1 Reply Latest reply on Jan 28, 2012 7:56 PM by HakanBiroglu

    Authentication Domain


      Can some one explian me, what is the perpose of Authentication domain in PeopleSoft? I know how to define a auth token but would like to know the purpose and I dont want to display the Webserver name and the port number in the PIA URL how do we configure?

      Thanks in advance,
        • 1. Re: Authentication Domain
          If I understand you correctly you want to change the url of PeopleSoft from something like


          This is exactly what an authentication domain does.
          If you also do not want to show the portnumber, you have several options:
          - run PIA om port 80/443
          - add a loadbalacer that runs on port 80/443 that forwards all incoming requests on 80/443 to PIA

          Besides this an authentication domain is used for (below text from installation manual):

          Using Authentication Domains in the PeopleSoft Pure
          Internet Architecture Installation
          You have the option to specify an authentication domain when you install the PeopleSoft Pure Internet Architecture on Oracle WebLogic or WebSphere.
          Note. The authentication domain was referred to as the Authentication Token Domain in previous releases, and that term is still seen in the software.
          When an authentication domain is specified during the PeopleSoft Pure Internet Architecture install, that value gets used as the Cookie domain in the web server configuration. The main requirements when setting a
          cookie domain are:
          • The host must have a fully qualified domain name (FQDN). The requirement that you must have a domain name does not imply that you must have a DNS, but you do need some type of naming service such as DNS or some managed ..\etc\hosts file that contains a list of the servers with their domain name.
          • The cookie domain value being set must begin with a dot (.ps.com is valid, ps.com is NOT valid).
          • The cookie domain value being set must contain at least 1 embedded dot (.ps.com is valid, .corp.ps.com is valid, .com is NOT valid).
          • The cookie domain value can only be a single domain name. It cannot be a delimiter-separated list of domains.

          Setting Up the PeopleSoft Pure Internet Architecture in GUI Mode Chapter 9A
          By default, the browser only sends cookies back to the machine that set the cookie. So if web server crm.yourdomain.com sets a cookie, the browser will only send it back there. You can make the browser send the single signon cookie to all servers at yourdomain.com by typing your domain name in the Authentication Token Domain list box of web server crm. Specifying the authentication domain may be necessary in certain cases. For example, if you plan to use the PeopleSoft portal technology, be sure to read the supporting documentation to determine whether setting the authentication domain is required for correct operation.

          Specify an authentication domain if you plan to run a REN Server. REN Servers are required for PeopleSoft MultiChannel Framework, Reporting, and some PeopleSoft CRM applications supported by PeopleSoft MultiChannel Framework.

          Specify an authentication domain if you plan to use Business Objects Enterprise.