Thycotic One Open ID Connect (OIDC) Configuration

To configure Thycotic One OIDC authentication for use with ALM:

Select a Team

  1. Navigate to portal.thycotic.com

  2. On the top menu, click Manage and then Teams.

    step1

  3. If there are no existing teams, create one by clicking +New. Give the Team a name and click Save Changes.

    step2

Create a New Organization

  1. To the right of the team name, click Organizations.

    step3

  2. On the organizations page click +New.

    step4

  3. From the drop-down, select the Thycotic One region that you would like to use.

    step5

  4. On the organization preferences page, you can configure the following options:

    1. The Name of the organization.
    2. The Thycotic One Connection Region.
    3. The lockout attempt count. This will determine the number of failed logins before a user is locked out.
    4. The minimum password strength. This will determine the complexity of passwords that users must use for logging in.
    5. The Two-Factor Login Policies. Leaving the drop-downs at No Preference will allow users to choose their two-factor method.

      step6

  5. Once your configuration is complete, click Save.

Configure OIDC Credentials

  1. On the organizations page, click Credentials next to the organization you created.

    step7

  2. Click +New.

  3. Complete the Organization Credential form:

    1. Give the credential a name.
    2. The Post-Login redirect URIs should be: https://YOUR_ALM_DOMAIN/signin-oidc
    3. The Post-Logout Redirect URIs should be: https://YOUR_ALM_DOMAIN/signout-callback-oidc

      Be sure to save the Endpoint, Client Id, and Client Secret. You will need these values when performing ALM Self-Hosted setup.

      step8

    4. Click Save.

  4. OpenID Connect configuration for Thycotic One is now complete and ready for use with ALM.