Aqua supports OIDC single sign-in with any OIDC-compatible provider. Please see the information below for requesting an OIDC integration.
IdP OIDC Setup
Your IdP may require some or all of the following settings:
|OIDC Redirect URL||https://cloudsploit.auth.us-east-1.amazoncognito.com/oauth2/idpresponse|
Note: This attribute must be set and mapped to the user's email address.
|Scopes||openid email profile|
Settings to Provide to Aqua
Once you have configured the OIDC IdP, you must provide the following settings to Aqua via a support ticket:
- Client ID
- Client Secret
- Issuer URL
After opening a support ticket with the above details, Aqua will configure our integration and provide an SSO URL for testing. If it works, we can then enable the OIDC integration for all users in your account.