The BMC Helix Innovation Suite product is now renamed to BMC Helix Platform. To view the latest documentation, see BMC Helix Platform.

If you have bookmarked these pages, you should update them with the new links.

Enabling Remedy SSO OAuth 2.0 authentication for your application

Remedy Single Sign-On (RSSO) implements OAuth 2.0 protocol—an industry standard framework that enables a third-party application to obtain limited access to an HTTP service, for example, an BMC Helix Innovation Suite application. The OAuth 2.0 protocol authenticates either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.

As a developer, you can create configuration settings in BMC Helix Innovation Suite to enable RSSO OAuth 2.0 in your application. An administrator configures the RSSO OAuth resource server name, client ID, and client secret in the In-bundle settings created by the developer.

This topic describes the steps to create the configuration settings to enable RSSO OAuth.

Process of creating and adding RSSO OAuth 2.0 settings in an application

The following section describes the steps to create In-bundle settings and add them to the application's Java code. 

To create In-bundle settings for RSSO OAuth configuration

  1. Log in to BMC Helix Innovation Studio and navigate to the Workspace tab.
  2. Select the application for which you want to enable RSSO OAuth. 
  3. Click the Configurations tab. 
  4. Select New > In-bundle Settings

  5. In the New In-bundle Settings window, specify the following properties for the setting:

    Property Description
    Component Name Enter the configuration name. The name is displayed in the Configurations tab in your bundle's Workspace. Example: OAuth Configuration
    Is View Component Do not select this option.
    Registered Module Name Select oauth-configuration
    Status Select this option to indicate that this is an active setting.
    Available as Navigation Sidebar Select this option so that the setting is displayed in your application.
    Show In

    Select Both. The configuration setting is available in the application's Settings menu and the Administration tab of BMC Helix Innovation Studio.

    Permissions Select the roles and groups that can access the setting. You can add permissions to groups or application roles. You can select roles from multiple applications deployed on the system.
    First Menu Enter the name of the top level navigation menu that is displayed in the Settings menu. If multiple settings use the same name for First Menu, then all those settings appear under the same navigation item.
    Second Menu Enter the name of the second level navigation item that is displayed in the left hand navigation of the Settings menu. If left blank, no second level item will appear. If multiple settings use the same name for Second Menu, then all those settings appear under the same navigation item.
  6. Click Save.

To add the RSSO OAuth In-bundle setting in custom code

After creating the In-bundle setting for RSSO OAuth, you must use the Setting name in your application's custom service action code. 

  1. Open the application's custom service action code.
  2. After the @Action and @Action Parameter section,  add the folliowing code and save:

    if (ServiceLocator.getOAuthService().isOAuthConfigured(                 
    <ConfigurationName>)) {              
    String token = ServiceLocator.getOAuthService().getAccessToken(                      

After the developer deploys the application, the RSSO OAuth In-bundle setting is displayed in the BMC Helix Innovation Studio Administration tab and the application's Settings tab as shown in the following example:

An administrator adds the RSSO OAuth details to enable RSSO OAuth for an application. 

Related topics

Creating configurations for your Digital Service application

Configuring OAuth 2.0 authentication

Was this page helpful? Yes No Submitting... Thank you


  1. Aaditi Lakade

    We had received the following comment on this topic: "What is the application's custom service action code? Where do I find this?"

    Our reply: Your application will have the custom service action code only if you have created custom actions.

    Dec 06, 2018 12:34