Your suggested change has been received. Thank you.

SafeNet IDPrime Virtual Integrations with IDPs

All

All
CipherTrust Manager
CipherTrust Application Data Protection (CADP)
CipherTrust Application Key Management (CAKM)
CipherTrust Batch Data Transformation (BDT)
CipherTrust Cloud Key Management (CCKM)
CipherTrust Data Discovery and Classification (DDC)
CipherTrust Data Protection Gateway (DPG)
CipherTrust Database Protection (CDP)
CipherTrust Intelligent Protection (CIP)
CipherTrust Integrations
CipherTrust Migrations
CipherTrust RESTful Data Protection (CRDP)
CipherTrust Transparent Encryption (CTE)
CipherTrust Transparent Encryption Userspace (CTE-U)
CipherTrust Secrets Management (CSM)
CipherTrust Vaulted Tokenization (CT-V)
CipherTrust Vaultless Tokenization (CT-VL)
CTE-Linux
CTE-Windows
CTE-AIX
CTE-K8s
CTE-U
Crypto Command Center
Data Protection on Demand
Luna Cloud HSM
Luna Network HSM
Luna PCIe HSM
Luna USB HSM
OneWelcome Identity Platform
ProtectApp LUKS
ProtectServer 2 HSM
ProtectServer 3 HSM
SafeNet Trusted Access (STA)
SafeNet MobilePASS+
SafeNet MobilePASS+ for Android
SafeNet MobilePASS+ for Chrome
SafeNet MobilePASS+ for macOS
SafeNet MobilePASS+ for iOS
SafeNet MobilePASS+ for WatchOS
SafeNet MobilePASS+ for Windows
SafeNet Synchronization Agent
SafeNet Logging Agent
SafeNet Agent for FreeRADIUS
SafeNet Agent for NPS
SafeNet Agent for Windows Logon
SafeNet Authentication Service Private Cloud Edition (SAS PCE)
SafeNet Remote Logging Agent
SafeNet Keycloak Agent
SafeNet IDPrime Virtual (IDPV)
SafeNet FIDO Key Manager
SafeNet FIDO Key Manager for Android
SafeNet FIDO Key Manager for iOS
SafeNet FIDO Key Manager for Windows

Keycloak with SAS PCE

Add OIDC Client on Keycloak Server

Thales
SafeNet Trusted Access
- SafeNet Trusted Access Configuration
- SafeNet IDPrime Virtual Setup
- Verify Integration
Keycloak with SAS PCE
- Overview
- Install Safenet Agent for Keycloak
- Realm Configuration
- Configure SafeNet Authentication Flows
- Add OIDC Client on Keycloak Server
- Keycloak User Federation
- Set up the SAS PCE LDAP
- SafeNet IDPrime Virtual Setup
- Verify Integration

SafeNet IDPrime Virtual Integrations with IDPs
Thales
Keycloak with SAS PCE
Add OIDC Client on Keycloak Server

Add OIDC Client on Keycloak Server

To Create OIDC Client

Perform the following steps to create the OIDC client for the IDPV server:

In the left pane, select the realm, and select Clients.
In the right pane, click Create and enter a name in the Client ID field (acts as the client_id in the OIDC authentication requests).
Click Save.

Once the client is created, client configuration page is displayed.
1. Select openid-connect from the drop-down in the Client Protocol field.
2. Select Access Type to confidential from the drop-down list.
3. Add the Valid Redirect URIs for the IDPVserver.
  
  URL structure: https://<server-host>/*
  For example: https://www.idpvserver.com/*
  
  Note
  This URL is updated as per IDPV server host name.

Adding Scope to the Client

Perform the following steps to add a client scope:

In the left pane, select the realm, and select Client Scopes.
Select Create.
Enter idpvscope in the Name field.
Set the Display on Consent screen to OFF.
Click Save.

Mapping the Client Scope

There are different ways to add claims that is at realm level, Client level, user or group level. These are mapped using roles, groups or individually. You add mapper to a scope, these claims are required by the IDPV server.

Perform the following steps to map the scope:

In the left pane, select Client Scopes.
In the right pane, select Mappers > Create.

Create Protocol Mapper section is displayed.

Enter the following settings for User Attribute Mapper Type:
- Name: preferred_username
- Mapper Type: User Attribute
- User Attribute: cn
- Token Claim Name: preferred_username
Enter the following settings to another mapper for Group Membership:
- Name: groups
- Mapper type: Group Membership
- Token Claim Name: groups
Click Save.

Similarly, add all required claims.

Adding Scope to OpenID Client

Once all required claims are added, refer to Mapping the Client Scope, apply the scope to the OpenID client.

In the left pane, select Clients.
In the right pane, select Client, and then click the Client Scopes tab.
Select the scope under the Default Client Scopes, and click Add selected.

On this page

Adding Scope to the Client
Mapping the Client Scope
Adding Scope to OpenID Client

SafeNet IDPrime Virtual Integrations with IDPs

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Release Notes
- Support Contacts
Legal
- End User License Agreement
- Disclaimer

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

Print

Download this Page

Download Project

Copy Link

Copy Link

Copy Link

Copy Link