Setting Authentication for Orchestrations

As of SBM 10.1, security tokens are issued to all authenticated users whether you use Single Sign-On (SSO) or not, so you are no longer required to provide authentication credentials for SBM Application Engine calls in orchestrations. However, you might want to hard-code specific authentication credentials so that the orchestration runs under a specific user in either of the following scenarios:
  • The calling user does not have sufficient privileges.
    Tip: Consider creating a dedicated user with API/Script product access and grant the following privileges in Application Administrator to the Configuration Management System, Incident Management, and Problem Management projects:
    • View All Items
    • Update All Items
    • Transition All Items
  • You upgraded from a previous SBM release in which SSO was disabled and you use external events in your orchestrations (because no token is issued for anonymous events).

The following steps explain how to import the process app into SBM Composer, modify the orchestration, and deploy the process app to your SBM Server.

Important: Open all process applications in SBM Composer before attempting to edit. The applications reference each other, and if one is not imported into SBM Composer, you could encounter validation errors.

To modify the orchestrations:

  1. Open the process app in SBM Composer.
  2. Configure the orchestrations (if any) in the process app to be authenticated under a user account that is authorized to run orchestrations:
    1. Select an orchestration workflow under Orchestration Workflows.
    2. Click the Data Mapping tab in the Property Editor.
    3. Under Working Data, add a user account to the userId and password Default Values. These values will be used to authenticate the orchestration.
    4. Repeat for all orchestrations in the process app.
  3. Publish and deploy the updated process app to your environment. You are prompted to save your changes, and the process app is then deployed to your environment. A confirmation message will appear in the Message List when the deployment is complete.
  4. Repeat these steps for each of the process apps. When you open the next process app, you are prompted to check in the application. Click Yes, and then OK to confirm (even if no changes were made).