Unsupported content This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.

Logon and logoff experience for end users

When using a single sign-on system, the normal authentication behavior is altered. The practice of logging on when you start a product is automatically performed when the second product is started. This change happens without any user involvement.

Logon

Based on the way Remedy SSO is configured with the integrated application, when a user attempts to log on to an application integrated with Remedy SSO, the following events are triggered:

  • The Remedy SSO logon page is displayed to the user for authentication.
  • If Remedy SSO is configured for SAML or OpenID Connect, the user request is redirected by the Remedy SSO web application to the external Identity Provider (IdP).

After the user enters valid credentials, Remedy SSO server redirects the request to the integrated application. Remedy SSO agent verifies that the user is authenticated and then allows the user to access the integrated application.

When the user tries to access the same application or any other integrated application from another browser tab or window, the Remedy SSO agent checks for an existing user session, and checks to determine whether or not the user is already logged on. If the user is already logged on, as in this case, the application UI is displayed without the user being prompted for credentials. If the user session does not exist yet, or the user is not already logged on, the Remedy SSO does the normal token check (from a cookie) and redirects the user to the logon page.

Logoff

When the user hits the logout URL in the integrated application, Remedy SSO agent sends a request to Remedy SSO server. A reference counter on the user token table in the web application increments or decrements the application count when the user logs on or logs off an application. The reference counter is implemented by applications that are logged on to by using the Remedy SSO token.

When a user logs off an application but the application count is greater than 0, it means the user is still logged on to one or more applications. In this case, the system does not prompt the user for credentials when user is gaining access to another application.

If the user logs off an application and the application count is 0, it means the user is logged off from Remedy SSO. The user will be prompted for credentials when accessing  applications.

Related topic

Password-change-mechanisms

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*