This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OAuth authentication to CSM UI

Hello,

we have configured our SMAX to log in with SSO using OAuth 2.0. Meaning our customer doesn't have to login to SMAX at all.

Our goal is to enable OAuth on CMS UI so that when user has opened SMAX on one Tab he can access CMS UI on another tab of his browser since he has a Token from OAuth and doesn't have to login anymore.

Would this be possible? I didn't find any information about OAuth on this Documantation https://docs.microfocus.com/doc/UCMDB/2023.05/Home

I am open to some work-arounds.

Thank you very much in advance,

Filip

  • Suggested Answer

    0  

    Hello Filip,

    This is in 23.4 version.

    If you refer to: https://docs.microfocus.com/doc/UCMDB/23.4/LogUcmdbDesktop It is part of supported protocols. 

    Supported by the following: UCMDB with IdM, and OpsB with IdM

    The IdP server must support the OAuth 2.0 protocol. The certified IdP servers is: Keycloak

    Note Technically, CMS supports all SAML 2.0 / OAuth 2.0 complaint IdPs. The IdPs listed in the table above are the ones certified in lab.

  • 0 in reply to   

    Hello Ana,

    But this Documentation talks about Local Client no? We need it for CMS UI

    In JMX Console you can Configure SAML. But I don't see any way to configure OAuth (such as fields for OAuth credentials)

    Please specify, Thank you

  • Suggested Answer

    0   in reply to 

    Hi Filip, as mentioned in the doc you can launch the UCMDB UI of a target UCMDB server from the UCMDB Local Client tool as a desktop application, without the need for the Oracle JVM installed on that desktop. As the UCMDB Local Client tool also enables you to manage login configurations for multiple UCMDB servers from a central place.

    If you want to do it directly from the CMS UI alternative you may submit an Enhancement Request via the forum Idea Exchange tab 

  • 0 in reply to   

    Hi Ana,

    I would gladly configure OAuth from anywhere. But he doc only mentions how to configure SAML and that is done in JMX Console no?

    The goal is to access CMS UI web page with through OAuth. So that when user is logged in to SMAX he can use the same token to access CMS UI without the need of logging in.

    Is this possible and if it is, where is the documentation on how to configure it?

    Thank you very much

  • Suggested Answer

    0  

    Hi Filip,

    The OAuth-based SSO possibly works only when CMS is configured to use the IdM deployed in SMAX. The configuration of how to set up CMS to use the SMAX's IdM is documented in the following SMAX online help.

    https://docs.microfocus.com/doc/SMAX/23.4/AssociateTenantCustomer

    Thanks,

    Leslie