This documentation supports the 20.08 version of Remedy Single Sign-On, which is available only to BMC Helix subscribers (SaaS).

To view an earlier version, select the version from the Product version menu.

OpenID Connect authentication

Remedy Single Sign-On provides the OpenID Connect authentication method which is built on top of the OAuth 2.0 protocol. Clients use the OpenID Connect authentication to check the identity of users. The identification is based on the authentication done at the authorization server.

OpenID Connect authentication flow

OpenID Connect authentication involves the following processes:

  1. The registered client (Remedy SSO) sends the authorization request to the OpenID Connect provider.
  2. The OpenID Connect provider authenticates the end user and redirects the authorization code to Remedy SSO.
  3. Remedy SSO sends a request with the authorization code to get the access token from the OpenID Connect provider.
  4. Remedy SSO forwards the access token to the OpenID Connect provider and requests for information about the end user.
  5. The OpenID Connect provider forwards information about the end user to Remedy SSO.
  6. Remedy SSO creates a user session.
Was this page helpful? Yes No Submitting... Thank you