Self-service configuration for BMC Helix SSO Tenant administrator
To configure self service in the Tenant
- As a SaaS administrator, log in to the BMC Helix SSO Admin Console.
- On the navigation panel, click Tenant.
- Select the appropriate Tenant for editing.
- Select the Self Service checkbox.
By default, the Self Service checkbox is disabled. Once it is checked, it provides the list of available parameters for the self service configuration. Here, you can select the appropriate type of authentication among the set of authentications created by Saas Administrator and set an AR host name and AR service port for AR Bypass authentication mechanism. Enabled Self service checkbox on a tenant level allows to limit the available authentication types for a realm.
To configure self service in the Realm
After the configurations in the Tenant are done, navigate to the appropriate Realm to make it available for the Tenant Administrator for further configurations of the authentication settings.
- From the list of the Realms, select the necessary one.
- Click Edit Realm.
- Select the Self service checkbox.
- Save your changes.
The four tabs become available for a Tenant Administrator in addition to existed Local User management:
- Realm – make changes for branding, update Authentication settings (with no access to information about bypass)
- Session – get information about existed sessions, manage them (delete)
- OAuth2 – to manage OAuth2 related settings
- Audit – to get data about admin and end-user audited actions
Edit OAuth2 parameters
As a Tenant Administrator, you can configure all settings related to OAuth2 except the OpenID Connect Issue URL.
