Adding and configuring realms
As a Remedy Single Sign-On administrator, you add a realm for one or more application domains that need to be authenticated by using a single authentication method or a chain of several authentication methods.
On the List of Realms page, available in the Remedy SSO Admin Console, you can add a new realm, or edit an existing realm if you need to add more application domains, change the authentication method for the realm, configure authentication chaining for the realm, or customize the branding page. You can also delete an existing realm when you no longer need it.
When you delete a realm, all local users and local user groups associated with this realm are deleted as well. For information about local users and groups, see Managing local users.
The default realm
When a Remedy SSO server is installed, a default realm with a special character "* "(asterisk) is available. The default realm is used for end-user authentication when Remedy SSO cannot identify a realm by the application URL sent in the HTTP request to the Remedy SSO server.
You can delete the default realm to prevent redirection to the default realm. When Remedy SSO cannot identify a realm, and the default realm is not available on the Remedy SSO server, an error message is displayed:
Realm not found.
To recreate the default realm, create a realm and set up the " * " (asterisk) for the Name and the Application Domains fields.
Before you begin
Before you add a realm, you must have the list of domain names that are required to be mapped with the realm ID.
To add a realm and configure an authentication for a realm
- On the Authentication tab, select a type of authentication, and fill in the required fields to configure the authentication type. For information about the authentication types, see Configuring authentication.
- (Optional) Perform one or more of the following steps to configure the realm as required:
To transform a user ID to match the login ID, select a value from the User ID Transformation list on the Authentication tab. For information abut the transformation types, see Transforming User ID to match Login ID.
To configure Remedy SSO to open applications in iframes from different domains, complete the Allow From Domains field on the Authentication tab. For more information about this option, see Allowing Remedy SSO to authenticate applications in iframes.
This option is not available for the Local authentication type.
To customize the login page of the realm, complete the required fields on the Branding tab. For more information about the branding options, see Rebranding the end user login page.
- Click Save.
To configure multiple authentications types for a realm
Click the Enable Chaining Mode button on the Authentication tab, and then add and configure another authentication type for the realm. For more information about how to add authentication methods into a chain, see Enabling authentication chaining mode.
(Optional) To enable authentication of users through the AR System over an external authentication, select the Enable AR authentication for bypass check box on the Authentication tab. For more information about this option, see Enabling AR authentication for bypassing other authentication methods.
This option is not available for Local and AR authentication types.