Prerequisites:--
- IBM Cloud Identity (CI) Tenant should be Active
- Identity Governance and Intelligence (IGI) environment should be ready
1 > Login using admin access on Cloud Identity and go to Applications
2 > Click on Add application and Select Custom Application
3 > Add information as per your requirement on the next screen
4 >Add owner of this application if you want to provide access of this application after requesting by end user
5 > Now go to next tab “Sign-on” and feel required data
After filling all the details save the configuration . On next screen if you want this application accessible for all users or you want approval process before giving access to it .
Go back to Sing-on tab and cope Client ID and Client Secret to use the same with IGI.
After Completing Steps on CI and copying Client ID and Secret access IGI LMI and navigate to Configure IGI -> Manage External Entities -> OpenID connect Configuration and fill the details
NOTE :-- Provider name should be the same with the name you have used in redirect URI in CI
Redirect URIs https://igireplrv.in.ibm.com:9343/oidcclient/redirect/igisso
Then after you can use maual method to fill the OpenID details like Authorization URL ,Token URL etc . Also you can use discovery URL from CI to fill the details automatically .
Discovery URL -- > You can get it from OpenID connect Single Sign-on Configuration help section
https://<CI_Hostname>/oidc/endpoint/default/.well-known/openid-configuration
After saving the configuration take a restart of IGI application.
Note: Ensure to import the certificate from IBM Cloud Verify and add into IGI KeyStore from VA LMI.