This documentation supports the 24.2 and consecutive patch versions of BMC Helix Single Sign-On.To view an earlier version, select the version from the Product version menu.

Generating consumer keys for communication between the BMC Helix SSO agent and server

Communication between the BMC Helix Single Sign-On server and BMC Helix Single Sign-On agents requires the use of a consumer key for secure communications. When the BMC Helix Single Sign-On server is deployed, a default consumer key is generated that is used by all instances of the BMC Helix Single Sign-On agents to access the server.  However, this can be a security risk because the BMC Helix Single Sign-On agents can access the configuration of any BMC Helix Single Sign-On server. Generate additional consumer keys, and associate them to a BMC Helix Single Sign-On agent, so the agent only has access BMC Helix Single Sign-On server configuration information that is available for them.

Configuring-BMC-Helix-SSO-for-applications-hosted-on-different-domains

To generate a consumer key in BMC Helix Single Sign-On server

  1. Log in to the BMC Helix Single Sign-On server and navigate to the General tab.
  2. Select Consumer Keys.

  3. Click Generate.

    Important

    You can generate up to 5 additional keys.

    A dialog box with the value of the generated key is displayed.

  4. Save the value of the key generated and click Confirm.
    The value of the generated key is only displayed when it is generated, after which it is encrypted. Only the masked key value is displayed after the key is encrypted. 
  5. Click Save.

The BMC Helix Single Sign-On agent must add the value of the consumer key to communicate with the server to the system variables defined in the system where the BMC Helix Single Sign-On agent is installed. 

Where to go from here

Adding consumer keys to access the BMC Helix Single Sign-on server

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*