This documentation supports the 20.02 version of Remedy Single Sign-On.

To view an earlier version, select the version from the Product version menu.

Enabling cross launch for applications integrated with different Remedy SSO servers

As a Remedy Single Sign-On administrator, you can use the cross launch functionality to enable single sign-on experience between applications that do not share the same Remedy SSO server and are deployed in different domains. The target application in this case is integrated with a Remedy SSO server, and the source application either can be a part of some third-party solution or can be integrated with another Remedy SSO server.  For more information about these deployment use cases, see Deployment scenarios.


Before you begin

Before you can enable cross launch for applications not integrated with the same Remedy SSO server, verify that the following prerequisites are met:

  • If the source application is integrated with a Remedy SSO server, it must not be the same server as integrated with the target application.     
  • The source application must use an iframe to cross launch the target application. 
  • To cross launch a target application, the source application must be able to construct a URL in the following format:
    <protocol>:<target_rsso_host>:<target_rsso_port>/rsso/cross-sso?goto=<target_app_url>#jwt=<jwt>
  • The public certificate for Java Web Token (JWT) validation must be available to the target Remedy SSO server.

    Remedy SSO does not provide a mechanism for generating a JWT along with private and public signing keypair. 

To enable cross launch for applications that do not share the same Remedy SSO server

  1. Configure preauthentication for Remedy SSO which is integrated with the target application. For instructions, see Configuring preauthentication.
  2. (Optional) If the source application is integrated with a Remedy SSO, configure any authentication for the Remedy SSO. For information about how to do this, see Setting up end user authentication.

    Note

    Remedy SSO relies on cookies to enable your users to seamlessly access all integrated applications. As browsers implement changes to their default SameSite attributes, cross-site cookies will not be sent by default. As a result, your users will be prevented from accessing your applications. To continue using Remedy SSO with newer browser versions, you must enable the Use Cross Site Cookie option in the Advanced settings of the Remedy SSO server integrated with the target application. For more information about this setting, see Configuring settings for the Remedy SSO server.

    You also need to enable this setting if you are using an earlier version of browsers that allow users to check the SameSite attributes.

    Some builds of Internet Explorer 11 do not support the SameSite attributes.

To verify the single sign-on experience for a cross-launched application

  1. Log in to the source application, and click the link to the target application.
    The target application is displayed.
  2. If you encounter any errors, review Troubleshooting authentication issues.
Was this page helpful? Yes No Submitting... Thank you

Comments