Skip to Content

Reverting BMC Helix SSO server configuration

As a BMC Helix Single Sign-On SaaS administrator, you can revert previous BMC Helix SSO configurations directly from the BMC Helix SSO Admin Console user interface. This capability enhances administrative control by allowing you to manage changes and roll back to earlier states if needed.

Before you begin

Important

Reverting server configuration might impact your users. Use the revert option with due diligence. Some product components are out of scope for this feature, but their support is expected in version 26.1.01.

At the time of the release, the feature covers the following BMC Helix SSO components:

  • CAPTCHA configuration
  • Email server configuration
  • Email templates
  • General server settings
  • OAuth2 settings:
    • OpenID Connect Issuer URL
    • Access Token Timeout
    • Refresh Token Timeout
  • Realm settings
  • Redis configuration

The current release does not cover the feature support for the following components:

  • Admin user settings
  • Identity providers' test buttons in preview mode
  • Import configuration
  • Local users
  • Local groups
  • OAuth2 clients
  • SAML metadata in preview mode

Related topic

Setting up tenants

To enable reverting of the BMC Helix SSO server configuration

This feature is disabled by default. To enable it, perform the following steps:

  1. Log in to the BMC Helix SSO Admin Console.
  2. Navigate to the Tenant tab.
  3. Click Edit against the tenant for which you want to enable configuration revert.
  4. Select the Configuration archive check box.
  5. Save your changes.

After you enable the feature, the system begins recording changes. You can only restore configuration changes that are recorded while the Configuration archive checkbox is selected. If you disable this feature, all records are erased and will not be restored the next time you enable the feature.

To preview the BMC Helix SSO server configuration

Info
The retention policy for the configuration data storage is 4 days (96 hours).

  1. Navigate to the Service tab.
  2. Click Chronicle.
  3. View configuration changes made for your tenant at specific timestamps.
  4. On the Chronicle page, click the pin icon in the Action column for the specific timestamp.

In the read-only mode, you can view the configuration as it was before a selected change. For example, if the change history is A, B, C, D, E (with E being the latest), pinning action C will show the configuration before change C, so only changes A and B are included.

After reverting to a previous configuration, such as B in a sequence of A, B, C, D, E (with E being the latest), B becomes the current configuration, and all subsequent configurations (C, D, E) are permanently removed from the archive. As a result, any changes made after B are lost, and there is no option to restore configuration E or any other configuration that was deleted during the rollback.

You cannot choose to roll back only part of the configuration. For example, pinning action D will show the configuration before change D (which is A, B, and C), but you cannot roll back to only version B. 

To revert BMC Helix SSO server configuration

After you have reviewed configuration changes:

  • To revert the server settings to the observed state, click the tick icon at the top of the page.
  • To keep the current server settings, click the cross icon at the top of the page.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Single Sign-On 26.1