Standard Cognos TM1 authentication

With IBM® Cognos® TM1® authentication, the Cognos TM1 server checks the user name and password against the user names and passwords in the Cognos TM1 database.

The following image shows the process of authenticating with the TM1 server.

Client tools: TM1 Architect, TM1 Perspectives, TM1 Web client and TM1 Contributor authenticate with Cognos TM1 server using user name and password

TM1 Server asks you for a user name and password, and validates the login information against the security cube login information.

Security considerations when using TM1 Applications

You can use either IBM TM1 standard security authentication or IBM Cognos security for the TM1 servers you use with TM1 Applications.

Do not use a combination of different security authentication modes for the same installation of TM1 Applications.

Determine the security mode before you configure TM1 Applications to use a TM1 Server and use that same security mode with any additional servers you add.

For details about using Cognos security, see: Using Cognos TM1 Applications with Cognos security.

Using the IntegratedSecurityMode parameter with TM1 Applications

To set the TM1 security authentication mode use the IntegratedSecurityMode parameter in the Tm1s.cfg file of each TM1 Server you want to use.

Important: The TM1 Applications component is compatible only with TM1 security authentication modes 1 and 5.

For example, to use TM1 standard security authentication, set the IntegratedSecurityMode parameter to 1 for each server.

IntegratedSecurityMode=1

To use IBM Cognos security, set the IntegratedSecurityMode parameter to 5.

IntegratedSecurityMode=5

For more details about the IntegratedSecurityMode parameter, see the TM1 System Configuration section in TM1 Operations.

If IntegratedSecurityMode=5 is used for the TM1 Server and IBM Cognos TM1 Applications, it is not possible to assign rights to native TM1 groups within the Manage rights dialog. Only Cognos Groups imported into the TM1 Server, are available. This means you cannot use native TM1 groups and Cognos groups in parallel because the SecMode is limiting which groups can be used

Configuring TM1 Applications security for multiple TM1 Servers

If you want to use multiple TM1 servers with TM1 Applications, they must all be configured to use the same security authentication (either TM1 standard authentication or Cognos security) and include the same administrator user name and password.

For more details, see Configuring TM1 Application Web to use multiple TM1 Servers.