Update SSO configs to show clear URLs for callback and public keys (#18127)

* Update SSO configs

* Update security docs to provide clear callback and public key urls

openmetadata-docs/content/v1.5.x/deployment/security/amazon-cognito-sso/bare-metal.md

@@ -17,12 +17,20 @@ authenticationConfiguration:
   provider: "aws-cognito"
   publicKeyUrls:
     - "https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}/.well-known/jwks.json"
-    - "{your domain}/api/v1/system/config/jwks"
+    - "https://{your domain}/api/v1/system/config/jwks"
   authority: "https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}"
   clientId: "{Client ID}"
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
+
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 Then,
 - Update `authorizerConfiguration` to add login names of the admin users in `adminPrincipals` section as shown below.
 - Update the `principalDomain` to your company domain name.

openmetadata-docs/content/v1.5.x/deployment/security/amazon-cognito-sso/docker.md

@@ -21,12 +21,20 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=aws-cognito
-AUTHENTICATION_PUBLIC_KEYS=[{Cognito Domain}/{User Pool ID}/.well-known/jwks.json,  {your domain}/api/v1/system/config/jwks] # Update with your Cognito Domain and User Pool ID
+AUTHENTICATION_PUBLIC_KEYS=[{Cognito Domain}/{User Pool ID}/.well-known/jwks.json,  https://{your domain}/api/v1/system/config/jwks] # Update with your Cognito Domain and User Pool ID
 AUTHENTICATION_AUTHORITY={Cognito Domain}/{User Pool ID} # Update with your Cognito Domain and User Pool ID as follows - https://cognito-idp.us-west-1.amazonaws.com/us-west-1_DL8xfTzj8
 AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+
 ## 2. Start Docker
 
 ```commandline

openmetadata-docs/content/v1.5.x/deployment/security/amazon-cognito-sso/kubernetes.md

@@ -23,11 +23,18 @@ openmetadata:
     authentication:
       provider: "aws-cognito"
       publicKeys:
-        - "{your domain}/api/v1/system/config/jwks"
+        - "https://{your domain}/api/v1/system/config/jwks"
         - "{Cognito Domain}/{User Pool ID}/.well-known/jwks.json" # Update with your Cognito Domain and User Pool ID
       authority: "{Cognito Domain}/{User Pool ID}" # Update with your Cognito Domain and User Pool ID as follows - https://cognito-idp.us-west-1.amazonaws.com/us-west-1_DL8xfTzj8
       clientId: "{Client ID}" # Update with your Client ID
-      callbackUrl: "http://localhost:8585/callback"
+      callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 {% partial file="/v1.5/deployment/configure-ingestion.md" /%}

openmetadata-docs/content/v1.5.x/deployment/security/auth0/bare-metal.md

@@ -15,12 +15,20 @@ authenticationConfiguration:
   provider: "auth0"
   publicKeyUrls: 
     - "https://parth-panchal.us.auth0.com/.well-known/jwks.json"
-    - "{your domain}/api/v1/system/config/jwks" #Make sure this URL is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" #Make sure this URL is always configured to enable JWT tokens
   authority: "https://parth-panchal.us.auth0.com/"
   clientId: "{Client ID}"
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+
 Then, 
 - Update `authorizerConfiguration` to add login names of the admin users in `adminPrincipals` section as shown below.
 - Update the `principalDomain` to your company domain name.

openmetadata-docs/content/v1.5.x/deployment/security/auth0/docker.md

@@ -21,13 +21,20 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=auth0
-AUTHENTICATION_PUBLIC_KEYS=[{Domain}/.well-known/jwks.json,{your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+AUTHENTICATION_PUBLIC_KEYS=[{Domain}/.well-known/jwks.json,https://{your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
 
 AUTHENTICATION_AUTHORITY={Domain} # Update with your Domain
 AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 ## 2. Start Docker
 
 ```commandline

openmetadata-docs/content/v1.5.x/deployment/security/auth0/kubernetes.md

@@ -23,11 +23,18 @@ openmetadata:
     authentication:
       provider: "auth0"
       publicKeys: 
-      - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+      - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
       - "{Auth0 Domain Name}/.well-known/jwks.json"
       authority: "https://parth-panchal.us.auth0.com/"
       clientId: "{Client ID}"
-      callbackUrl: "http://localhost:8585/callback"
+      callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 {% partial file="/v1.5/deployment/configure-ingestion.md" /%}

openmetadata-docs/content/v1.5.x/deployment/security/azure/bare-metal.md

@@ -15,10 +15,10 @@ authenticationConfiguration:
   provider: "azure"
   publicKeyUrls:
     - "https://login.microsoftonline.com/common/discovery/keys"
-    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
   authority: "https://login.microsoftonline.com/{Tenant ID}"
   clientId: "{Client ID}" # Azure Application
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
 Then, 
@@ -27,6 +27,13 @@ Then,
 
 {% note %}
 
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+{% note %}
+
 Altering the order of claims in `jwtPrincipalClaims` may lead to problems when matching a user from a token with an existing user in the system. The mapping process relies on the specific order of claims, so changing it can result in inconsistencies or authentication failures, as the system cannot ensure correct user mapping with a new claim order.
 
