This documentation supports the 22.1 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS). 

To view an earlier version, select the version from the Product version menu.

Enabling authentication chaining mode

As a BMC Helix Single Sign-On administrator, you can configure several authentication methods for a realm and chain them as required.

You might need to configure an authentication chain for a realm to enable one of the following mechanisms:

  • Authentication fallback—when the primary authentication fails, BMC Helix SSO invokes the alternate authentication methods and end users automatically log in to the applications integrated with BMC Helix SSO.
  • Reauthentication—when an application integrated with BMC Helix SSO requests to confirm an end user password when an end users tries to perform a critical business action, such as approving a service request, a reauthentication request is triggered. 


Before you begin 

Add a realm and configure an authentication method for it. For information about how to do this, see Adding and configuring realms.

Before configuring authentication fallback, review the authentication fallback chaining principles, described in Authentication fallback

Before configuring an authentication chain for reauthentication, review Reauthentication chaining principles.

To add an authentication chain for a realm

  1. In the left navigation panel of the Edit Realm page, click Authentication.
  2. Click Enable Chaining Mode.
  3. Click Add Authentication.
  4. Select a valid authentication type which you can chain with the first authentication type.
  5. Complete the required fields for the second authentication method.
  6. Click Save.
Was this page helpful? Yes No Submitting... Thank you

Comments