×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Helix Subscriber Information ... Getting started BMC Helix services lifecycle Technical services Lifecycle Requests

Authentication integration

The authentication integration service allows customers to authenticate their BMC Helix environments by standard external authentication systems via the Security Assertion Markup Language (SAML) protocol and Open ID Connect flow.

 Security Assertion Markup Language (SAML)

The following table describes when you might use specific authentication requests. You can choose to select this service during your initial onboarding project or at a later date by submitting a case through Support Central.

Requestable offering nameWhen to use this offering type
SAML 2.0 SSO Federated Authentication RequestUse this request to authenticate your Helix environments by using your existing standard authentication systems.

Configure external authentication with one of the following customer-preferred authentication sources:

  • Security Assertion Markup Language (SAML) V2.0 using Active Directory Federation Services (ADFS) 2.0 or 3.0
  • SAML V2.0 using a third-party product (for example, Ping Identity, Shibboleth, and so on)

If you are upgrading or changing your identity provider, you must submit a Request a Change to BMC SaaS Operations through your Support Central portal.

Note

The development/tailoring, quality assurance, and production environments are all involved in the authentication process. Additional environments, if purchased, may be involved as well.

Required documentation

If you require BMC assistance for SAML-based authentication, you must submit your metadata file to BMC SaaS Operations via a support ticket. BMC will work with your technical contact to provide you with the service provider metadata that you must configure in your environment. This configuration requires active involvement with your authentication subject matter expert.

See Authentication options for a more detailed description of the available options.

OpenID Connect Authentication Flow

Add a realm for the OpenID Connect authentication and configure its general settings. Learn how to add and configure realms in Adding and configuring realms Open link .

To configure OpenID Connect authentication:

  1. Log in to the BMC Helix SSO Admin Console.

  2. In the left navigation panel of the Add Realm or Edit Realm page, click Authentication.

  3. From the Authentication Type list, select OIDC.

  4. To import OpenID Connect provider information, click Import.

  5. Complete the OpenID Connect Discovery URL or Issuer field, and click Import

    6. On the Authentication tab, configure the remaining fields:

7. Click Save.

Important

URLs to endpoints can include additional query parameters. 

Was this page helpful? Yes No Submitting... Thank you
Last modified by Dhanya Menon on Jul 21, 2023
authentication saml adfs

Comments

  1. Nevenka Missaghian

    As a BMC Helix Saas customer - I do not have access BMC Helix SSO Admin Console. But when I go to submit a Case Lifecycle request - Authentication Integration (SAML) I'm to upload an attachment. It would be helpful if BMC supplied a template that should be filled out.

    Jan 30, 2023 04:40
    1. Dhanya Menon

      Hello Nevenka,

      Thank you for your comment.

      For SAML Authentication, customers are expected to share the IdP metadata file. This IdP metadata is to be generated from their end and shared with BMC.

      Thanks,

      Dhanya

      Feb 03, 2023 12:54

Log in or register to comment.

BMC Helix Client Gateway connectivity
Database backups and restores
© Copyright 2018 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.