 {% /note %}

openmetadata-docs/content/v1.5.x/deployment/security/azure/docker.md

@@ -23,14 +23,28 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=azure
-AUTHENTICATION_PUBLIC_KEYS=[https://login.microsoftonline.com/common/discovery/keys, {your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+AUTHENTICATION_PUBLIC_KEYS=[https://login.microsoftonline.com/common/discovery/keys, https://{your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
 AUTHENTICATION_AUTHORITY=https://login.microsoftonline.com/{Tenant ID} # Update with your Tenant ID
 AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID of Azure Application
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
 ```
 
 {% note %}
 
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+
+{% note %}
+
+Altering the order of claims in `jwtPrincipalClaims` may lead to problems when matching a user from a token with an existing user in the system. The mapping process relies on the specific order of claims, so changing it can result in inconsistencies or authentication failures, as the system cannot ensure correct user mapping with a new claim order.
+
+{% /note %}
+
+{% note %}
+
 Altering the order of claims in `jwtPrincipalClaims` may lead to problems when matching a user from a token with an existing user in the system. The mapping process relies on the specific order of claims, so changing it can result in inconsistencies or authentication failures, as the system cannot ensure correct user mapping with a new claim order.
 
 {% /note %}

openmetadata-docs/content/v1.5.x/deployment/security/azure/kubernetes.md

@@ -25,15 +25,22 @@ openmetadata:
     authentication:
       provider: "azure"
       publicKeys:
-      - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+      - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
       - "https://login.microsoftonline.com/common/discovery/keys"
       authority: "https://login.microsoftonline.com/{Tenant ID}"
       clientId: "{Client ID}" # Azure Application
-      callbackUrl: "http://localhost:8585/callback"
+      callbackUrl: "https://{your domain}/callback"
 ```
 
 {% note %}
 
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+{% note %}
+
 Altering the order of claims in `jwtPrincipalClaims` may lead to problems when matching a user from a token with an existing user in the system. The mapping process relies on the specific order of claims, so changing it can result in inconsistencies or authentication failures, as the system cannot ensure correct user mapping with a new claim order.
 
 {% /note %}

openmetadata-docs/content/v1.5.x/deployment/security/custom-oidc/bare-metal.md

@@ -20,12 +20,19 @@ authenticationConfiguration:
   providerName: "KeyCloak"
   publicKeyUrls:
     - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs"
-    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
   authority: "http://localhost:8080/realms/myrealm"
   clientId: "{client id}"
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 Then, 
 - Update `authorizerConfiguration` to add login names of the admin users in `adminPrincipals` section as shown below.
 - Update the `principalDomain` to your company domain name.

openmetadata-docs/content/v1.5.x/deployment/security/custom-oidc/docker.md

@@ -22,11 +22,19 @@ AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=custom-oidc
 CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=KeyCloak
-AUTHENTICATION_PUBLIC_KEYS=[http://localhost:8080/realms/myrealm/protocol/openid-connect/certs, {your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+AUTHENTICATION_PUBLIC_KEYS=[http://localhost:8080/realms/myrealm/protocol/openid-connect/certs, https://{your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
 AUTHENTICATION_AUTHORITY={http://localhost:8080/realms/myrealm}
 AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
-```
+``` 
+
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 
 ## 2. Start Docker
 

openmetadata-docs/content/v1.5.x/deployment/security/custom-oidc/kubernetes.md

@@ -23,13 +23,20 @@ global:
   authentication:
     provider: "custom-oidc"
     publicKeys:
-    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
     - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs"
     authority: "http://localhost:8080/realms/myrealm"
     clientId: "{Client ID}"
-    callbackUrl: "http://localhost:8585/callback"
+    callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 {% partial file="/v1.5/deployment/configure-ingestion.md" /%}
 
 ### Troubleshooting

openmetadata-docs/content/v1.5.x/deployment/security/google/bare-metal.md

@@ -15,12 +15,19 @@ authenticationConfiguration:
   provider: "google"
   publicKeyUrls:
     - "https://www.googleapis.com/oauth2/v3/certs"
-    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
   authority: "https://accounts.google.com"
   clientId: "{client id}"
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 Then, 
 - Update `authorizerConfiguration` to add login names of the admin users in `adminPrincipals` section as shown below.
 - Update the `principalDomain` to your company domain name.

