Setting up SAMLv2 authentication in Remedy Single Sign-On

You can configure the Remedy Single Sign-On server to authenticate TrueSight Capacity Optimization users through a SAML authentication.

Complete the following procedures to authenticate the users and authorize them to use the required product features:

Configuring SAMLv2 authentication in Remedy SSO

Failed to execute the [excerpt-include] macro.

Log in to the Remedy SSO Admin console.
In the left navigation panel of the Add Realm or Edit Realm page, click Authentication.
In the Authentication Type field, click SAML.
Enter the SAML details. For more information on parameters, see SAMLv2 authentication parameters.
Important
When you configure the SAML authentication parameters for the Presentation Server, you must set the User ID Transformation field to RemoveEmailDomain and enable the Force Authentication check box.
Click Save.
In the left navigation panel of the Add Realm or Edit Realm page, click Authentication.
In the Authentication Type field, click SAML and click Enable Chaining Mode.
Click Add Authentication.
In the Authentication Type field, click LOCAL.
Enter the LOCAL details. For more information on parameters, see LOCAL authentication parameters.
Create users and user groups for the LOCAL authentication.
The users in LOCAL should be exactly same as the users in SAML.
Alternatively, the users can also be created using import script under the migration utility.
Associate users to the user groups.
Click Save.

Important

Add the LOCAL authentication entry below the SAML authentication entry, and do not promote or move the LOCAL entry above the SAML entry.

Failed to execute the [excerpt-include] macro.

Run the following commands from the Presentation Sever command prompt to configure the SAMLv2 referrer host name:

tssh properties set tspsProxyHosts <SAMLv2_referrer_FQDN_host_name>,<remedy_sso_FQDN_host_name>
tssh properties reload