×
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
 
 
  •  

 

This documentation supports the 19.02 version of Remedy Single Sign-On.

To view an earlier version, select the version from the Product version menu.

Remedy Single Sign-On 19.02 Administering

Configuring multiple domain support

In versions earlier than 19.02, the Remedy SSO server could not protect applications hosted in different domains. With 19.02 version, Remedy SSO server can now establish connection with applications in different domains. For this, the Remedy SSO agent and server must act as an OpenID Client and OpenID provider respectively to protect an application through the authentication process.

This feature is needed in cases where you have an application which is hosted in your company data center, and Remedy SSO server is hosted in another data center, for example BMC data center.

Related topic
Deployment scenarios

Note

The following Remedy SSO functionalities are not supported for the applications for which the Remedy SSO agent and server act as an OpenID Client and OpenID provider respectively:

  • Bypass SAML authentication for reauthentication requests
  • Multi-Service Provider (MSP)

To allow applications hosted on different domains to use the same RSSO server for authentication

  1. In the Remedy SSO server, register an application as an OAuth2 client. For information about how to configure the OAuth2 client, see Configuring OAuth 2.0

  2. Perform the following steps to register the client as an OAuth2 client:

    1. Set the OpenID Issuer URL. The value must correspond to the sso-external-url configured in the rsso-agent.properties file.
    2. Select the openid (Scope used for OpenID connect) check box to enable the OpenID scope for this client.
    3. Configure the Access Token Timeout value for managing the user session time.
    4. Generate the JWK Id.

  3. Copy the Client ID and Client Secret generated after registering the client as OAuth2 and save them.

  4. In the RSSO agent, configure the rsso-agent.properties file as follows: 

    multi-domain-support=true
oauth-client-id=<Client ID>
oauth-client-secret=<Client Secret>

  5. Save the rsso-agent.properties file. 

    The RSSO is now configured for using OpenID connect.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Olga Kutetska on Mar 23, 2020

Comments

Log in or register to comment.

Invalidating and configuring end user sessions
Enabling cross launch for applications integrated with different Remedy SSO servers
© Copyright 1991 – 2019 BMC Software, Inc.
© Copyright 1991 – 2019 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.