Setting a default identity provider in CDP

You can set a default identity provider (IdP) in CDP for workload-initiated SSO using CDP user interface or CDP CLI.

By default, the oldest configured identity provider is used workload-initiated SSO, but you can optionally set a default IdP using CDP user interface or CDP CLI.

Required roles: Account administrator or PowerUser

Steps

CDP UI
CDP CLI

In the CDP user interface, navigate to the Management Console.
Select User Management from the navigation pane and then navigate to Identity Providers.
Click on the context menu next to the entry for a previously registered identity provider and select Set As Default Identity Provider from the menu.

Once the default identity provider has been updated, you will see the “Default” label next to the idP name.

To set a default IdP, use the following command:

cdp iam set-default-identity-provider --name-or-crn <IDP-NAME>

To print the CRN of the default IdP, use the following command:

cdp iam get-default-identity-provider

This returns a CRN of the default identity provider.