Review the Remedy Single Sign-On 20.08 enhancements for features that will benefit your organization and to understand changes that might impact your users.
Remedy Single Sign-On enhancements
Password complexity requirements for Remedy Single Sign-On local administrators
The password complexity requirements have been introduced for Remedy SSO local administrators. For information about the password complexity requirements, see Setting up Remedy SSO administrator accounts.
Signing hash algorithm for SAML realm
In previous releases, SAML authentication by default supported a single SHA1 hash algorithm. Starting with this release, SHA1 and SHA256 are supported. As a Remedy SSO administrator, you must specify which hash algorithm is used for a realm to sign requests or metadata with SAML authentication. You must specify the Signing Algorithm field by selecting a hash algorithm type and key type. For more information about this setting, see Importing configuration from an identity provider and configuring SAML.
Support to log audit records of end users
As a Remedy SSO administrator, you can enable auditing of actions performed by end users in the Remedy SSO Admin Console. For information about how to enable auditing of end-user actions, see Configuring settings for Remedy SSO administrators. For information about audit record types, see Reviewing audit records. You can also view the audit records related to one session.
Retention policy for audit logs
Starting with this release, the default retention policy for audit logs is 120 days. As a Remedy SSO administrator, you can configure the retention policy for audit logs from the SaaS tenant. In previous releases, the retention policy for audit logs was by default set to 30 days, and it could not be modified. For more information about this features, see Configuring settings for Remedy SSO administrators.
Support for the OpenID Connect logout in Remedy Single Sign-OnNew configuration options have been added for OpenID Connect logout in Remedy SSO. For more information about how to configure OpenID Connect authentication, see Configuring OpenID Connect authentication.
Specify a custom UserID to match the login ID
Starting with this release, you can add a custom expression in Remedy SSO for user login transformation. The option is based on Spring Expression Language (SpEL) statement that transforms the login. The value of the login is available in the
#userId variable. For more information about a custom user ID, see Transforming User ID to match Login ID.
Interactive self-help enabled by default
In earlier releases, interactive self-help was disabled by default. In this version, guided assistance is enabled by default. For information about how to change the default behavior, see Configuring settings for Remedy SSO administrators.
What else changed in this release
In this release, note the following significant changes in the product behavior:
Product behavior in versions earlier than 20.08
Product behavior in version 20.08
Enhanced security for data stored in Remedy SSO
MD5 and SHA1 hashing algorithms were used for Remedy SSO data.
More secure algorithms AES256 and SHA512 are used for data stored in Remedy SSO.