https://live.paloaltonetworks.com/t5/cloud-identity-engine-articles/openid-connect-support-in-cloud-identity-engine/ta-p/594824 <DIV class="lia-message-template-content-zone"> <H2><FONT color="#FF6600"><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Title_OIDC-Support_palo-alto-networks.jpg" style="width: 960px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/61482iFB01AE2963539AE3/image-size/large?v=v2&amp;px=999" role="button" title="Title_OIDC-Support_palo-alto-networks.jpg" alt="Title_OIDC-Support_palo-alto-networks.jpg" /></span></STRONG></FONT></H2> <P>&nbsp;</P> <H2><FONT color="#FF6600"><STRONG>Executive Summary</STRONG></FONT></H2> <P>&nbsp;</P> <P><SPAN>The Cloud Identity Engine (</SPAN><A href="https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-new-features/identity-features/cloud-identity-engine" target="_blank" rel="noopener"><SPAN>CIE</SPAN></A><SPAN>) is expanding its capabilities by introducing a new method for connecting to authentication services via OpenID Connect (OIDC). This enhancement provides an additional option alongside our </SPAN><A href="https://docs.paloaltonetworks.com/cloud-identity/cloud-identity-engine-getting-started/authenticate-users-with-the-cloud-identity-engine" target="_blank" rel="noopener"><SPAN>existing support for CA Chains and SAML</SPAN></A><SPAN>. By integrating OIDC, organizations can simplify their authentication workflows, increase compatibility with modern identity providers, and enhance security while adhering to Zero Trust principles.</SPAN></P> <P>&nbsp;</P> <H2><FONT color="#FF6600"><STRONG>Enhancing Authentication Flexibility with OpenID Connect</STRONG></FONT><STRONG><BR /></STRONG></H2> <P>&nbsp;</P> <P><SPAN>In the rapidly evolving landscape of identity and access management, ensuring secure and seamless user authentication is paramount. As organizations continue to adopt Zero Trust architectures, the ability to choose the right authentication method becomes increasingly important. Cloud Identity Engine (CIE) has long supported authentication via CA Chains and SAML, offering robust options for different organizational needs. Today, we are excited to introduce a new method: OpenID Connect (OIDC).</SPAN></P> <P>&nbsp;</P> <H2><FONT color="#FF6600"><STRONG>Why OpenID Connect?</STRONG></FONT><STRONG><BR /></STRONG></H2> <P>&nbsp;</P> <P><SPAN>OpenID Connect is a modern authentication protocol that builds on the OAuth 2.0 framework. It offers many benefits that align with the needs of today’s enterprises, including:</SPAN></P> <P>&nbsp;</P> <UL> <LI style="font-weight: 400;" aria-level="1"><STRONG>Interoperability:</STRONG><SPAN> OIDC is supported by a wide range of identity providers, including popular platforms like Google, Microsoft Entra ID, and others.</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>Simplified Integration: </STRONG><SPAN>OIDC provides a straightforward way to authenticate users, reducing the complexity of integrating with various identity providers. This simplicity is particularly valuable for organizations looking to streamline their authentication processes.</SPAN></LI> </UL> <P>&nbsp;</P> <H2><FONT color="#FF6600"><STRONG>Start Using the Feature Today!</STRONG></FONT></H2> <P>&nbsp;</P> <P><SPAN>For both new and existing customers, the process to create your first authentication type using OIDC is the same.&nbsp;</SPAN></P> <P>&nbsp;</P> <P><SPAN>Follow our documentation to:</SPAN></P> <OL> <LI style="font-weight: 400;" aria-level="1"><A href="https://docs.paloaltonetworks.com/cloud-identity/cloud-identity-engine-getting-started/get-started-with-the-cloud-identity-engine/activate-the-cloud-identity-engine" target="_blank" rel="noopener"><SPAN>Activate the Cloud Identity Engine</SPAN></A><SPAN>, a free service (for customers who already use CIE, you can skip this step</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>Select </SPAN><FONT face="courier new,courier"><STRONG>Authentication &gt; Authentication Types.</STRONG></FONT></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>Click </SPAN><FONT face="courier new,courier"><STRONG>Add New Authentication Type.</STRONG></FONT></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>Click </SPAN><FONT face="courier new,courier"><STRONG>Set Up</STRONG></FONT><SPAN> under </SPAN><FONT face="courier new,courier"><STRONG>OIDC</STRONG><SPAN>.</SPAN></FONT></LI> </OL> <P><FONT face="courier new,courier"><SPAN><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Fig 1_OIDC-Support_palo-alto-networks.jpg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/61481iD91EE7400F437912/image-size/large?v=v2&amp;px=999" role="button" title="Fig 1_OIDC-Support_palo-alto-networks.jpg" alt="Fig 1_OIDC-Support_palo-alto-networks.jpg" /></span></SPAN></FONT></P> <P>&nbsp;</P> <P><SPAN>The addition of OpenID Connect to Cloud Identity Engine’s authentication options provides you with greater flexibility and an easier integration with your existing identity solutions.</SPAN></P> <P>&nbsp;</P> <P><SPAN>For more detailed instructions and technical guidance, please visit our </SPAN><A href="https://docs.paloaltonetworks.com/cloud-identity/cloud-identity-engine-getting-started/authenticate-users-with-the-cloud-identity-engine/set-up-oidc-authentication" target="_blank" rel="noopener"><SPAN>techdocs page here</SPAN></A><SPAN>.</SPAN></P> <P>&nbsp;</P> </DIV> Sat, 04 Jan 2025 01:18:45 GMT jtmclaughlin 2025-01-04T01:18:45Z https://live.paloaltonetworks.com/t5/cloud-identity-engine-articles/openid-connect-support-in-cloud-identity-engine/ta-p/594824 <P>The Cloud Identity Engine (CIE) is expanding its capabilities by introducing a new method for connecting to authentication services via OpenID Connect (OIDC). This enhancement provides an additional option alongside our existing support for CA Chains and SAML.</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Title_OIDC-Support_palo-alto-networks.jpg" style="width: 960px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/61484i9772316B69C81111/image-size/large?v=v2&amp;px=999" role="button" title="Title_OIDC-Support_palo-alto-networks.jpg" alt="Title_OIDC-Support_palo-alto-networks.jpg" /></span></P> Sat, 04 Jan 2025 01:18:45 GMT https://live.paloaltonetworks.com/t5/cloud-identity-engine-articles/openid-connect-support-in-cloud-identity-engine/ta-p/594824 jtmclaughlin 2025-01-04T01:18:45Z