From 52dde3d069ee09749e08ca28b9d02fd12f52918e Mon Sep 17 00:00:00 2001
From: Rounak Dhillon <162090200+RounakDhillon@users.noreply.github.com>
Date: Mon, 16 Jun 2025 11:37:27 +0530
Subject: [PATCH] Doc: Enable Security Path Updation (#21780)

Co-authored-by: Rounak Dhillon <rounakdhillon@Rounaks-MacBook-Air.local>
---
 .../security-collate/amazon-cognito-sso/index.md |  2 +-
 .../v1.7.x/security-collate/oidc/index.md        | 16 ++++++++--------
 .../v1.7.x/security-collate/okta/index.md        |  4 ++--
 .../security-collate/amazon-cognito-sso/index.md |  2 +-
 .../security-collate/oidc/index.md               | 16 ++++++++--------
 .../security-collate/okta/index.md               |  4 ++--
 6 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/openmetadata-docs/content/v1.7.x/security-collate/amazon-cognito-sso/index.md b/openmetadata-docs/content/v1.7.x/security-collate/amazon-cognito-sso/index.md
index 800abaf34a2..5333a8f21e4 100644
--- a/openmetadata-docs/content/v1.7.x/security-collate/amazon-cognito-sso/index.md
+++ b/openmetadata-docs/content/v1.7.x/security-collate/amazon-cognito-sso/index.md
@@ -45,7 +45,7 @@ Security requirements for your **production** environment:
 {% image src="/images/v1.7/deployment/security/amazon-cognito-sso/create-server-credentials-4.png" alt="create-account" caption="Integrate your App" /%}
 
 - In the same step, select "Public client" for the Initial App client type and configure the Allowed callback URLs
-  with `http://localhost:8585/callback` as shown in the screenshot below. Note: For production deployments, the Allowed
+  with `https://{your-collate-domain}/callback` as shown in the screenshot below. Note: For production deployments, the Allowed
   callback URLs should be updated with the appropriate domain name.
 
