Registering Identity Provider
Register Identity Provider for secure communicate with Thales CipherTrust Manager (CM),
The OCI's identity provider allows users to login into OCI's identity domain using their external provider's credentials. For OCI KMS to securely communicate with Thales CipherTrust Manager (CM), you must register the identity provider with JSON Web Token (JWT) Issuer and KMS client ID. By registering, you can securely control user access to OCI KMS service. For more information about registering a JWT issuer on the CipherTrust Manager (CM), see Register JWT Issuer in Thales CipherTrust Manager (CM).
Also, for more information about identity provider, see Managing Identity Provider.
Go to your domain in OCI Console and find the Domain URL. For example: https://idcs-a0c5ea72495d4ebea3e6e31bd7a742b1.identity.oraclecloud.com:443
Add /.well-known/idcs-configuration after .com and go to this URL. For example, https://idcs-a0c5ea72495d4ebea3e6e31bd7a742b1.identity.oraclecloud.com/.well-known/idcs-configuration
Copy the jwks URL and identity provider from this URL to Thales CipherTrust Manager (CM). On your CM, select Tick the jwks protected url and write the client ID and secret from the resource app that you created in OCI Identity Domain.