Configuring using SSO

Configure Single Sign-On authentication for the BIM Connector using Application Server, Platform OAuth, or other SSO providers including SAML and external identity providers.

About this task

The Connector can connect to Maximo® Real Estate and Facilities services that use external SSO solutions such as an Security Assertion Markup Language (SAML) provider, it can also use the native OAuth login supported by the server. All SSO options display a browser on the login form, which allows the user to login to a web-based identity provider.

This image shows the Environment Server Definition -SSO

Procedure

Select any of the three SSO options from the SSO URL dropdown.

Option	Description
Application Server	This is a shortcut. It opens the browser to the URL specified in the URL field. It expects to be redirected to an identity provider login page. The login completes. If there is no redirect, the normal Maximo Real Estate and Facilities login page is displayed in the browser. This can now be used to login to IBM® Maximo Real Estate and Facilities Connector for BIM. Use this for IBM WebSphere® Application Server Liberty SSO plug-ins.
Platform	This provides support for the native OAuth login. It is configured in the Maximo Real Estate and Facilities portal. To setup: Go to Tools > System Setup > OAuth Settings. Provide the following information: OAuth Provider: Enter either of the supported values, that is, Microsoft or Autodesk MyProfile ID: Enter either the User Name or email. The Autodesk or Microsoft email must be in the selected field of the user's profile OAuth Redirect URL: Enter the URL in the following format: https://<workspace_id>.facilities.<mas_domain>/p/oauth/signon, where <workspace_id>.facilities.<mas_domain> is the Maximo Real Estate and Facilities server base URL. This must be added to the OAuth application definition in Autodesk Platform Services or Microsoft Azure as a valid redirect URL Target Application: Not used by the Maximo Real Estate and Facilities Connector for BIM. Note: Value for all other fields is taken from the Microsoft or Autodesk OAuth configuration and application definition.
Other	This is generic. It opens the page listed in the SSO URL in the login form. For the login to work correctly, the SSO process must redirect the user to the Maximo Real Estate and Facilities main portal: https://<workspace_id>.facilities.<mas_domain>/html/en/app/tririga The main portal URLs can be configured in TRIRIGA_AR.properties. Use this with a valid login for the existing SAML SSO support or any SSO option that starts at the identity provider URL.

Option

Description

Application Server

This is a shortcut. It opens the browser to the URL specified in the URL field. It expects to be redirected to an identity provider login page. The login completes. If there is no redirect, the normal Maximo Real Estate and Facilities login page is displayed in the browser. This can now be used to login to IBM® Maximo Real Estate and Facilities Connector for BIM. Use this for IBM WebSphere® Application Server Liberty SSO plug-ins.

Platform

This provides support for the native OAuth login. It is configured in the Maximo Real Estate and Facilities portal. To setup:

Go to Tools > System Setup > OAuth Settings.
Provide the following information:
- OAuth Provider: Enter either of the supported values, that is, Microsoft or Autodesk
- MyProfile ID: Enter either the User Name or email. The Autodesk or Microsoft email must be in the selected field of the user's profile
- OAuth Redirect URL: Enter the URL in the following format: https://<workspace_id>.facilities.<mas_domain>/p/oauth/signon, where <workspace_id>.facilities.<mas_domain> is the Maximo Real Estate and Facilities server base URL. This must be added to the OAuth application definition in Autodesk Platform Services or Microsoft Azure as a valid redirect URL
- Target Application: Not used by the Maximo Real Estate and Facilities Connector for BIM.
Note: Value for all other fields is taken from the Microsoft or Autodesk OAuth configuration and application definition.

Other

This is generic. It opens the page listed in the SSO URL in the login form. For the login to work correctly, the SSO process must redirect the user to the Maximo Real Estate and Facilities main portal:

https://<workspace_id>.facilities.<mas_domain>/html/en/app/tririga

The main portal URLs can be configured in TRIRIGA_AR.properties. Use this with a valid login for the existing SAML SSO support or any SSO option that starts at the identity provider URL.

Click Save & Close.