/
Authentication & Security

Authentication & Security

Authentication & Security

This section covers all authentication methods supported by Arc and security hardening options available via the settings.yml configuration file.

In This Section

Authentication

  • Setting Up SSO with CAM and Arc — Configure Single Sign-On using IBM Cognos Access Manager (CAM) security.

  • Setting Up Native TM1 OpenID Authentication — Enable OpenID Connect authentication (available from Arc v2.0+).

  • Using IBM ID with Arc — Use IBM ID and OAuth to connect to IBM PA SaaS instances.

Security Hardening

  • Enabling TLS Protocols in Arc — Overview of all TLS and security-related settings available in settings.yml.

  • Using TLS Protocols v1.2+ with Arc — Restrict Arc to only use TLS v1.2+ and secure cipher suites.

  • HTTP Strict Transport Security (HSTS) — Force Arc to be accessed over HTTPS only.

  • Hiding the Authorized User Email — Hide the license email address from the Arc UI menu bar.

Security Settings Quick Reference

Setting

Parameter in settings.yml

Default

Setting

Parameter in settings.yml

Default

Force HTTPS

usessl: true

false

TLS v1.2+ only

usesecuretls: true

false

HSTS header

usehsts: true

false

Content Security Policy

usecontentsecuritypolicy: true

false

X-Frame-Options: DENY

useiframedeny: true

false

Hide license email

hideauthorizeduserlabel: true

false