session saved after a brute force attack
  • BMC Helix SSO experience enabled by default

  • TCP connection verification of an integrated application

22.4 enhancements and patches

Tip

Ready-made PDFs are available on the PDFs page. You can also create a custom PDF.

The BMC Documentation portal gives you the ability to generate PDF and Microsoft Word documents of single pages, and to create PDF exports of multiple pages in a space.  

Creating PDF and Word exports

You can create a PDF of a page or a set of pages. (Non-English page exports are not supported.) You can also create a Word document of the current page.

To export to PDF or Word

  1. From the Tools menu in the upper-right, select a format:
    • Export to Word to export the current page to Word format
    • Export to PDF to export the current page or a set of pages to PDF
  2. If exporting to PDF, select what you want to export:
    • Only this page to export the current page
    • This page and its children to export a set of pages
    For example, selecting This page and its children from the home page exports the entire space to PDF.



Getting started

 

Setting up BMC Helix SSO administrator accounts

 

Manage user accounts who will have access to BMC Helix SSO.

Configuring the BMC Helix SSO server

 

Configure the maximum session time for end users, enable the account lockout for administrators and audit records.

Setting up end user authentication

 

Configure authentication of end users through a specified authentication method.

Administering

 

Set up administrator accounts, activate tenants, and secure sensitive data.

Troubleshooting

 

Resolve common issues or errors, review logs, or contact BMC Customer Support.


Product trials

Product trials


Communities

Communities


Knowledge Base

Knowledge Base


Videos

Videos


PDFs and videos

This topic describes and links to PDFs, videos and other documents that support this product release. If the ready-made PDFs of this space do not satisfy your requirements, you can export a custom PDF.

Info

When you export a custom PDF, you can select the topics to include. For information about how you can export a custom PDF from this space, see Exporting to PDF and other formats.

Ready-made PDFs of this space

or register to view the contents of this page.

Videos

The following table lists topics that contain videos that supplement or replace the text-based documentation.

 
Frequently asked questions

Here are some answers to the most frequently asked questions about the BMC Helix Single Sign-On product.

Related topics

Troubleshooting

Frequently asked questions about BMC Helix Single Sign-On


Identity providers do not automatically notify BMC Helix SSO about the password change. Hence, an end user's BMC Helix SSO session remains active until it expires, and is not revoked after password change on IdP. To force the logoff, and receive the request for entering a new password, an end user needs to ask a BMC Helix SSO administrator to delete all active sessions/OAuth of this end user.

You can change your password in the BMC Helix SSO Admin Console, in the Admin User Management. To change your password, select your user account name, and then edit your password as required. See Setting up BMC Helix SSO administrator accounts for more details about how to change the password of an administrator.

You can obtain the BMC Helix SSO server version information through the <RSSO Server>/config/server-status URL. You must be authenticated as a BMC Helix SSO administrator before that.

Yes, you can do this.

If the OpenID Issuer URL is configured for the OAuth 2.0, developers of third-party applications can retrieve the OAuth metadata from the BMC Helix SSO server by using the following autodiscovery URL: RSSO_host:RSSO_port/rsso/.well-known/openid-configuration.

Running this request in the browser window returns details about the OpenID Connect provider's configuration, including the URIs of the authorization, token, revocation, userinfo, and public-keys endpoints.

Multi-factor authentication is not implemented on the BMC Helix SSO side. BMC Helix SSO only supports scenarios where the Identity Provider that is configured in BMC Helix SSO for authentication has configured multi-factor authentication.

For example, if your application is integrated with the BMC Helix SSO server that is configured to use the SAML protocol to authenticate users accessing an application, then for the end users to pass the authentication flow, multi-factor authentication must be enabled and configured on the SAML Identity Provider.

Yes.

You can enable audit records for end-user events in the BMC Helix SSO Admin Console > General > Advanced > select the End-user events check box.

Frequently asked questions about the idle timeout


If the idle timeout value is reached, logout happens anyways.

If the UI idle timeout BMC Helix SSO script does not work for at least one of the applications, the idle timeout does not work for all of the applications. 

In version 22.4, the UI idle timeout feature can be enabled only for BMC applications that communicate with BMC Helix SSO through Auth Proxy (external server). Starting from version 22.4.01, UI idle timeout is also supported for the BMC Helix SSO agent (embedded into the application).

A warning message is shown for an application with the least UI idle timeout value first.

Idle timeout is not applied.

A user is not logged out from all the applications, but only from the applications that reached the idle timeout value.

 

Was this page helpful? Yes No Submitting... Thank you
Last modified by Priya Shetye on Feb 27, 2024
home helix_sso sso

Comments

Log in or register to comment.

© Copyright 2013 - 2022 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.