Configuring Jazz Team Server authentication for Publishing Document Builder

You can set up a Jazz Team Server (JTS) to provide authentication for Publishing Document Builder.

Before you begin

A new or existing JTS that uses container authentication is required.
Important: If you are moving from container authentication to Jazz Team Server(JTS) authentication, then make sure to create the same users with the same roles, that are admin, designer, and user, as available in container authentication. If the same users are not created in JTS, then the JTS cannot retrieve the Publishing Document Builder resources as used during the container authentication.

About this task

This type of authentication is supported on WebSphere Liberty. The Liberty server must be configured for https connections.

For more information, see the video Publishing Document Builder authentication with Jazz Team Server.

Note: When Publishing Document Builder is configured with JTS container authentication, if you are logged in to Publishing Document Builder, you do not have to enter the data source credentials again to generate a document-style report with data from any IBM Engineering Lifecycle Management (ELM) applications that use the same JTS. To take advantage of not having to reauthenticate, see the following details:
  • Publishing Document Builder must have the same domain as the JTS.
  • This type of authentication also works for smart card or certificate authentication if the JTS is configured with client-cert authentication. Kerberos authentication is also supported.
  • The LTPA token life must be long enough that it does not expire before the document-style report generation is completed. The default life is 2 hours. You can configure LTPA timeouts on your application server, for example in WebSphere Liberty, you can customize the server.xml for Engineering Lifecycle Management.
  • If the data source connection is to ELM application registered with another JTS, then you must provide connection credentials to generate a document-style report.
  • Publishing Document Builder must operate in HTTPS mode, for example, https://hostname:port/rpeng/).
  • This setting does not work for scheduled document-style report generations.


  1. Log in to the JTS as an administrator at https://<server>:<port>/jts/admin.
  2. Go to Server > Configuration > Registered Applications.
  3. Click Add.
  4. In the Add Application window, enter the following information about your application:
    1. In the Application Name field, enter a unique name for the application.
    2. In the Discovery URL field, enter the URL to Publishing Document Builder.
      for example, https://server:port/rpeng/scr
    3. In the Consumer secret field, enter a consumer secret for the application that you are registering. JTS will automatically generate a consumer key.
    4. In the Functional User ID field, enter pub_user.
    5. Click Finish.
  5. Log in to Publishing Document Builder as an administrator.
  6. To administer the application, click Administration menu in the product banner.
  7. Select Administer from the drop-down menu.
  8. Click Runtime variables tab.
  9. In the Runtime variables tab, expand Authentication switching, and click the Edit link.
  10. In the Authentication type drop-down list, select JTS authentication.
  11. Click Save.