×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.
Remedy Single Sign-On 19.08 ... Administering Setting up end user authentication Configuring authentication

Configuring preauthentication

As a Remedy Single Sign-On administrator, you can configure a realm for preauthentication if a third-party provider is configured to perform authentication. 

You might need to configure a realm for preauthentication if you need to cross launch an application inside another application hosted on a different Remedy Single Sign-On server. For more information about this use case, see Deployment scenarios

Before you begin

Add a realm and configure its general settings.

For more information about how to add and configure a realm, see Adding and configuring realms.


Related topic

Preauthentication

Transforming User ID to match Login ID

Enabling AR authentication for bypassing other authentication methods


To configure preauthentication

  1. Log in to Remedy SSO Admin Console.

  2. In the left navigation panel of the Add Realm or Edit Realm page, click Authentication.

  3. From the Authentication Type list, select PREAUTH.

  4. In the User ID field, enter the name of the JWT entry to be used for user identification.

    Note

    Because a JWT is generated and provided by a third-party system, the name of the claim containing the User ID is arbitrary. Consult the documentation of your third-party product to find out the actual JWT claim name containing the User ID value used for integration.

  5. In the Certificate field, copy the certificate of the server that signs the JWT. 

    Note

    The certificate must be in Privacy Enhanced Mail (PEM) format.

  6. (Optional) To allow an originating application to open a target application through iframe, in the ALLOW-FROM Domain(s) field, enter the name of the originating application. 
    You can specify the target server as follows:
    • * - wildcard. Allowed for all domains.
    • hostname - Allowed for specified domain, ignoring port.
    • hostname:port - Allowed for exact match host:port.

    • proto://hostname:port - Allowed for exact match host:port.

    For information about cross launching, see Enabling cross launch for applications integrated with different Remedy SSO servers.

  7. Click Save.

Where to go from here

After you have configured a realm for preauthentication, you must configure the Remedy SSO agent to expect JWT by  GET or POST method.  For more information, see Configuring Remedy SSO agent.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Olha Horbachuk on Sep 30, 2020
authentication task concept help_realm

Comments

Log in or register to comment.

Configuring OpenID Connect authentication
Configuring SAML 2.0 authentication
© Copyright 1991 – 2019 BMC Software, Inc.
© Copyright 1991 – 2019 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.