Configuring Jazz Team Server container authentication for Document Builder

You can set up a Jazz™ Team Server (JTS) to provide authentication for Document Builder.

Before you begin

A new or existing JTS using container authentication is required.

About this task

This type of authentication is supported on WebSphere® Application Server and WebSphere Application Server Liberty Profile . The Liberty server must be configured for https connections.

Note: When Document Builder is configured with JTS container authentication, if you are logged into Document Builder , you do not have to enter the data source credentials again when generating a document with data from any IBM® Engineering Lifecycle Management (ELM) applications that use the same JTS . To take advantage of not having to re-authenticate, see the following details:
  • Document Builder must have the same domain as the JTS.
  • This type of authentication will also work for smart card or certificate authentication if the JTS is configured with client-cert authentication. Kerberos authentication is also supported.
  • The LTPA token life must be long enough that it does not expire before the document generation is completed. The default life is 2 hours. You can configure LTPA timeouts on your application server, for example in WebSphere Liberty , you can customize the server.xml for Engineering Lifecycle Management.
  • If the data source connection is to ELM application registered with another JTS, then you must provide connection credentials when generating a document.
  • Document Builder must operate in HTTPS mode, for example https://hostname:port/rpeng/)
  • This setting does not work for scheduled document generations.


  1. Log in to the JTS as an administrator at https://<server>:<port>/jts/admin.
  2. Go to Server > Configuration > Registered Applications.
  3. Click Add.
  4. In the Add Application window, enter the following information about your application:
    1. In the Application Name field, enter a unique name for the application.
    2. In the Discovery URL field, enter the URL to Document Builder, for example https://server:port/rpeng/scr.
    3. In the Consumer secret field, enter a consumer secret for the application that you are registering. JTS will automatically generate a consumer key.
    4. In the Functional User ID field, enter pub_user.
    5. Click Finish.
  5. Log in to Document Builder as an administrator.
  6. To administer the application, click your user name in the product banner.
  7. Select Administer from the drop-down menu.
  8. Click Runtime Variables.
  9. In the Runtime Variables page, expand Authentication Switching, and click the Edit link.
  10. In the Authentication type drop-down list, select JTS Authentication.
  11. Click Save.
  12. If you get a confirmation dialog when you log in asking you to allow the Document Builder server to collaborate with the JTS, follow the steps in the Verifying that the report server is a trusted client on the Jazz Team Server section of the linked topic. Substitute the Document Builder server values for the report server.
    Note: Document Builder appears in the list of applications in the Jazz home menu.
    Generate Documents in menu

video icon Video channel
Software Education channel

learn icon Courses

IoT Academy
Skills Gateway

ask icon Community forums library

support icon Support

IBM Support Community
Deployment wiki