 {% image src="/images/v1.7/deployment/security/amazon-cognito-sso/create-server-credentials-5.png" alt="create-account" caption="Configure the App Client" /%}
diff --git a/openmetadata-docs/content/v1.7.x/security-collate/oidc/index.md b/openmetadata-docs/content/v1.7.x/security-collate/oidc/index.md
index 67c27464bc4..4f5211928ca 100644
--- a/openmetadata-docs/content/v1.7.x/security-collate/oidc/index.md
+++ b/openmetadata-docs/content/v1.7.x/security-collate/oidc/index.md
@@ -23,7 +23,7 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
 ```yaml
   authenticationConfiguration:
     clientType: ${AUTHENTICATION_CLIENT_TYPE:-confidential}
-    publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]}
+    publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[https://{your-collate-domain}/api/v1/system/config/jwks]}
     oidcConfiguration:
       id: ${OIDC_CLIENT_ID:-""}
       type: ${OIDC_TYPE:-""} # google, azure etc.
@@ -34,8 +34,8 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
       preferredJwsAlgorithm: ${OIDC_PREFERRED_JWS:-"RS256"}
       responseType: ${OIDC_RESPONSE_TYPE:-"code"}
       disablePkce: ${OIDC_DISABLE_PKCE:-true}
-      callbackUrl: ${OIDC_CALLBACK:-"http://localhost:8585/callback"}
-      serverUrl: ${OIDC_SERVER_URL:-"http://localhost:8585"}
+      callbackUrl: ${OIDC_CALLBACK:-"https://{your-collate-domain}/callback"}
+      serverUrl: ${OIDC_SERVER_URL:-"https://{your-collate-domain}"}
       clientAuthenticationMethod: ${OIDC_CLIENT_AUTH_METHOD:-"client_secret_post"}
       tenant: ${OIDC_TENANT:-""}
       maxClockSkew: ${OIDC_MAX_CLOCK_SKEW:-""}
@@ -44,7 +44,7 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
 # Configuration Parameters
 
 ## Public Key Url (publicKeyUrls): 
-This needs to be updated as per different SSO providers. The default value is `http://localhost:8585/api/v1/system/config/jwks`. This is the URL where the public keys are stored. The public keys are used to verify the signature of the JWT token.
+This needs to be updated as per different SSO providers. The default value is `https://{your-collate-domain}/api/v1/system/config/jwks`. This is the URL where the public keys are stored. The public keys are used to verify the signature of the JWT token.
 
 {%important%}
 
@@ -56,7 +56,7 @@ This needs to be updated as per different SSO providers. The default value is `h
 
 **Azure**: https://login.microsoftonline.com/{tenant}/discovery/v2.0/keys
 
-Also if you have enabled [JWT Tokens](/deployment/security/enable-jwt-tokens) then http://localhost:8585/api/v1/system/config/jwks also needs to be there in the list with proper server url.
+Also if you have enabled [JWT Tokens](/deployment/security/enable-jwt-tokens) then https://{your-collate-domain}/api/v1/system/config/jwks also needs to be there in the list with proper server url.
 
 {%important%}
 
@@ -112,17 +112,17 @@ Define the response type for the authentication request. Default is code and nee
 Set ${OIDC_DISABLE_PKCE:-true} to true if you want to disable Proof Key for Code Exchange (PKCE). If you want to send CodeVerifier and CodeChallenge in the request, set it to false.
 
 ## Callback URL (callbackUrl): 
-Provide the callback URL where the OIDC provider redirects after authentication. Update ${OIDC_CALLBACK:-"http://localhost:8585/callback"} with your actual callback URL.
+Provide the callback URL where the OIDC provider redirects after authentication. Update ${OIDC_CALLBACK:-"https://{your-collate-domain}/callback"} with your actual callback URL.
 
 {%important%}
 
-The only initial part of the URL should be changed, the rest of the URL should be the same as the default one. The default URL is `http://localhost:8585/callback`.
+The only initial part of the URL should be changed, the rest of the URL should be the same as the default one. The default URL is `https://{your-collate-domain}/callback`.
 Also, this should match what you have configured in your OIDC provider.
 
 {%important%}
 
 ## Server URL (serverUrl): 
-Specify the URL of your OM Server. Default is http://localhost:8585.
+Specify the URL of your OM Server. Default is https://{your-collate-domain}.
 
 ## Client Authentication Method (clientAuthenticationMethod): 
 Define the method used for client authentication. Default is client_secret_post.
diff --git a/openmetadata-docs/content/v1.7.x/security-collate/okta/index.md b/openmetadata-docs/content/v1.7.x/security-collate/okta/index.md
index 04451b61b8b..e6496b48347 100644
--- a/openmetadata-docs/content/v1.7.x/security-collate/okta/index.md
+++ b/openmetadata-docs/content/v1.7.x/security-collate/okta/index.md
@@ -50,8 +50,8 @@ This document will explain how to create an Okta app and configure it for OAuth.
     * **Refresh Token** - For the refresh token behavior, it is recommended to select the option to 'Rotate token after every use'.
     * **Implicit (hybrid)** - Select the options to allow ID Token and Access Token with implicit grant type.
   * Enter the **Sign-in redirect URIs**
-    * http://localhost:8585/callback
-    * http://localhost:8585/silent-callback
+    * https://{your-collate-domain}/callback
+    * https://{your-collate-domain}/silent-callback
   * Enter the **Sign-out redirect URIs**
   * Enter the **Base URIs**
   * Select the required option for **Controlled access**
diff --git a/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/amazon-cognito-sso/index.md b/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/amazon-cognito-sso/index.md
index 6e5ef3c0db1..e7cb12a31fc 100644
--- a/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/amazon-cognito-sso/index.md
+++ b/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/amazon-cognito-sso/index.md
@@ -45,7 +45,7 @@ Security requirements for your **production** environment:
 {% image src="/images/v1.8/deployment/security/amazon-cognito-sso/create-server-credentials-4.png" alt="create-account" caption="Integrate your App" /%}
 
 - In the same step, select "Public client" for the Initial App client type and configure the Allowed callback URLs
-  with `http://localhost:8585/callback` as shown in the screenshot below. Note: For production deployments, the Allowed
+  with `https://{your-collate-domain}/callback` as shown in the screenshot below. Note: For production deployments, the Allowed
   callback URLs should be updated with the appropriate domain name.
 
 {% image src="/images/v1.8/deployment/security/amazon-cognito-sso/create-server-credentials-5.png" alt="create-account" caption="Configure the App Client" /%}
diff --git a/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/oidc/index.md b/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/oidc/index.md
index 67c27464bc4..4f5211928ca 100644
--- a/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/oidc/index.md
+++ b/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/oidc/index.md
@@ -23,7 +23,7 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
 ```yaml
   authenticationConfiguration:
     clientType: ${AUTHENTICATION_CLIENT_TYPE:-confidential}
-    publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]}
+    publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[https://{your-collate-domain}/api/v1/system/config/jwks]}
     oidcConfiguration:
       id: ${OIDC_CLIENT_ID:-""}
       type: ${OIDC_TYPE:-""} # google, azure etc.
@@ -34,8 +34,8 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
       preferredJwsAlgorithm: ${OIDC_PREFERRED_JWS:-"RS256"}
       responseType: ${OIDC_RESPONSE_TYPE:-"code"}
       disablePkce: ${OIDC_DISABLE_PKCE:-true}
-      callbackUrl: ${OIDC_CALLBACK:-"http://localhost:8585/callback"}
-      serverUrl: ${OIDC_SERVER_URL:-"http://localhost:8585"}
+      callbackUrl: ${OIDC_CALLBACK:-"https://{your-collate-domain}/callback"}
+      serverUrl: ${OIDC_SERVER_URL:-"https://{your-collate-domain}"}
       clientAuthenticationMethod: ${OIDC_CLIENT_AUTH_METHOD:-"client_secret_post"}
       tenant: ${OIDC_TENANT:-""}
       maxClockSkew: ${OIDC_MAX_CLOCK_SKEW:-""}
@@ -44,7 +44,7 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
 # Configuration Parameters
 
