Use ESVs in federation providers
If you are setting up a federation provider in Identity Cloud, you must store the federation provider secrets in ESV secrets, set corresponding placeholders in your configuration, and promote the configuration to your environments.
Configure federation provider secrets in ESVs
Follow the instructions in Set up configuration placeholders to reference an ESV to configure your development, staging, and production environments:
-
Before each of steps 1a, 2a, and 3a, set up a federation provider for the IdP you intend to use for the environment, and make a note of its secret to use as the ESV value. Refer to the following:
Ensure that the IdP federation provider app for each environment is configured with a redirect URL. If you are using the same IdP federation provider app for your development, staging, and production environments, ensure that it is configured with all three redirect URLs. -
In step 1b use the Configure a federation provider secret example.
Rotate a federation provider secret in an ESV
You can rotate a federation provider secret stored in an ESV secret by creating a new secret version.
For your development, staging, or production environment:
-
In the federation provider configured for the environment, create a new secret and make a note of it. Refer to Create a new federation provider secret.
-
Add a new secret version to the ESV secret using the value of the new federation provider secret from the previous step. Refer to Update an ESV referenced by a configuration placeholder.