Aqua supports OIDC single sign-in with any OIDC-compatible provider. Please see the information below for requesting an OIDC integration.

IdP OIDC Setup

Your IdP may require some or all of the following settings:

OIDC Redirect URL
OIDC Attributesemail

Note: This attribute must be set and mapped to the user's email address.
Scopesopenid email profile

Settings to Provide to Aqua

Once you have configured the OIDC IdP, you must provide the following settings to Aqua via a support ticket:

  1. Client ID
  2. Client Secret
  3. Issuer URL

Next Steps

After opening a support ticket with the above details, Aqua will configure our integration and provide an SSO URL for testing. If it works, we can then enable the OIDC integration for all users in your account.