2022-03-15 16:03:07 +00:00
# Configure OpenMetadata Server
2022-03-10 08:59:13 +00:00
## Update conf/openmetadata-security.yaml
2022-03-15 16:03:07 +00:00
Once the **Client Id** , and **Issuer URL** are generated, add those details in `openmetadata-security.yaml` file in the respective fields.
2022-03-10 08:59:13 +00:00
```yaml
authenticationConfiguration:
provider: "okta"
publicKey: "{ISSUER_URL}/v1/keys"
authority: "{ISSUER_URL}"
clientId: "{CLIENT_ID - SPA APP}"
callbackUrl: "http://localhost:8585/callback"
```
2022-03-15 16:03:07 +00:00
* **ISSUER\_URL** - This can be found in **Security -> API -> Authorization Servers** .
 . png > )
* **CLIENT\_ID - SPA APP** - This is the Client\_ID for Single Page Applications. On configuring the app, the Client\_ID can be found in the **General** section, under **Client Credentials >> Client ID**
 . png > )
Update `authorizerConfiguration` to add `adminPrincipals`
* For `adminPrincipals` , add the **Username** .
* For `botPrincipals` , add the **Ingestion Client ID** for the Service application. This can be found in **Okta -> Applications -> Applications** .
 . png > )
2022-03-10 08:59:13 +00:00
```yaml
authorizerConfiguration:
className: "org.openmetadata.catalog.security.DefaultAuthorizer"
containerRequestFilter: "org.openmetadata.catalog.security.JwtFilter"
adminPrincipals:
- "< username > "
botPrincipals:
- "ingestion-bot"
- "< Ingestion Client ID > "
principalDomain: "open-metadata.org"
```
