Using STA for Multifactor Authentication for CTE GuardPoints
Prerequisites
-
Have a CipherTrust Manager set up with:
-
Integrate with MISSING VARIABLE: sta by creating and managing your access controls in MISSING VARIABLE: sta.
Selecting the Proper Template
Note
Make sure that, in MISSING VARIABLE: sta, you choose the custom template: CTE_OIDC.
If the CTE_OIDC template is not available in your account:
-
Create an app using the Generic Template.
-
For the Integration Protocol, select OIDC.
-
Configure VALID REDIRECT URL as: http://127.0.0.1:5560/auth/callback.
Note
Port 5560 is the default CTE OIDC login port. If the CTE admin changes it through the
voradmin mfa
command, you must chang that value in the redirect URL.
Create an OIDC Connection with CipherTrust Manager
-
Log on to the CipherTrust Manager GUI as an administrator.
-
In the left pane, click Access Management > Connections.
-
In the Connections, click Add Connection.
-
Click OIDC and then click Next.
-
Provide a name for the connection and click Next.
-
Enter values for the configuration information.
Note
Refer to your Multifactor Authentication provider profile for the values:
- URL of OIDC provider:
- For KeyCloak, select the URL of the OIDC provider
-
For Thales MISSING VARIABLE: sta, select Well Known Configuration URL
-
For all other providers, select the URL of the OIDC provider
-
Client-ID as configured for the OIDC client
-
Client-Secret as shown for the OIDC client
-
Click Next and in the Add Products window, select CTE for product.
-
Click Add Connection.
For more on the MISSING VARIABLE: sta OIDC template, see OIDC applications.