Configuring OpenID Connect authentication
You can configure the Remedy Single Sign-On (Remedy SSO) server to authenticate users through OpenID Connect authentication. OpenID Connect is built on top of the OAuth 2.0 protocol. Clients use OpenID Connect to check the identity of users. The identification is based on the authentication done at the authorization server.
OpenID Connect involves the following process:
- The registered client (Remedy SSO) sends the authorization request to the OpenID Provider (OP).
- The OP authenticates the end user and redirects the authorization code to Remedy SSO.
- Remedy SSO sends a request with the authorization code to get the access token from the OP.
- With the access token, Remedy SSO requests the information about the end user.
- OP provides information about the end user to Remedy SSO.
- Remedy SSO creates a user session.
To configure OpenID Connect authentication
- (Optional) Select the Enable AR authentication for bypass check box to enable bypass URL to authenticate against AR.
For more information about enabling BMC Remedy AR System authentication for bypass, see .
- Enter the OIDC details.
For more information on parameters, see OIDC authentication parameters.
OIDC authentication parameters
|Authorization URL||Returns an authorization code.|
|UserInfo URL||Relates to the user who has currently logged in and is attained by using the access token.|
|Scope||Returns different details about logged in user.|
Registers the client application on the OpenID provider side.
Identifies the client application.
When Remedy SSO server is registered as a client on the OIDC provider site, the OIDC provider generates and provides the client ID and client secret values.
|RSSO Callback Url||Enables a response from the OpenID provider.|
|User ID field name||Identifies the user, which will be used by Remedy SSO.|
Prompts the user for necessary action. Select one of the following options from the drop down list: