This documentation supports the 23.3 version of BMC Helix Innovation Suite (AR System and BMC Helix Innovation Studio).

To view an earlier version, select the version from the Product version menu.

Enabling BMC Helix Single Sign-On OAuth 2.0 authentication for your application

BMC Helix Single Sign-On implements the OAuth 2.0 protocol—an industry-standard framework that enables a third-party application to obtain limited access to an HTTP service; for example, a BMC Helix Innovation Studio application. 

The OAuth 2.0 protocol authenticates in the following ways:

  • On behalf of a resource owner, orchestrates an approval interaction between the resource owner and the HTTP service
  • Allows the third-party application to obtain access by itself

As a developer, you can create configuration settings in BMC Helix Innovation Studio to enable BMC Helix Single Sign-On OAuth 2.0 in your application. The administrator must contact BMC Support to configure BMC Helix Single Sign-On OAuth resource server name, client ID, and client secret in the In-bundle settings created by the developer.

This topic describes the steps to create the configuration settings to enable BMC Helix Single Sign-On OAuth.

Related topics

Creating configurations for your Digital Service application

Configuring OAuth 2.0 Open link

Process of creating and adding BMC Helix Single Sign-On OAuth 2.0 settings in an application

The following image shows the process of creating and adding BMC Helix Single Sign-On OAuth 2.0 settings in an application:

The following section describes the steps to create In-bundle settings and add them to the application's Java code. 

To create In-bundle settings for BMC Helix Single Sign-On OAuth configuration

  1. Log in to BMC Helix Innovation Studio and click the Workspace tab.
  2. Select the application for which you want to enable BMC Helix Single Sign-On OAuth. 
  3. Click the Configurations tab. 
  4. Select New > In-bundle settings
  5. In the New In-bundle settings window, specify the following properties:

    PropertyDescription
    Component name

    Enter the configuration name.

    The name is displayed in the Configurations tab in your bundle's Workspace; for example, OAuth Configuration

    View

    Select the view that you want to open for this setting.

    Enable access from

    Specify whether you want to show the configuration in the application, or in BMC Helix Innovation Studio, or both.

    Component label

    Specify a unique label for the configuration.
    The label you provide appears as a setting on the Administration tab.

    Permissions

    Select the roles and groups that can access the setting. 

    You can add permissions to groups or application roles. You can select roles from multiple applications deployed on the system.

    First menu

    Enter the name of the top-level navigation menu that is displayed in the Settings menu.

    If multiple settings use the same name for First Menu, all those settings appear under the same navigation item.

    Second menu

    Enter the name of the second level navigation item that is displayed in the left navigation of the Settings menu.

    If left blank, no second-level item will appear. If multiple settings use the same name for Second menu, all those settings appear under the same navigation item.

  6. Click Save.

To add the BMC Helix Single Sign-On OAuth In-bundle setting in custom code

After creating the In-bundle setting for BMC Helix Single Sign-On OAuth, you must use the Setting name in your application's custom service action code. 

  1. Open the application's custom service action code.
  2. After the @Action and @Action Parameter section,  add the following code and save:

    if (ServiceLocator.getOAuthService().isOAuthConfigured(                 
    <ConfigurationName>)) {              
    String token = ServiceLocator.getOAuthService().getAccessToken(                      
    <ConfigurationName>,                      
    false); 

After the developer deploys the application, the BMC Helix Single Sign-On OAuth In-bundle setting is displayed in the BMC Helix Innovation Studio Administration tab and the application's Settings tab as shown in the following image:

The administrator must configure the application URL and contact BMC Support to configure the Resource Server, Client ID, and Client Secret. 

Was this page helpful? Yes No Submitting... Thank you

Comments