This documentation supports the 21.3 version of BMC Helix Single Sign-On.To view an earlier version, select the version from the Product version menu.

21.3 enhancements


Review the BMC Helix SSO 21.3 enhancements for features that will benefit your organization and to understand changes that might impact your users.

BMC Helix Single Sign-On enhancements

Management of feature flags for tenants in the BMC Helix SSO Admin Console

You can manually enable or disable features within one tenant in the BMC Helix SSO Admin Console. The changes are applied automatically without restarting the BMC Helix SSO server. For more information, see Setting-up-tenants.

Supported features per tenant
  • Local User Management "Confirm Registration"
  • Local User Management "Forgot Password"
  • Disable email template sanitizing
  • Webhooks on authentication response
  • UserID transformation to convert AR alias to login

Feature flags.png

Norwegian support.png

Extended list of languages supported for end user pages

Starting with this release, BMC Helix SSO supports 14 new languages for end user pages. The screenshot example shows the login page of the integrated BMC application for users with the Norwegian browser language. For more information, see Supported-languages-and-locales.

Supported languages

Arabic
Catalan
Czech
Danish
Dutch
Finnish
Greek
Norwegian
Romanian
Swedish
Thai
Traditional Chinese
Turkish
Welsh


SAML infinite sessions

As a BMC Helix Single Sign-On administrator, you can define group of users who are eligible for infinite sessions. Once configured, such a session will remain active for a user from the specific group for a set period of time. The names of a group must coincide with the group specified in the XPath. The option is available for the SAML Authentication type. For more information, see Configuring-infinite-user-sessions.

screenshot01.png

inf04.PNG

OpenID Connect infinite sessions

The infinite sessions allow users to keep the session active for a set period of time. By specifying the name of the claim in the id_token that contains the user's group and by matching it with a value in the Infinite session group, BMC Helix Single Sign-On receives the name of a user for which the auto-refreshable session will be configured. For more information, see Configuring-infinite-user-sessions.


Self-service configuration for BMC Helix SSO Tenant administrator

A self service configuration allows Tenant Administrators to perform administrative operations available in BMC Helix SSO autonomously. For more information, see Self-service-configuration-for-BMC-Helix-SSO-Tenant-administrator.

yy.png

What else changed in this release

In this release, note the following significant changes in the product behavior:

Update

Product behavior in versions earlier than 21.3

Product behavior in version 21.3 and later

Feature flags for local user password policy, reCAPTCHA, and spEL transformation.

The LUM_PASSWORD_POLICY, CAPTCHA, and EL_TRANSFORMATION features could be disabled.

The LUM_PASSWORD_POLICY, CAPTCHA, and EL_TRANSFORMATION features are enabled by default and cannot be disabled.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*