This documentation supports the 22.1 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS). 

To view an earlier version, select the version from the Product version menu.

Configuring SAML 2.0 authentication

As a BMC Helix Single Sign-On administrator, you can configure BMC Helix SSO server to authenticate users through SAML 2.0.

The service provider (SP) hosts and protects the services that an end user accesses. BMC Helix SSO is configured as an SP for BMC products. The identity provider (IdP) authenticates users and provides details of the authentication information to the SP. 

Related topics

SAML 2.0 authentication

Transforming userID to match login ID 

Troubleshooting authentication issues

Perform the tasks described in this section to configure BMC Helix SSO for SAML authentication:

1(Optional) If you plan to use any of the advanced functions, create an SP signing certificate.Creating and updating the SP signing certificate for SAML authentication

(Optional) Configure any of the following advanced functions for SAML authentication:

  • Sign SAML authentication requests
  • Sign SAML metadata for IdP
  • Decrypt encrypted assertions in SAML responses
Configuring advanced functions for SAML authentication
3Configure SAML authentication for your realm.Importing configuration from an identity provider and configuring SAML


Configure the identity provider for SAML authentication.

Configuring Active Directory Federation Services as a SAML identity provider

Was this page helpful? Yes No Submitting... Thank you