Adding and configuring realms

As a Remedy Single Sign-On administrator, you add a realm for one or more application domains that need to be authenticated by using a single authentication method or a chain of several authentication methods.

On the List of Realms page, available in the Remedy SSO Admin Console, you can add a new realm, or edit an existing realm if you need to add more application domains, change the authentication method for the realm, configure authentication chaining for the realm, or customize the branding page. You can also delete an existing realm when you no longer need it.

Note

When you delete a realm, all local users and local user groups associated with this realm are deleted as well. For information about local users and groups, see Managing-local-users.

The default realm

When a Remedy SSO server is installed, a default realm with a special character "* "(asterisk) is available. The default realm is used for end-user authentication when Remedy SSO cannot identify a realm by the application URL sent in the HTTP request to the Remedy SSO server.

You can delete the default realm to prevent redirection to the default realm. When Remedy SSO cannot identify a realm, and the default realm is not available on the Remedy SSO server, an error message is displayed: Realm not found.

To recreate the default realm, create a realm and set up the " * " (asterisk) for the Name and the Application Domains fields.

Before you begin

Before you add a realm, you must have the list of domain names that are required to be mapped with the realm ID.

To add a realm and configure an authentication for a realm

Log in to Remedy SSO Admin Console.
Click the Realm tab, and then click Add Realm.
On the General tab, complete the required fields. For information about the general realm details, see Configuring-general-settings-for-a-realm.
On the Authentication tab, select a type of authentication, and fill in the required fields to configure the authentication type. For information about the authentication types, see Configuring-authentication.
(Optional) Perform one or more of the following steps to configure the realm as required:
1. To transform a user ID to match the login ID, select a value from the User ID Transformation list on the Authentication tab. For information abut the transformation types, see Transforming-User-ID-to-match-Login-ID.
2. To configure Remedy SSO to open applications in iframes from different domains, complete the Allow From Domains field on the Authentication tab. For more information about this option, see Allowing-Remedy-SSO-to-authenticate-applications-in-iframes.
  Note
  This option is not available for the Local authentication type.
3. To customize the login page of the realm, complete the required fields on the Branding tab. For more information about the branding options, see Rebranding-the-end-user-login-page.
Click Save.

To configure multiple authentications types for a realm

Log in to Remedy SSO Admin Console.
Click the Realm tab, and select a realm from the List of Realms page.
Click the Enable Chaining Mode button on the Authentication tab, and then add and configure another authentication type for the realm. For more information about how to add authentication methods into a chain, see Enabling-authentication-chaining-mode.
Note
You can configure only certain combinations of authentication types. For information about how you can chain authentications methods, see Authentication-fallback and Reauthentication.
(Optional) To enable authentication of users through the AR System over an external authentication, select the Enable AR authentication for bypass check box on the Authentication tab. For more information about this option, see Enabling-AR-authentication-for-bypassing-other-authentication-methods.
Note
This option is not available for Local and AR authentication types.
Click Save.