This documentation supports the 19.11 version of BMC Remedy Single Sign-On, which is available only to BMC Helix subscribers (SaaS).

To view an earlier version, select the version from the Product version menu.

Adding and configuring realms

As a Remedy Single Sign-On administrator, you add a realm for one or more of your domains that need to be authenticated through the same authentication method. 

On the List of Realms page, available in the Remedy SSO Admin Console, you can add a new realm, or edit an existing realm if you need to add more domains, change the authentication method for the realm, configure authentication chaining for the realm, or customize the branding page. You can also delete an existing realm when you no longer need it. 

Note

When you delete a realm, all local users and local user groups associated with this realm are deleted as well. For information about local users and groups, see Managing local users.

The default realm

When a Remedy SSO server is installed, a realm with a special character  "* "(asterisk) is available by default.

The default realm is used for end-user authentication if a realm cannot be identified by the application domain sent in the HTTP request to the Remedy SSO server.

You can delete the default realm to prevent redirection to it for application domains that do not belong to any realm. If Remedy SSO cannot identify a realm, and the default realm is not available on the Remedy SSO server, an error message is displayed:  Realm not found.

You can recreate the default realm by setting up the " " (asterisk) for the Name and the  Application Domains fields.

Before you begin

Before you add or edit a realm, you must have the following information in place:

  • Domain names that are required to be mapped with the realm ID
  • URL to which the user is redirected when the user logs out from Remedy SSO

To add a realm and configure an authentication for a realm

  1. On the Authentication tab, select a type of authentication, and complete the required fields to configure the authentication type. For information about the authentication types, see Configuring authentication.
  2. (Optional) Perform one or more of the following steps to configure the realm as required:
    1. To transform a user ID to match the login ID, select a value from the User ID Transformation list on the Authentication tab. For information abut the transformation types, see Transforming User ID to match Login ID.

    2. To configure Remedy SSO to open applications from different domains, complete the Allow From Domains field on the Authentication tab. For more information about this option, see Allowing Remedy SSO to open applications in iframes.

      Note

      This option is not available for the Local authentication type.

    3. To customize the login page of the realm, complete the required fields on the Branding tab. For more information about the branding options, see Rebranding the end user login page.

  3. Click Save.

To configure multiple authentications types for a realm

  1. Click the Enable Chaining Mode button on the Authentication tab, and then add and configure another authentication type for the realm.

    Note

    You can configure only certain combinations of authentication types. See Authentication chaining for information about the supported authentication chains.

  2. (Optional) If you have an AR authentication method configured for a realm, to enable authentication of users through the AR System over an external authentication, select the Enable AR authentication for bypass check box on the Authentication tab.

    Note

    This option is not available for Local and AR authentication types.

  3. Click Save.

Was this page helpful? Yes No Submitting... Thank you

Comments