Setting authentication methods and passwords for users

You can change the method that a user uses to authenticate with the license server and other Helix ALM products. License server authentication is the default authentication method, but you can change it to use an OpenID Connect/SAML provider. To change the authentication method for an Active Directory (AD) or LDAP user, you need to remove the association with the AD/LDAP server first. See Changing Active Directory and LDAP server associations.

You can also set a password and options for passwords for users who use license server authentication.

1. Click the Authentication tab when adding or editing a user.

2. Select the Authentication method the user will use to log in to Helix ALM products.

  • Select License server if the user will log in using the username and password set in their license server user record.
  • Select an authentication provider name if the user will log in using an identity provider, such as Okta. See Integrating the Helix ALM License Server with identity providers. If providers are configured on the license server and the list is empty, make sure that OpenID Connect and SAML is selected as an allowed authentication method in the server options. See Setting authentication options.
  • If the user is associated with an Active Directory (AD) or LDAP server, the server name is displayed and cannot be changed. To remove the association with the AD/LDAP server, click Remove LDAP Association. See Changing Active Directory and LDAP server associations. If the user is associated with an AD server and single sign-on is configured, you can enable it for the user. Select Allow user to log in using single sign-on. See Using single sign-on for information.

3. If License server is selected for the Authentication method, enter and confirm a Password for the user.

You can enter up to 128 characters for the password. You can also set the following password options.

  • User must change password at next login prompts the user to change their password the next time they log in to a Helix ALM product.
  • User cannot change password restricts the user from changing their password.
  • Password never expires prevents the password from expiring so the user does not need to change it on a regular basis.

4. To add an API key for the user or manage existing keys, click Manage API Keys. API keys are used to authenticate the user with the Helix ALM REST API. See Managing API keys.

5. Click OK to save the changes.