This documentation supports the 21.3 version of BMC Helix Single Sign-On.

To view an earlier version, select the version from the Product version menu.

21.3 enhancements

Review the BMC Helix SSO 21.3 enhancements for features that will benefit your organization and to understand changes that might impact your users.

Related topics

Known and corrected issues

Release notes and notices

BMC Helix ITSM 21.3 enhancements Open link

BMC Helix Single Sign-On enhancements

Management of feature flags for tenants in the BMC Helix SSO Admin Console

You can manually enable or disable features within one tenant in the BMC Helix SSO Admin Console. The changes are applied automatically without restarting the BMC Helix SSO server. For more information, see Setting up tenants.

  • Local User Management "Confirm Registration"
  • Local User Management "Forgot Password"
  • Disable email template sanitizing
  • Webhooks on authentication response
  • UserID transformation to convert AR alias to login

Extended list of languages supported for end user pages

Starting with this release, BMC Helix SSO supports 14 new languages for end user pages. The screenshot example shows the login page of the integrated BMC application for users with the Norwegian browser language. For more information, see Supported languages and locales.

Traditional Chinese

SAML infinite sessions

As a BMC Helix Single Sign-On administrator, you can define group of users who are eligible for infinite sessions. Once configured, such a session will remain active for a user from the specific group for a set period of time. The names of a group must coincide with the group specified in the XPath. The option is available for the SAML Authentication type. For more information, see Configuring infinite user sessions.

OpenID Connect infinite sessions

The infinite sessions allow users to keep the session active for a set period of time. By specifying the name of the claim in the id_token that contains the user's group and by matching it with a value in the Infinite session group, BMC Helix Single Sign-On receives the name of a user for which the auto-refreshable session will be configured. For more information, see Configuring infinite user sessions.

Self-service configuration for BMC Helix SSO Tenant administrator

A self service configuration allows Tenant Administrators to perform administrative operations available in BMC Helix SSO autonomously. For more information, see Self-service configuration for BMC Helix SSO Tenant administrator.

What else changed in this release

In this release, note the following significant changes in the product behavior:


Product behavior in versions earlier than 21.3

Product behavior in version 21.3 and later

Feature flags for local user password policy, reCAPTCHA, and spEL transformation.The LUM_PASSWORD_POLICY, CAPTCHA, and EL_TRANSFORMATION features could be disabled.

The LUM_PASSWORD_POLICY, CAPTCHA, and EL_TRANSFORMATION features are enabled by default and cannot be disabled.

Was this page helpful? Yes No Submitting... Thank you