The birth of a new SSO Application Configuration Tool for BizTalk Server 2016

Happy to announce the birth of a new SSO Application Configuration tool that will provide the ability to easily add and manage configuration applications, add and manage key-value pairs in the SSO database, as well as securely import and export configuration applications so that they can be deployed to different environments.

SSO Application Configuration Tool for BizTalk Server 2016

BizTalk Server leverages the Enterprise Single Sign-On (SSO) capabilities for securely storing critical information such as secure configuration properties (for example, the proxy user ID, and proxy password) for the BizTalk adapters. Therefore, BizTalk Server requires SSO to work properly. BizTalk Server automatically installs SSO on every computer where you install the BizTalk Server runtime.

But it also can keep your own application configuration data in the SSO database, let’s say the usual configurations that we normally keep in a configuration file (“app.config”)). If you’ve been in the BizTalk world long enough, you’ve probably faced this challenge or need and until 2009 there wasn’t an easy way to archive that, and Richard Seroter’s BizTalk SSO Configuration Data Storage Tool was the go tool to store and manage Single Sign-On (SSO) applications – this is still a valid tool and if you rebuild the code in the last version of BizTalk Server it still works perfectly.

In mid-2009 Microsoft released an MMC snap-in to tackle this exact issue: SSO Configuration Application MMC Snap-In provides the ability to add and manage applications, add and manage key-value pairs in the SSO database, as well as import and export configuration applications so that they can be deployed to different environments. It wasn’t nor is it the perfect tool in my opinion since it has several UI limitations but it worked perfectly until… a new version of BizTalk Server was released.

Unfortunately, this tool will not work properly at least from BizTalk Server 2013 forward. At first sight, it seems that everything is working properly but when you try to create a key-value pair you will see that nothing happens and no key is created.

At the time I published a hotfix for the tool:

And M.R.Ashwin Prabhu published the same hotfix for BizTalk Server 2016.

In part, these hotfixes solved the issue but I recently realized that the tool even with the hotfix doesn’t work properly in multiple environments, and to try to uninstall the Microsoft snap-in after the hotfix is “installed” it is a nightmare.

Again, Richard Seroter tool is a great tool but is not fully compatible with Microsoft tool and in some parts, I liked that tool. So I and my team decided to “recreate” and improve SSO Application Configuration and the result is this:

  • Fully resizable windows (you will understand if you are a BizTalk Developer);
  • You can securely export and import Application configurations and it is compatible with MSFT SSO snap-in;
  • You can duplicate Applications (copy and paste);
  • You can rename Applications;
  • You can easily add new key-values without the need to always perform a right-click and select a new key option;
  • You can easily add edit key-values without the need to always perform a double-click to open a new window;
  • You can refresh the Applications tree view
  • You can configure your system settings
SSO Application Configuration Tool for BizTalk Server 2016: Settings
  • You can search!



You can download BizTalk Server SSO Application Configuration Tool from GitHub here:

Author: Sandro Pereira

Sandro Pereira lives in Portugal and works as a consultant at DevScope. In the past years, he has been working on implementing Integration scenarios both on-premises and cloud for various clients, each with different scenarios from a technical point of view, size, and criticality, using Microsoft Azure, Microsoft BizTalk Server and different technologies like AS2, EDI, RosettaNet, SAP, TIBCO etc. He is a regular blogger, international speaker, and technical reviewer of several BizTalk books all focused on Integration. He is also the author of the book “BizTalk Mapping Patterns & Best Practices”. He has been awarded MVP since 2011 for his contributions to the integration community.

19 thoughts on “The birth of a new SSO Application Configuration Tool for BizTalk Server 2016”

  1. FYI – You have a formatting issue on your blog. On IE11 the social media share buttons cover some of the text on the page.
    Great tool, very much needed, thanks for putting it out.

  2. Hello,

    I have been using this since past couple of years and the “READ” aspect is working fine. I have a new requirement to store the data and was wondering if there is a way to “UPDATE” the value of existing key using SSOClientHelper class.

    I tried to update the PropertyBag (HybridDictionary) object using properties[{key}] = “My Value” and it does not work.

    Any ideas or alternatives?

  3. Are the key value pairs cached in memory or does the “Read” function do a roundtrip lookup in the database each time?

  4. Dear Sandro,

    Do you have an updated version of the tool for BizTalk Server 2020? Any ideas where I can get it? Thank you.

    1. Steps to make it work for BizTalk 2020:
      1. download the code(BTS2016-SSO) from codeplex
      2. update the references ‘Microsoft.EnterpriseSingleSignOn.Interop’ and ‘Microsoft.BizTalk.Interop.SSOClient’ to use the GAC version (BZT2020)
      3. update .Net target version of BizTalk.Tools.SSOApplicationConfiguration project to 4.8, the application compiles and runs as expected.
      To establish the connection update ‘Settings’:
      – with the correct AD group names (add domain if applicable) eg: AD\SSO Administrators
      – with the same contact as the application was added previously (or the application settings won’t be visible)

  5. How do I read old applications that are inserted with the microsoft snap-in tool? All existing applications are invisible.

  6. HI
    I upgrade BizTalk from 2010 to 2016. Now I need to export SSO configuration from 2010 to 2016 SSO. How should I do export and import? Please explain step by step

  7. Hi

    In 2016 tool if key value pairs are more(ex.

    300 or400 pair) then either the pair is not

    showing or the mapping pair is showing wrong.

    Is there any fix for this ?

    1. Honestly, I have to check because I never have an application with such an amount of keys. I normally prefer to have several different applications with way less key in order to manage them properly and easily.

  8. Hi Sandro.. Please let me if you have any fix solution for more than 400 pair in same application, because our current biztalk solution taking the values from one application under SSO. This is a log pending issue in our system.

Leave a Reply

Your email address will not be published. Required fields are marked *


Back to Top