2022-03-10 08:59:13 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								# Copy of Configure OpenMetadata Server
  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								## Update conf/openmetadata-security.yaml
  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								Once the `client id`  and `client secret`  are generated, add `client id`  as the value of the `clientId`  field in the openmetadata-security.yaml file. See the snippet below for an example of where to place the `client id`  value.
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								```
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								authenticationConfiguration:
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  provider: "google"
							 
						 
					
						
							
								
									
										
										
										
											2022-03-30 21:52:53 +01:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								  publicKeyUrls:
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								    -  "https://www.googleapis.com/oauth2/v3/certs"
							 
						 
					
						
							
								
									
										
										
										
											2022-03-10 08:59:13 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								  authority: "https://accounts.google.com"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  clientId: "{client id}"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  callbackUrl: "http://localhost:8585/callback"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								```
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								Then, update authorizerConfiguration to add adminPrincipals.
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								```
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								authorizerConfiguration:
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  className: "org.openmetadata.catalog.security.DefaultAuthorizer"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  # JWT Filter
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  containerRequestFilter: "org.openmetadata.catalog.security.JwtFilter"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  adminPrincipals:
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								    -  "suresh"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  botPrincipals:
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								    -  "ingestion-bot"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								  principalDomain: "open-metadata.org"
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								```