×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Helix Single Sign-On 23.1 Administering

Configuring infinite user sessions

Infinite sessions are user sessions that remain active for a set timeout period. It helps an application to keep the working process active by receiving the new access token for a particular Client ID. Such sessions can be configured for a particular user or a group of BMC Helix Single Sign-On users. 

A BMC Helix SSO administrator can enable infinite sessions for users with Local, SAML 2.0, and OpenID Connect authentication types.

Related topics

Configuring the BMC Helix SSO server

Managing local users and passwords

SAML 2.0 authentication

OpenID Connect authentication

Configuring Local infinite sessions

As a BMC Helix Single Sign-On administrator, you can make infinite sessions available for a particular user. 

  1. Log in to the BMC Helix SSO Admin Console.
  2. Navigate to the Local User.
  3. Click the Users tab.
  4. Select the Infinite session checkbox.
  5. Click Save.


Configuring SAML 2.0 infinite sessions 

As a BMC Helix Single Sign-On administrator, you can define group of users who are eligible for infinite sessions. Once configured, such session will remain active for a user from the specific group for a set period of time. The names of a group should coincide with the group specified in the XPath. The option is available for the SAML Authentication type.

  1. Log in to the BMC Helix SSO Admin Console.
  2. Click the Realm tab.
  3. Select the SAML Authentication Type.
  4. Navigate to the SSO Settings section.
  5. In the XPath 1.0 for group retrieval field, specify the appropriate path. For example: //*[local-name()='AttributeStatement']/*[local-name()='Attribute'][@Name='Group']/*[local-name()='AttributeValue'].
  6. In the Infinite session group field, specify the name of the group.
  7. Click Save.


Configuring OpenID Connect infinite sessions

By specifying the name of the claim in the id_token which contains user's group and matching it with a value in the Infinite session group, BMC Helix Single Sign-On receives the name of a user for which the infinite session will be enabled. 

  1. Log in to the BMC Helix SSO Admin Console.
  2. Click the Realm tab.
  3. Select the OIDC Authentication Type.
  4. Navigate to the SSO Settings section.
  5. In the Groups Claim Name field, specify the name of a claim in id_token that will be used for a group list extraction. 
  6. In the Infinite session group field, specify the name of the group.
  7. Click Save.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Anastasiia Mikhieieva on Jan 26, 2023
help_session task infinite_session

Comments

Log in or register to comment.

Reviewing audit records
Troubleshooting
© Copyright 2013 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.