Skip to Content

Setting up uninterrupted user sessions for a seamless, hassle-free experience

This use case describes how the BMC Helix Single Sign-On flow enables persistent user sessions without automatic expiration. Users remain authenticated even during long periods of inactivity (up to one hour). A session ends only when the user explicitly logs out or when an administrator manually revokes it. 

However, it is important to note that access tokens might expire independently of the session. This behavior implies that even if the session remains valid, the user might be logged out after more than an hour of inactivity due to token expiration.

Sessions are continuously extended as long as the user interacts with the integrated BMC Helix application.

Related topics

Key concepts

Getting started

Scenario

Apex Global is an Internet service provider that uses BMC Helix SSO to authenticate NOC (Network Operations Center) engineers who monitor network performance dashboards. To prevent disruptions during long monitoring shifts, the administrator enables non-expiring sessions. This enables NOC engineers to stay logged in throughout their shifts so that they can continuously monitor network health and respond immediately to any incidents or network outages.

Workflow

The following table describes the tasks involved in the process of setting up user sessions:

TaskProduct componentRoleActionReference
1BMC Helix SSO serverBMC Helix SSO administratorEnable the feature for a user or a user group(s), depending on their authentication type: Local, SAML 2.0, or OpenID Connect.Configuring infinite user sessions
2

BMC Helix SSO agent or Auth Proxy (depending on the Redis service availability)

BMC Helix SSO administrator (for BMC Helix SSO agent) or the internal Ops team (for Auth Proxy)

(BMC Helix SSO agent) Set up the redis-uri and redis-password properties in the rsso-agent.properties file.

(Auth Proxy) Add the redis-uri and redis-password properties to the external.conf file that can be mounted into the AuthProxy container during the startup.

Note: The infinite user sessions feature does not require the redis-channel to be set. Also, perpetual tokens are refreshed irrespective of the session.

Configuring the BMC Helix SSO agent or Configuring Auth Proxy for deployment with BMC Helix SSO

Results

By using the feature, NOC engineer Allen is able to stay continuously authenticated throughout his monitoring shift. This uninterrupted access allows Allen to maintain real-time visibility into network performance dashboards without the risk of session timeouts. As a result, Allen can respond immediately to incidents and outages, ensuring faster resolution times and improved service reliability. The administrator no longer needs to manage frequent re-authentication issues, streamlining operations, and enhancing overall system stability.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Single Sign-On 25.4