MicroStrategy ONE

Enabling Single Sign-On Authentication for Mobile

You can enable single sign-on (SSO) authentication for MicroStrategy Mobile with third-party trusted authentication providers such as Tivoli or SiteMinder. Once a user is authenticated in the third-party system, the user's permissions are retrieved from a user directory, and access is granted to MicroStrategy Mobile.

Prior to enabling trusted authentication for MicroStrategy Mobile, you must complete the initial third-party authentication setup. To create users and links in a third party system, see the Authentication chapter in the System Administration Help.

To enable users to log in to MicroStrategy Mobile using SSO authentication, you must enable trusted authentication as an available authentication mode in MicroStrategy Mobile.

To Enable Trusted Authentication in MicroStrategy Mobile

  1. Access the Mobile Server Administrator page:
    • In Windows: Choose Start > Programs > MicroStrategy Tools > Mobile Administrator. The Mobile Server Administrator web page opens.
    • In UNIX/Linux: After you deploy MicroStrategy Mobile Server Universal and log on to the mstrMobileAdmin servlet using proper credentials, the Mobile Server Administrator web page opens. The default location of the Administrator servlet varies depending on the platform that you are using.
  2. From the pane on the left, select Default properties. The Default Server Properties page opens.
  3. From the Trusted Authentication Providers drop-down list, select Tivoli or SiteMinder. For information about adding custom authentication, see the MicroStrategy Developer Library (MSDL).
  4. At the bottom of the page, click Save.

To enable the authentication token to pass from the third-party authentication provider to MicroStrategy Mobile, and then to Intelligence Server, a trust relationship must be established between MicroStrategy Mobile and Intelligence Server.

To Establish Trust Between MicroStrategy Mobile and Intelligence Server

  1. Access the Mobile Server Administrator page:
    • In Windows: Choose Start > Programs > MicroStrategy Tools > Mobile Administrator. The Mobile Server Administrator web page opens.
    • In UNIX/Linux: After you deploy MicroStrategy Mobile Server Universal and log on to the mstrMobileAdmin servlet using proper credentials, the Mobile Server Administrator web page opens. The default location of the Administrator servlet varies depending on the platform that you are using.
  2. From the pane on the left, select Servers.
  3. Confirm that MicroStrategy Mobile Server is currently connected to an Intelligence Server. If an Intelligence Server is not connected, in the Unconnected Servers table, under Action, click Connect for the appropriate Intelligence Server.
  4. In the Connected Servers table, under Properties, click Modify. The Server Properties page opens.
  5. Next to Trust relationship between Mobile Server and Intelligence Server, click Setup.
  6. Type a User name and Password in the appropriate fields. The user must have administrative privileges for MicroStrategy Mobile.
  7. From the options provided, select the authentication mode used to authenticate the administrative user.

  8. In the Mobile Server Application field, type the URL for MicroStrategy Mobile.

    You might provide the URLs for the application using Tivoli, as follows:

    https://MachineName/JunctionName/MicroStrategyMobile/asp
  9. Click Create Trust Relationship.
  10. Click Save to create the trust relationship.

For steps to verify or delete the trust relationship, see Authentication in the System Administration Help.