Configuring the secret key for single sign-on in the analytics configuration file (biConfig.xml)

To configure single sign-on between Management Center and IBM Digital Analytics, formerly known as Coremetrics Analytics, your biConfig.xml file must define a secret key. This secret key is used to create a token for single sign-on authentication. You must provide your secret key to your IBM Digital Analytics Support representative so that the same key is configured in the IBM Digital Analytics system.

About this task

For convenience, when you run the enablement script for Feature Pack 3 or later, the enablement script adds an <ssoKey> element that contains a generated unique secret key to the biConfig.xml file located at the path in first step of this procedure. You can either use this predefined secret key, or you can define your own. If you are integrating with IBM Digital Analytics for the first time, you probably created a biConfig.xml file after you run the enablement scripts. In this case, the <ssoKey> element is empty and you must define your own secret key. The following procedures steps cover both scenarios.

Make the changes that are described in this procedure to the biConfig.xml file in your development environment, and then deploy the file to your WebSphere Commerce Enterprise Archive (WC_eardir/xml/config/bi/).


  1. Open your biConfig.xml file in an editor:
    • WebSphere Commerce DeveloperWCDE_installdir/workspace/WC/xml/config/bi/biConfig.xml
  2. Locate the following element:
  3. Check whether there is already a secret key that is defined in the element. If so, the element would look similar to this example:
    • If there is a key that is already defined, skip to step 7.
    • If the element is empty, define a secret key. You can use any string that you want, but ensure that you define a strong key. For example, use a 16-character string that:
      • Contains at least one letter and one number.
      • Does not contain the same character more than 4 times in a row.


  4. Save and close the file.
  5. Restart the WebSphere Commerce server.
  6. Deploy the file to the WebSphere Commerce Enterprise Archive (WC_eardir/xml/config/bi/).
  7. Provide your secret key to your IBM Digital Analytics representative so that IBM Digital Analytics can configure this key in their system. If IBM Digital Analytics does not have the identical secret key that is configured, then single sign-on does not work.

    Tip: It is a good practice to change your secret key periodically by changing your entry in the <ssoKey> element in this file and then providing IBM Digital Analytics with the changed secret key.