Skip to Content

26.2 enhancements and patches

Review the BMC Helix SSO 26.2 enhancements and patches for features that will benefit your organization and to understand changes that might impact your users.

Related topic

Release notes and notices

Version

SaaS

On premises

Fixed issues

Updates and enhancements

26.2

✅️

NA

NA

For a list of recent updates and enhancements across multiple versions, see Release notes and notices.

BMC Helix applies upgrades as described in theBMC Helix Upgrade policy. BMC Helix applies upgrades and patches duringMaintenance windows.

26.2.00

Enhanced security of OpenID Connect authentication flows

As an administrator, you can enforce OpenID Connect security by implementing advanced capabilities, such as using private_key_jwt for client authentication, where clients sign a JSON Web Token (JWT) with a private key. Also, you can enable PKCE (Proof Key for Code Exchange, RFC 7636) to secure public OAuth 2.0 clients by preventing authorization code interception attacks. This release also introduces out-of-the-box support for the nonce parameter, which helps prevent ID token replay attacks, although this setting is not exposed in the UI. For more details, see Configuring OpenID Connect authentication.

OIDC updates.jpg

Improved user interface for tenant settings

Get the most out of your user experience by leveraging the optimized UI for tenant settings. The functionality remains the same, with some updated sectioning for better usability. For more details about tenant settings, see Setting up tenants.

Updated tenant UI.jpg

Rebranding the managed service provider page

You can change the default managed service provider (MSP) page branding in accordance with your company standards and requirements. The MSP page serves as a proxy that identifies the authentication mechanism before displaying the login page. Customization options include logo, background image, submission form colors, etc. For more details, see Rebranding the multiple service provider page.

MSP login page customization.jpg

What else changed in this release

The following table lists the changes in the product behavior:

UpdateProduct behavior in versions earlier than 26.2Product behavior in version 26.2 and later versions

Improved usability for reverting to an earlier version of the Remedy SSO server configuration

The selected operation timestamp was not highlighted on the Chronicle page. Hence, the administrator had to remember the time or manually check other attributes to identify up to which point the server configuration was reverted.

The selected timestamp is highlighted on the Chronicle page, so the administrators can quickly orient themselves in the Chronicle table.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Single Sign-On 26.2