This documentation supports the 19.11 version of BMC Remedy Single Sign-On, which is available only to BMC Helix subscribers (SaaS).To view an earlier version, select the version from the Product version menu.

Administering


When you have Remedy Single Sign-On server installed or upgraded, and Remedy Single Sign-On agent installed for all integrated applications, you can proceed with administering tasks. 

This section contains information about configuring Remedy SSO for various authentication types, and other administrative tasks such as configuring branding details or viewing user sessions.

 

Related topics

Integrating

Upgrading

Roles-and-permissions

Administering tasks for Remedy SSO subscribers

The following task applies to you if you have the permissions of a tenant administrator on the Remedy SSO server: 

Task

Reference

Create, edit and delete users and groups for realms with local authentication type

Administering tasks for Remedy SSO on-premises users

The following tasks apply to you if you have the permissions of a SaaS administrator in the Remedy SSO Admin Console: 

Task

Reference

Create internal administrators (SaaS administrators and tenant administrators) with access to the Remedy SSO Admin Console.

Set up multiple tenants on the Remedy SSO server.

Configure the following settings on the Remedy SSO server:

  • General settings—cookie domain, session settings, and server logging
  • Advanced settingscookie name, service URL, and service provider options for SAML authentication
  • Admin authentication settings—Enable authentication for internal administrator users, and configure access toRemedy SSO Admin Console for users from an external LDAP directory.

Configure Remedy SSO for end user authentication:

  • Add and configure authentication for realms
  • Enable AR authentication for bypass
  • Enable Remedy SSO to authenticate applications in iframes
  • Rebrand the Remedy SSO end user login page
  • Set up the user ID transformation
  • Enable and configure authentication chains for a realm

Create, edit and delete users and groups for realms with local authentication type.

Configure OAuth 2.0 protocol for one or more of the following tasks:

  • Register OAuth 2.0 native client applications
  • Register OAuth 2.0 non-native client applications
  • Set up token timeout for client applications
  • Generate JWKs for OAuth 2.0 flow
  • View and delete tokens of active user sessions

Enable single sign-on experience for applications hosted on different domains.

Enable single sign-on experience for applications cross-launched from a different Remedy SSO server.

Configure the start page for applications protected by Remedy SSO.

Create a backup of the Remedy SSO server before upgrade.

Restore the Remedy SSO configuration from backup.

Kill end users sessions.

The following tasks apply to you if you have read and write permissions for the file system on servers with  Remedy SSO server and  Remedy SSO agents:

Task

Reference

Configure the rsso.agent.properties file on the servers with applications integrated with Remedy SSO.

Transfer data between two Remedy SSO servers.