Configuring OAuth 2.0

As an administrator, configure OAuth 2.0 in any of the following cases:

You have applications that act as OAuth clients and interact with applications protected by BMC Helix SSO.
You have applications hosted on different top-level domains integrated with the same BMC Helix SSO server.

Related topics

Setting-up-end-user-authentication

OAuth-2-0-authorization

Invalidating-and-configuring-end-user-sessions

Complete the following tasks to configure OAtuth 2:

Task	Description
Registering-OAuth-clients	Depending on your application type, you must register your application as a native or non-native OAuth client.
Configuring-token-timeout-for-OAuth-clients	Configure the token timeouts for the client application.
Viewing-and-deleting-OAuth-client-application-tokens	View and delete tokens of active user sessions.
Generating-JSON-Web-Keys-for-the-OAuth-flow	Generate JSON Web Keys (JWK) to support multiple domain applications when BMC Helix SSO server is used as an OAuth server.
Configuring-attributes-for-the-userinfo-endpoint-and-ID-token-for-OAuth-clients	Map the attributes extracted from an IdP response to custom claims.
Configuring-custom-headers-in-an-HTTP-response-from-the-OAuth-2-0-client	Configure Content Security Policy (CSP) headers in an HTTP response from the /authorize and /consent-decision endpoints.

Tags: authentication oauth redirect_urls openid_scope help_oauth_settings reference task

Last modified by Priya Shetye on 2024/04/05 09:56

Was this page helpful? Submitting... Thank you

© Copyright 2013 - 2024 BMC Software, Inc.