 ## Public Key Url (publicKeyUrls): 
-This needs to be updated as per different SSO providers. The default value is `http://localhost:8585/api/v1/system/config/jwks`. This is the URL where the public keys are stored. The public keys are used to verify the signature of the JWT token.
+This needs to be updated as per different SSO providers. The default value is `https://{your-collate-domain}/api/v1/system/config/jwks`. This is the URL where the public keys are stored. The public keys are used to verify the signature of the JWT token.
 
 {%important%}
 
@@ -56,7 +56,7 @@ This needs to be updated as per different SSO providers. The default value is `h
 
 **Azure**: https://login.microsoftonline.com/{tenant}/discovery/v2.0/keys
 
-Also if you have enabled [JWT Tokens](/deployment/security/enable-jwt-tokens) then http://localhost:8585/api/v1/system/config/jwks also needs to be there in the list with proper server url.
+Also if you have enabled [JWT Tokens](/deployment/security/enable-jwt-tokens) then https://{your-collate-domain}/api/v1/system/config/jwks also needs to be there in the list with proper server url.
 
 {%important%}
 
@@ -112,17 +112,17 @@ Define the response type for the authentication request. Default is code and nee
 Set ${OIDC_DISABLE_PKCE:-true} to true if you want to disable Proof Key for Code Exchange (PKCE). If you want to send CodeVerifier and CodeChallenge in the request, set it to false.
 
 ## Callback URL (callbackUrl): 
-Provide the callback URL where the OIDC provider redirects after authentication. Update ${OIDC_CALLBACK:-"http://localhost:8585/callback"} with your actual callback URL.
+Provide the callback URL where the OIDC provider redirects after authentication. Update ${OIDC_CALLBACK:-"https://{your-collate-domain}/callback"} with your actual callback URL.
 
 {%important%}
 
-The only initial part of the URL should be changed, the rest of the URL should be the same as the default one. The default URL is `http://localhost:8585/callback`.
+The only initial part of the URL should be changed, the rest of the URL should be the same as the default one. The default URL is `https://{your-collate-domain}/callback`.
 Also, this should match what you have configured in your OIDC provider.
 
 {%important%}
 
 ## Server URL (serverUrl): 
-Specify the URL of your OM Server. Default is http://localhost:8585.
+Specify the URL of your OM Server. Default is https://{your-collate-domain}.
 
 ## Client Authentication Method (clientAuthenticationMethod): 
 Define the method used for client authentication. Default is client_secret_post.
diff --git a/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/okta/index.md b/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/okta/index.md
index 80da82d2663..4cf9878b382 100644
--- a/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/okta/index.md
+++ b/openmetadata-docs/content/v1.8.x-SNAPSHOT/security-collate/okta/index.md
@@ -50,8 +50,8 @@ This document will explain how to create an Okta app and configure it for OAuth.
     * **Refresh Token** - For the refresh token behavior, it is recommended to select the option to 'Rotate token after every use'.
     * **Implicit (hybrid)** - Select the options to allow ID Token and Access Token with implicit grant type.
   * Enter the **Sign-in redirect URIs**
-    * http://localhost:8585/callback
-    * http://localhost:8585/silent-callback
+    * https://{your-collate-domain}/callback
+    * https://{your-collate-domain}/silent-callback
   * Enter the **Sign-out redirect URIs**
   * Enter the **Base URIs**
   * Select the required option for **Controlled access**