See below for integrating the PKI Hub with external OpenID or Entrust IDaaS identity providers.

To integrate an external identity provider

1. Open the following URL in a Web browser. 

   https://<machine>:8443/management-console

   Where <machine> is the IP address or domain name of the machine hosting PKI Hub. 

   This release changes the URL port to 8443. Update your bookmarks accordingly.

2. Log in to the Management Console as a user belonging to a role with identity provider management permissions – for example, the initial admin administrator user. 
3. Select Identity providers in the sidebar.
   
4. Click OpenID Connect v1.0.
5. Configure the following settings. 
   • Redirect URI
   • Alias 
   • Display name
   • Display order
   • Use discovery endpoint
   • Authorization URL
   • Token URL
   • Logout URL
   • User Info URL
   • Token Introspection URL
   • Issuer
   • Validate Signatures
   • Use PKCE
   • Client authentication
   • Client ID
   • Client Secret
   • Client assertion signature algorithm
   • Client assertion audience
   • Add X.509 Headers to the JWT