OpenMetadata/openmetadata-docs/content/v1.7.x/deployment/security/auth0/bare-metal.md

---
title: Auth0 SSO for Bare Metal
slug: /deployment/security/auth0/bare-metal
collate: false
---

# Auth0 SSO for Bare Metal

## Update conf/openmetadata.yaml


In `openmetadata.yaml` file and use the following example as a reference. Replace the placeholder values with the details generated during your Auth0 account and application credentials setup.

Check the more information about environment variable [here](/deployment/security/configuration-parameters).


{% codeWithLanguageSelector title="Auth Configuration" id="container-1" languagesArray=["implicit","authcode"] theme="dark" %}
```implicit
# Implicit Flow Configuration
authorizerConfiguration:
  className: "org.openmetadata.service.security.DefaultAuthorizer"
  containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
  adminPrincipals:                          
    - "admin"                                               # Administrator email prefix (e.g., "admin" from "admin@domain.com")
    - "user1"                                               # Additional administrator email prefix
    - "user2"                                               # Additional administrator email prefix
  principalDomain: "open-metadata.org"                      # Primary domain for your organization (e.g., "yourdomain.com") 
      principalDomain: "open-metadata.org"  # Update with your Domain,The primary domain for the organization (example.com from john.doe@example.com).  
authenticationConfiguration:
  provider: "auth0"                                         # Authentication provider, set to "auth0"
  publicKeyUrls:                           
    - "https://{Auth0 Domain Name}/.well-known/jwks.json"   # Replace {Auth0 Domain Name} with your Auth0 domain
    - "{Your OMD Server URL}/api/v1/system/config/jwks"     # Replace {Your OMD Server URL} with your OpenMetadata server URL
  authority: "https://{Your Auth0 Domain}"                  # Base URL of your Auth0 domain
  clientId: "{Client ID}"                                   # Auth0 Client ID for your application
  callbackUrl: "http://localhost:8585/callback"             # Callback URL for OpenMetadata authentication
  clientType: "public"                                      # Set to "public" for implicit flow
```
```authcode
# Auth Code Flow Configuration
authorizerConfiguration:
  className: "org.openmetadata.service.security.DefaultAuthorizer"
  containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
  adminPrincipals:                          
    - "admin"                                                   # Administrator email prefix (e.g., "admin" from "admin@domain.com")
    - "user1"                                                   # Additional administrator email prefix
    - "user2"                                                   # Additional administrator email prefix
  principalDomain: "open-metadata.org"                          # Primary domain for your organization (e.g., "yourdomain.com")
authenticationConfiguration:
  provider: "auth0"                                             # Authentication provider, set to "auth0"
  publicKeyUrls:                           
    - "https://{Auth0 Domain Name}/.well-known/jwks.json"       # Replace {Auth0 Domain Name} with your Auth0 domain
    - "{Your OMD Server URL}/api/v1/system/config/jwks"         # Replace {Your OMD Server URL} with your OpenMetadata server URL
  authority: "https://{Your Auth0 Domain}"                      # Base URL of your Auth0 domain
  clientId: "{Client ID}"                                       # Auth0 Client ID for your application
  callbackUrl: "http://localhost:8585/callback"                 # Callback URL for OpenMetadata authentication
  clientType: "confidential"                                    # Set to "confidential" for auth code flow
  oidcConfiguration:
    id: "{Client ID}"                                           # Auth0 Client ID for your application
    type: "auth0"                                               # Ensure this matches your provider type
    secret: "{Client Secret}"                                   # Auth0 Client Secret for your application
    discoveryUri: "https://{Auth0 Domain Name}/.well-known/openid-configuration" 
                                                                # Discovery URI for OpenID configuration; replace {Auth0 Domain Name} with your Auth0 domain
    callbackUrl: "http://localhost:8585/callback"               # Callback URL for OpenMetadata authentication
                                                                
    serverUrl: "http://localhost:8585"                          # OpenMetadata server URL; update for production environments
```
{% /codeWithLanguageSelector %}

{% partial file="/v1.7/deployment/configure-ingestion.md" /%}

{% inlineCalloutContainer %}
  {% inlineCallout
    color="violet-70"
    icon="MdArrowBack"
    bold="Auth"
    href="/deployment/security/auth0" %}
    Go to Auth0 Configuration
  {% /inlineCallout %}
{% /inlineCalloutContainer %}
docs: add 1.5.x-SNAPSHOT (#16694) 2024-06-18 15:53:06 +02:00			`---`
			`title: Auth0 SSO for Bare Metal`
			`slug: /deployment/security/auth0/bare-metal`
DOCS - OSS deployment is flagged as Collate False (#17722) 2024-09-05 10:30:31 +02:00			`collate: false`
docs: add 1.5.x-SNAPSHOT (#16694) 2024-06-18 15:53:06 +02:00			`---`

			`# Auth0 SSO for Bare Metal`

			`## Update conf/openmetadata.yaml`


feat: Updated And Refactor Docs (#19211) * Updated Docs * Updated * updated image versions --------- Co-authored-by: Tarun <tarun.p@deuexsolutions.com> Co-authored-by: Prajwal214 <167504578+Prajwal214@users.noreply.github.com> 2025-01-03 18:10:07 +05:30			In `openmetadata.yaml` file and use the following example as a reference. Replace the placeholder values with the details generated during your Auth0 account and application credentials setup.

