This documentation supports the 24.3 and consecutive patch versions of BMC Helix Single Sign-On.To view an earlier version, select the version from the Product version menu.

Configuring SAML 2.0 authentication

As a BMC Helix Single Sign-On administrator, you can configure BMC Helix SSO server to authenticate users through SAML 2.0.

The service provider (SP) hosts and protects the services that an end user accesses. BMC Helix SSO is configured as an SP for BMC products. The identity provider (IdP) authenticates users and provides details of the authentication information to the SP. 

Related topics

SAML-2-0-authentication

Transforming-userID-to-match-login-ID

Perform the tasks described in this section to configure BMC Helix SSO for SAML authentication:

Task

Description

Reference

1

(Optional) If you plan to use any of the advanced functions, create an SP signing certificate.

2

(Optional) Configure any of the following advanced functions for SAML authentication:

  • Sign SAML authentication requests
  • Sign SAML metadata for IdP
  • Decrypt encrypted assertions in SAML responses

3

Configure SAML authentication for your realm.



 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*