×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Helix Single Sign-On 23.1 ... Getting started Key concepts

BMC Helix SSO agent

The BMC Helix Single Sign-On agent is a component of the BMC Helix SSO system that intercepts user requests to applications integrated with BMC Helix SSO. 

Each application integrated with BMC Helix SSO has a BMC Helix SSO agent installed on its server. For more information about the place of the BMC Helix SSO agent in the BMC Helix SSO architecture, see BMC Helix SSO architecture.

Related topics

Configuring the BMC Helix SSO agent

Realms

The BMC Helix SSO agent role in an authentication flow

The BMC Helix SSO agent, designed as a request filter, performs the following tasks:

  • In an environment with one BMC Helix SSO server, the BMC Helix SSO agent intercepts user requests and then redirects these requests to the BMC Helix SSO server.

  • In an environment with multiple BMC Helix SSO servers, the BMC Helix SSO agent defines application domains based on the domains present in user requests, and then defines the right server for communication. For more information about an environment with multiple BMC Helix SSO servers, see Connecting the same BMC Helix SSO agent to different BMC Helix SSO servers.

On intercepting a user request to an application, the BMC Helix SSO agent verifies whether the user is already authenticated by searching for the authentication cookie in the request. Depending on the cookie availability, the BMC Helix SSO agent performs the following tasks:

  • If the authentication cookie is available, the BMC Helix SSO agent validates it by making a service call to the BMC Helix SSO server. This validation is made on a regular basis, and the validation period can be scheduled to not impact the server performance. 
  • If the authentication cookie is unavailable, the BMC Helix SSO agent defines a domain parameter from the application URL, and then identifies a realm based on the application domain. After that, the user is redirected to the BMC Helix SSO server to pass authentication based on the realm settings.

If the validation is successful, the request is passed to the application. Otherwise, it is redirected to the BMC Helix SSO server for repeating the authentication process. 

Was this page helpful? Yes No Submitting... Thank you
Last modified by Priya Shetye on Apr 05, 2023
remedy_single_sign_on agent web_agent concept

Comments

Log in or register to comment.

BMC Helix SSO architecture
BMC Helix SSO multitenancy
© Copyright 2013 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.