Configuring External Authentication using OpenID Connect

To use External Authentication with an OpenID Connect (OIDC)-based identify provider, complete the following. For configuration examples, see: 

• Example: Configuring Azure OIDC to use with Entrust CloudControl.

• Example: Configuring Entrust Identity as a Service to use with Entrust CloudControl .

Procedure 

1. From the Home tab, select System > External Authentication.

2. On the External Authentication page, click the Configuration tab.

3. In the Authentication Type field, select OpenID Connect and complete the following: 

   Field	Value
   Client ID	Enter the Client ID you received when you registered CloudControl as an application in the OIDC provider.
   Client Secret	Enter the value for the client secret you received when you registered CloudControl as an application in the OIDC provider.
   Base URL	Enter the base URL. For Azure AD, the base URL Is located in the OpenID Connect metadata document. For Entrust IDaaS, the base URL will be: https://<IDaaS server>/api/oidc
   Name	Enter a descriptive name to recognize the configuration in CloudControl.

4. Click Enable.
5. In the OpenID Connect Configuration window, click Verify and Enable.