Use the IdP Catalog application (idpcat.nsf) to configure a trusted OIDC provider.

Procedure

1. Open the IdP Catalog (idpcat.nsf), and click the folder icon in the navigation to open the Workspace.

2. Click OIDC Provider and then click Add OIDC Provider. You can add up to five OIDC providers.

a. Enter a name that you will recall in the Provider name field.

b. In the Base URL field, enter the base URL for the OIDC provider. For example, when using a KeyCloak OIDC provider hosted on myprovider.example.com port 8443 and a realm named "TestRealm," set the "Base URL" field to https://myserver.example.com:8443/realms/TestRealm.


Note:

The Base URL is used to construct the OIDC provider's well known configuration endpoint.

• A base URL ofhttps://myprovider.example.com/realms/ParanoiaRealmOnewould correspond to a configuration endpoint of                                                https:/myprovider.example.com/realms/ParanoiaRealmOne/.well-known/openid-configuration.
• A base URL ofhttps://accounts.google.comwould correspond to a configuration endpoint ofhttps://accounts.google.com/.well-known/openid-configuration.

  The trailing                                                  /.well-known/openid-configuration must not be included in the base URL.

c. Click on the arrow next to Host names or addresses mapped to this site and select from the list one or more internet sites that you want to trust this OIDC provider for authentication.





Note: Only one SAML partnership or OIDC provider can be configured for a single internet site.

Related concepts
Managing TLS certificates with Certificate Manager

Related tasks
Adding trusted root certificates

Help on Help

All Help Contents

Help on Help