Configuring realms

You add a realm for one or more of your domains that need to be authenticated through the same authentication method. You can also edit an existing realm if you need to add more domains or change the authentication method for that realm. For more information, see Realms.

Before you begin

Obtain the following information:

• Realm ID
• Domain names that are required to be mapped with the realm ID
• URL to which the user is redirected when the user logs off

To add or edit a realm

1. Log in to the Remedy RSSO Administration console.

2. Click the Realm tab.
   The List of Realms page is displayed with the default realm.

   Note

   Default realm is a realm with a special name * (asterisk). The difference between any realm and the default realm is that Remedy SSO uses a default realm for user authentication if it cannot identify another realm based on the application domain taken from HTTP request. If you have not defined an application realm, an error such as Realm not found occurs. To enable fallback to the default realm, ensure that you also define an application domain name with an * (asterisk).

   You can delete the default realm to prevent redirection for applications whose domains do not belong to any realm. If Remedy SSO cannot identify the realm and the default realm is also removed, an error message is generated.

   You can recreate the default realm by giving it the * name.

3. Perform one of the following actions:
   • To add a realm, click Add Realm.
   • To edit a realm, click the Edit icon for the realm that you want to edit.
   • To delete a realm, click the Delete icon for the realm that you want to delete. When you delete a realm, you also delete all users, Local User Management authentication groups, and all active sessions. Note that active user sessions can be related to other identity providers as well.

4. On the General tab, enter the required realm details.

   Field	Action
   Realm ID	Enter a unique realm identifier. A Realm ID must not be more than 80 characters and must only include alphanumeric characters or the following special symbols:  *, ., _, and -. Note: You cannot create a realm ID with the same ID as an existing realm ID, such as Company and company.
   Application Domain(s)	Enter comma-separated domain names of applications that are integrated with Remedy SSO. Domain names must start from the left side of the server name on which the applications are hosted. Do not add a domain to more than one realm. Examples: myit or myit.yourcompany Note: This field does not accept uppercase characters; every entry is automatically transformed to lowercase characters.
   Tenant	Enter the tenant name of the realm. Note: This parameter is currently not available.
   After Logout URL	Enter the URL to which a user is redirected to after the user logs out from Remedy SSO.
   Session Quota	Enter the number of active sessions or simultaneous logins for a particular user. Enter one of the following values: 0—Allow multiple simultaneous logins, that is, any number of logins are allowed. Note: This is the default value, so that after an upgrade, there is no restriction on the number of simultaneous logins. 1—Only one login session is allowed for the user. Any other value other than 0 or 1—Only those number of session logins will be allowed for the user. Note: If you select the Automatically invalidate oldest session on reaching quota checkbox, and if the user exceeds the number of logins, the user can log in, but will get logged out from the oldest session. If you do not select this option, then the user cannot log in to any session beyond the entered value and the following error message is displayed: Exceeded session quota limit

5. Click Save.
6. Go to the Session tab to check the amount of time remaining for the current session after which it will be invalidated.

Related topics

Configuring-Remedy-SSO-for-authentication

Configuring-Local-User-Management-authentication

Troubleshooting-login-and-logout-issues