Phased rollout This version is currently available to SaaS customers only. It will be available to on-premises customers soon.

Configuring SAML 2.0 authentication

As a BMC Helix Single Sign-On administrator, you can configure BMC Helix SSO server to authenticate users through SAML 2.0.

The service provider (SP) hosts and protects the services that an end user accesses. BMC Helix SSO is configured as an SP for BMC products. The identity provider (IdP) authenticates users and provides details of the authentication information to the SP. 

Related topics

SAML-2-0-authentication

Transforming-userID-to-match-login-ID 


Perform the tasks described in this section to configure BMC Helix SSO for SAML authentication:

Task

Description

Reference

1

(Optional) If you plan to use any of the advanced functions, create an SP signing certificate.

2

(Optional) Configure any of the following advanced functions for SAML authentication:

  • Sign SAML authentication requests
  • Sign SAML metadata for IdP
  • Decrypt encrypted assertions in SAML responses

3

Configure SAML authentication for your realm.




 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*