diff --git a/deploy/deploy-on-bare-metal/enable-security/okta-sso/create-ingestion-service-account.md b/deploy/deploy-on-bare-metal/enable-security/okta-sso/create-ingestion-service-account.md index c746f1d125c..e633edbfdd7 100644 --- a/deploy/deploy-on-bare-metal/enable-security/okta-sso/create-ingestion-service-account.md +++ b/deploy/deploy-on-bare-metal/enable-security/okta-sso/create-ingestion-service-account.md @@ -76,14 +76,14 @@ curl --location --request POST '/oauth2/v1/clients' \ * Click on **Applications -> Applications** in the left navigation bar. * You should see your service account in the list. -![](<../../../../docs/.gitbook/assets/image (35) (1).png>) +![](<../../../../docs/.gitbook/assets/image (35) (1) (1).png>) ## Step 4: Grant Allowed Scopes * To add scopes, navigate to your **Okta Dashboard**. Click on **Applications -> Applications** as in step 2. * Click on your service app. -![](<../../../../docs/.gitbook/assets/image (35).png>) +![](<../../../../docs/.gitbook/assets/image (35) (1).png>) * Now click on **Okta API Scopes** from the top nav bar. * Grant the scopes by clicking on **Grant**. Ensure that the following scopes are granted: diff --git a/deploy/deploy-on-bare-metal/enable-security/okta-sso/okta-config.md b/deploy/deploy-on-bare-metal/enable-security/okta-sso/okta-config.md index f2488be0986..626640a10a3 100644 --- a/deploy/deploy-on-bare-metal/enable-security/okta-sso/okta-config.md +++ b/deploy/deploy-on-bare-metal/enable-security/okta-sso/okta-config.md @@ -2,7 +2,7 @@ ## Update conf/openmetadata-security.yaml -* Once the **Client Id**, and **Issuer URL** are generated, add those details in `openmetadata-security.yaml` file in the respective fields. +Once the **Client Id**, and **Issuer URL** are generated, add those details in `openmetadata-security.yaml` file in the respective fields. ```yaml authenticationConfiguration: @@ -13,7 +13,20 @@ authenticationConfiguration: callbackUrl: "http://localhost:8585/callback" ``` -* Update `authorizerConfiguration` to add `adminPrincipals` +* **ISSUER\_URL** - This can be found in **Security -> API -> Authorization Servers**. + +![](<../../../../docs/.gitbook/assets/image (31).png>) + +* **CLIENT\_ID - SPA APP** - This is the Client\_ID for Single Page Applications. On configuring the app, the Client\_ID can be found in the **General** section, under **Client Credentials >> Client ID** + +![](<../../../../docs/.gitbook/assets/image (60).png>) + +Update `authorizerConfiguration` to add `adminPrincipals` + +* For `adminPrincipals`, add the **Username**. +* For `botPrincipals`, add the **Ingestion Client ID** for the Service application. This can be found in **Okta -> Applications -> Applications**. + +![](<../../../../docs/.gitbook/assets/image (35).png>) ```yaml authorizerConfiguration: diff --git a/deploy/deploy-on-kubernetes/enable-security/okta-sso/create-ingestion-service-account.md b/deploy/deploy-on-kubernetes/enable-security/okta-sso/create-ingestion-service-account.md index ddb13ec3260..e633edbfdd7 100644 --- a/deploy/deploy-on-kubernetes/enable-security/okta-sso/create-ingestion-service-account.md +++ b/deploy/deploy-on-kubernetes/enable-security/okta-sso/create-ingestion-service-account.md @@ -2,7 +2,7 @@ description: This is a guide to create ingestion bot service app. --- -# Copy of Create Service Application +# Create Service Application ## Step 1: Generate Public/Private Key Pair @@ -76,14 +76,14 @@ curl --location --request POST '/oauth2/v1/clients' \ * Click on **Applications -> Applications** in the left navigation bar. * You should see your service account in the list. -![](<../../../../docs/.gitbook/assets/image (35) (1).png>) +![](<../../../../docs/.gitbook/assets/image (35) (1) (1).png>) ## Step 4: Grant Allowed Scopes * To add scopes, navigate to your **Okta Dashboard**. Click on **Applications -> Applications** as in step 2. * Click on your service app. -![](<../../../../docs/.gitbook/assets/image (35).png>) +![](<../../../../docs/.gitbook/assets/image (35) (1).png>) * Now click on **Okta API Scopes** from the top nav bar. * Grant the scopes by clicking on **Grant**. Ensure that the following scopes are granted: diff --git a/deploy/deploy-on-kubernetes/enable-security/okta-sso/okta-config.md b/deploy/deploy-on-kubernetes/enable-security/okta-sso/okta-config.md index 4a01dd4fdd0..626640a10a3 100644 --- a/deploy/deploy-on-kubernetes/enable-security/okta-sso/okta-config.md +++ b/deploy/deploy-on-kubernetes/enable-security/okta-sso/okta-config.md @@ -1,8 +1,8 @@ -# Copy of Configure OpenMetadata Server +# Configure OpenMetadata Server ## Update conf/openmetadata-security.yaml -* Once the **Client Id**, and **Issuer URL** are generated, add those details in `openmetadata-security.yaml` file in the respective fields. +Once the **Client Id**, and **Issuer URL** are generated, add those details in `openmetadata-security.yaml` file in the respective fields. ```yaml authenticationConfiguration: @@ -13,7 +13,20 @@ authenticationConfiguration: callbackUrl: "http://localhost:8585/callback" ``` -* Update `authorizerConfiguration` to add `adminPrincipals` +* **ISSUER\_URL** - This can be found in **Security -> API -> Authorization Servers**. + +![](<../../../../docs/.gitbook/assets/image (31).png>) + +* **CLIENT\_ID - SPA APP** - This is the Client\_ID for Single Page Applications. On configuring the app, the Client\_ID can be found in the **General** section, under **Client Credentials >> Client ID** + +![](<../../../../docs/.gitbook/assets/image (60).png>) + +Update `authorizerConfiguration` to add `adminPrincipals` + +* For `adminPrincipals`, add the **Username**. +* For `botPrincipals`, add the **Ingestion Client ID** for the Service application. This can be found in **Okta -> Applications -> Applications**. + +![](<../../../../docs/.gitbook/assets/image (35).png>) ```yaml authorizerConfiguration: diff --git a/docs/.gitbook/assets/image (31) (1) (1) (1).png b/docs/.gitbook/assets/image (31) (1) (1) (1).png new file mode 100644 index 00000000000..9a3a27c5b4b Binary files /dev/null and b/docs/.gitbook/assets/image (31) (1) (1) (1).png differ diff --git a/docs/.gitbook/assets/image (31) (1) (1).png b/docs/.gitbook/assets/image (31) (1) (1).png index 9a3a27c5b4b..ae3079a3a77 100644 Binary files a/docs/.gitbook/assets/image (31) (1) (1).png and b/docs/.gitbook/assets/image (31) (1) (1).png differ diff --git a/docs/.gitbook/assets/image (31) (1).png b/docs/.gitbook/assets/image (31) (1).png index ae3079a3a77..5e3ba6e03cf 100644 Binary files a/docs/.gitbook/assets/image (31) (1).png and b/docs/.gitbook/assets/image (31) (1).png differ diff --git a/docs/.gitbook/assets/image (31).png b/docs/.gitbook/assets/image (31).png index 5e3ba6e03cf..a1e29a6dbba 100644 Binary files a/docs/.gitbook/assets/image (31).png and b/docs/.gitbook/assets/image (31).png differ diff --git a/docs/.gitbook/assets/image (35) (1) (1).png b/docs/.gitbook/assets/image (35) (1) (1).png new file mode 100644 index 00000000000..f40a0de08f9 Binary files /dev/null and b/docs/.gitbook/assets/image (35) (1) (1).png differ diff --git a/docs/.gitbook/assets/image (35).png b/docs/.gitbook/assets/image (35).png index f40a0de08f9..b86259de97f 100644 Binary files a/docs/.gitbook/assets/image (35).png and b/docs/.gitbook/assets/image (35).png differ diff --git a/docs/.gitbook/assets/image (60) (1).png b/docs/.gitbook/assets/image (60) (1).png new file mode 100644 index 00000000000..cce7f1306e6 Binary files /dev/null and b/docs/.gitbook/assets/image (60) (1).png differ diff --git a/docs/.gitbook/assets/image (60).png b/docs/.gitbook/assets/image (60).png index cce7f1306e6..3fc958238b1 100644 Binary files a/docs/.gitbook/assets/image (60).png and b/docs/.gitbook/assets/image (60).png differ diff --git a/docs/integrations/connectors/bigquery/bigquery-metadata-extraction.md b/docs/integrations/connectors/bigquery/bigquery-metadata-extraction.md index 19e2aed7a30..5400a7af67c 100644 --- a/docs/integrations/connectors/bigquery/bigquery-metadata-extraction.md +++ b/docs/integrations/connectors/bigquery/bigquery-metadata-extraction.md @@ -583,7 +583,7 @@ If you want to limit metadata ingestion to a single database, enter the name of In this step we will configure the metadata ingestion settings for your BigQuery deployment. Please follow the instructions below to ensure that you've configured the connector to read from your BigQuery service as desired. -![](<../../../.gitbook/assets/image (31) (1) (1).png>) +![](<../../../.gitbook/assets/image (31) (1) (1) (1).png>) #### Ingestion name diff --git a/docs/integrations/connectors/snowflake/snowflake-metadata-extraction.md b/docs/integrations/connectors/snowflake/snowflake-metadata-extraction.md index 943b8860c6e..a05d88fb406 100644 --- a/docs/integrations/connectors/snowflake/snowflake-metadata-extraction.md +++ b/docs/integrations/connectors/snowflake/snowflake-metadata-extraction.md @@ -599,7 +599,7 @@ From the Database Service UI, click the _Add New Service_ button to add your Sno Select Snowflake as the service type. -![](<../../../.gitbook/assets/image (60).png>) +![](<../../../.gitbook/assets/image (60) (1).png>)