			`Check the more information about environment variable [here](/deployment/security/configuration-parameters).`
docs: add 1.5.x-SNAPSHOT (#16694) 2024-06-18 15:53:06 +02:00

feat: Updated And Refactor Docs (#19211) * Updated Docs * Updated * updated image versions --------- Co-authored-by: Tarun <tarun.p@deuexsolutions.com> Co-authored-by: Prajwal214 <167504578+Prajwal214@users.noreply.github.com> 2025-01-03 18:10:07 +05:30			`{% codeWithLanguageSelector title="Auth Configuration" id="container-1" languagesArray=["implicit","authcode"] theme="dark" %}`
			```implicit
			`# Implicit Flow Configuration`
docs: add 1.5.x-SNAPSHOT (#16694) 2024-06-18 15:53:06 +02:00			`authorizerConfiguration:`
			`className: "org.openmetadata.service.security.DefaultAuthorizer"`
			`containerRequestFilter: "org.openmetadata.service.security.JwtFilter"`
feat: Updated And Refactor Docs (#19211) * Updated Docs * Updated * updated image versions --------- Co-authored-by: Tarun <tarun.p@deuexsolutions.com> Co-authored-by: Prajwal214 <167504578+Prajwal214@users.noreply.github.com> 2025-01-03 18:10:07 +05:30			`adminPrincipals:`
			`- "admin" # Administrator email prefix (e.g., "admin" from "admin@domain.com")`
			`- "user1" # Additional administrator email prefix`
			`- "user2" # Additional administrator email prefix`
			`principalDomain: "open-metadata.org" # Primary domain for your organization (e.g., "yourdomain.com")`
			`principalDomain: "open-metadata.org" # Update with your Domain,The primary domain for the organization (example.com from john.doe@example.com).`
			`authenticationConfiguration:`
			`provider: "auth0" # Authentication provider, set to "auth0"`
			`publicKeyUrls:`
			`- "https://{Auth0 Domain Name}/.well-known/jwks.json" # Replace {Auth0 Domain Name} with your Auth0 domain`
			`- "{Your OMD Server URL}/api/v1/system/config/jwks" # Replace {Your OMD Server URL} with your OpenMetadata server URL`
			`authority: "https://{Your Auth0 Domain}" # Base URL of your Auth0 domain`
			`clientId: "{Client ID}" # Auth0 Client ID for your application`
			`callbackUrl: "http://localhost:8585/callback" # Callback URL for OpenMetadata authentication`
			`clientType: "public" # Set to "public" for implicit flow`
docs: add 1.5.x-SNAPSHOT (#16694) 2024-06-18 15:53:06 +02:00			```
feat: Updated And Refactor Docs (#19211) * Updated Docs * Updated * updated image versions --------- Co-authored-by: Tarun <tarun.p@deuexsolutions.com> Co-authored-by: Prajwal214 <167504578+Prajwal214@users.noreply.github.com> 2025-01-03 18:10:07 +05:30			```authcode
			`# Auth Code Flow Configuration`
			`authorizerConfiguration:`
			`className: "org.openmetadata.service.security.DefaultAuthorizer"`
			`containerRequestFilter: "org.openmetadata.service.security.JwtFilter"`
			`adminPrincipals:`
			`- "admin" # Administrator email prefix (e.g., "admin" from "admin@domain.com")`
			`- "user1" # Additional administrator email prefix`
			`- "user2" # Additional administrator email prefix`
			`principalDomain: "open-metadata.org" # Primary domain for your organization (e.g., "yourdomain.com")`
			`authenticationConfiguration:`
			`provider: "auth0" # Authentication provider, set to "auth0"`
			`publicKeyUrls:`
			`- "https://{Auth0 Domain Name}/.well-known/jwks.json" # Replace {Auth0 Domain Name} with your Auth0 domain`
			`- "{Your OMD Server URL}/api/v1/system/config/jwks" # Replace {Your OMD Server URL} with your OpenMetadata server URL`
			`authority: "https://{Your Auth0 Domain}" # Base URL of your Auth0 domain`
			`clientId: "{Client ID}" # Auth0 Client ID for your application`
			`callbackUrl: "http://localhost:8585/callback" # Callback URL for OpenMetadata authentication`
			`clientType: "confidential" # Set to "confidential" for auth code flow`
			`oidcConfiguration:`
			`id: "{Client ID}" # Auth0 Client ID for your application`
			`type: "auth0" # Ensure this matches your provider type`
			`secret: "{Client Secret}" # Auth0 Client Secret for your application`
			`discoveryUri: "https://{Auth0 Domain Name}/.well-known/openid-configuration"`
			`# Discovery URI for OpenID configuration; replace {Auth0 Domain Name} with your Auth0 domain`
			`callbackUrl: "http://localhost:8585/callback" # Callback URL for OpenMetadata authentication`

			`serverUrl: "http://localhost:8585" # OpenMetadata server URL; update for production environments`
			```
			`{% /codeWithLanguageSelector %}`
docs: add 1.5.x-SNAPSHOT (#16694) 2024-06-18 15:53:06 +02:00
Docs: Update the 1.7 content references (#19011) * Update the partial references for 1.7.x-SNAPSHOT * Delete image folder for 1.4 and add images for 1.7 * Update the new connector stages 2024-12-12 11:34:09 +05:30			`{% partial file="/v1.7/deployment/configure-ingestion.md" /%}`
feat: Updated And Refactor Docs (#19211) * Updated Docs * Updated * updated image versions --------- Co-authored-by: Tarun <tarun.p@deuexsolutions.com> Co-authored-by: Prajwal214 <167504578+Prajwal214@users.noreply.github.com> 2025-01-03 18:10:07 +05:30
			`{% inlineCalloutContainer %}`
			`{% inlineCallout`
			`color="violet-70"`
			`icon="MdArrowBack"`
			`bold="Auth"`
			`href="/deployment/security/auth0" %}`
			`Go to Auth0 Configuration`
			`{% /inlineCallout %}`
			`{% /inlineCalloutContainer %}`