This documentation supports the 24.3 and consecutive patch versions of BMC Helix Single Sign-On.To view an earlier version, select the version from the Product version menu.

Configuring AR authentication

You can configure the BMC Helix Single Sign-On server to authenticate users through Action Request System (AR System).  

You can select one of the following options when using the AR authentication method:

  • BMC Helix Single Sign-On

     authorization mechanism—Uses the AR System Host and Port data for authentication.

  • AR System REST APIs—Uses the AR System REST APIs for authentication. When you select this option the Host, Port, and Test options for the AR Server configuration are disabled.
    For more information about AR System REST APIs, see Learning about the REST API.

Before you begin

  • Create a realm and configure its general settings.
    For more information on realm configuration, see Adding-and-configuring-realms.
  • When using BMC Helix Single Sign-On authentication, obtain the following information from the AR System administrator:
    • Host name of the AR System server
    • Port number of the AR System server
  • When using AR System REST API, obtain the following information from the AR System administrator:
    • AR System REST API URL
    • AR System FQDN details

Related topics

AR-authentication

Transforming-userID-to-match-login-ID


To configure AR authentication

  1. In the left navigation panel of the Add Realm or Edit Realm page, click Authentication.

  2. In the Authentication Type field, click AR and enter the following details:

    Field

    Action

    BMC Helix Single Sign-On authorization mechanism configuration

    Host

    Enter the AR System host name.

    Port

    Enter the port number for the AR System host.

    AR System REST API configuration

    REST API

    Select this option to use the AR System REST APIs for authentication.

    REST URL

    Enter the URL of the AR REST API server including the FQDN and port 8008; for example, http://arserver.fqdn:8008/

    Additional configurations

    Timeout (seconds)

    Enter an integer value, greater than zero, for the timeout period of an AR System authentication request.

    If a value is not provided, no time limit is set for the AR server connection.

    (Optional) Include tenant on user name for authentication

    Select this check box if a tenant is specified in the general settings of a realm.

    If you select this option, when an end user enters the login name, the tenant name is automatically added to the login name during authentication.

    (Optional) Allow users to change passwords

    Select this check box if you want to enable users to change their AR System access passwords directly from the BMC Helix SSO end user login page.

    For more information about changing passwords, see Password-change-mechanisms.

    (Optional) User ID transformation

    Select a value from the list to configure how to transform the User ID so that it matches the login ID.

    For more information about transforming the User ID, see Transforming-userID-to-match-login-ID.

    (Optional) Enable Chaining Mode

    Select this check box to enable authentication chaining.

    For more information about the authentications that you can chain with AR System, see Enabling-authentication-chaining-mode.

  3. (Optional) Click Test to verify the settings.

    Important

    The Test option is disabled if the REST API option is selected.

  4. Click Save.

Where to go from here

Rebranding-the-end-user-login-page

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*