openmetadata-docs/content/v1.5.x/deployment/security/google/docker.md

@@ -22,12 +22,19 @@ AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=google
-AUTHENTICATION_PUBLIC_KEYS=[https://www.googleapis.com/oauth2/v3/certs, {your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+AUTHENTICATION_PUBLIC_KEYS=[https://www.googleapis.com/oauth2/v3/certs, https://{your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
 AUTHENTICATION_AUTHORITY=https://accounts.google.com
 AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Google SSO Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 ### 2. Start Docker
 
 ```commandline

openmetadata-docs/content/v1.5.x/deployment/security/google/kubernetes.md

@@ -26,10 +26,17 @@ openmetadata:
       provider: "google"
       publicKeys:
         - "https://www.googleapis.com/oauth2/v3/certs"
-        - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+        - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
       authority: "https://accounts.google.com"
       clientId: "{client id}"
-      callbackUrl: "http://localhost:8585/callback"
+      callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 {% partial file="/v1.5/deployment/configure-ingestion.md" /%}

openmetadata-docs/content/v1.5.x/deployment/security/keycloak/bare-metal.md

@@ -21,10 +21,10 @@ authenticationConfiguration:
   providerName: "KeyCloak"
   publicKeyUrls:
     - "http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs"
-    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
   authority: "http://localhost:8081/auth/realms/data-sec"
   clientId: "open-metadata"
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
 Then, 
@@ -33,6 +33,13 @@ Then,
 
 {% note %}
 
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+{% note %}
+
 Altering the order of claims in `jwtPrincipalClaims` may lead to problems when matching a user from a token with an existing user in the system. The mapping process relies on the specific order of claims, so changing it can result in inconsistencies or authentication failures, as the system cannot ensure correct user mapping with a new claim order.
 
 {% /note %}

openmetadata-docs/content/v1.5.x/deployment/security/keycloak/docker.md

@@ -24,14 +24,21 @@ AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=custom-oidc
 CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=KeyCloak
-AUTHENTICATION_PUBLIC_KEYS=[http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs, {your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+AUTHENTICATION_PUBLIC_KEYS=[http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs, https://{your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
 AUTHENTICATION_AUTHORITY={http://localhost:8081/auth/realms/data-sec}
 AUTHENTICATION_CLIENT_ID=open-metadata # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
 ```
 
 {% note %}
 
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+{% note %}
+
 Altering the order of claims in `jwtPrincipalClaims` may lead to problems when matching a user from a token with an existing user in the system. The mapping process relies on the specific order of claims, so changing it can result in inconsistencies or authentication failures, as the system cannot ensure correct user mapping with a new claim order.
 
 {% /note %}

openmetadata-docs/content/v1.5.x/deployment/security/keycloak/kubernetes.md

@@ -25,15 +25,22 @@ openmetadata:
     authentication:
       provider: "custom-oidc"
       publicKeys:
-      - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+      - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
       - "http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs"
       authority: "http://localhost:8081/auth/realms/data-sec"
       clientId: "{Client ID}"
-      callbackUrl: "http://localhost:8585/callback"
+      callbackUrl: "https://{your domain}/callback"
 ```
 
 {% note %}
 
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+{% note %}
+
 Altering the order of claims in `jwtPrincipalClaims` may lead to problems when matching a user from a token with an existing user in the system. The mapping process relies on the specific order of claims, so changing it can result in inconsistencies or authentication failures, as the system cannot ensure correct user mapping with a new claim order.
 
 {% /note %}

openmetadata-docs/content/v1.5.x/deployment/security/ldap/bare-metal.md

@@ -15,7 +15,7 @@ The following configuration controls the auth mechanism for OpenMetadata. Update
 ```yaml
 authenticationConfiguration:
   provider: ${AUTHENTICATION_PROVIDER:-ldap}
-  publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[{your domain}/api/v1/system/config/jwks]} # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+  publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[https://{your domain}/api/v1/system/config/jwks]} # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
   authority: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com}
   enableSelfSignup : ${AUTHENTICATION_ENABLE_SELF_SIGNUP:-false}
   ldapConfiguration:
@@ -45,6 +45,13 @@ authenticationConfiguration:
         examineValidityDates: ${AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES:-true}
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 For the LDAP auth we need to set:
 
 OpenMetadata Specific Configuration :

openmetadata-docs/content/v1.5.x/deployment/security/oidc/index.md

@@ -23,7 +23,7 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
 ```yaml
   authenticationConfiguration:
     clientType: ${AUTHENTICATION_CLIENT_TYPE:-confidential}
-    publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]}
+    publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[https://{your domain}/api/v1/system/config/jwks]}
     oidcConfiguration:
       id: ${OIDC_CLIENT_ID:-""}
       type: ${OIDC_TYPE:-""} # google, azure etc.
@@ -34,17 +34,24 @@ Below are the configuration types to set up the OIDC Authentication with a Confi
       preferredJwsAlgorithm: ${OIDC_PREFERRED_JWS:-"RS256"}
       responseType: ${OIDC_RESPONSE_TYPE:-"code"}
       disablePkce: ${OIDC_DISABLE_PKCE:-true}
-      callbackUrl: ${OIDC_CALLBACK:-"http://localhost:8585/callback"}
+      callbackUrl: ${OIDC_CALLBACK:-"https://{your domain}/callback"}
-      serverUrl: ${OIDC_SERVER_URL:-"http://localhost:8585"}
+      serverUrl: ${OIDC_SERVER_URL:-"https://{your domain}"}
       clientAuthenticationMethod: ${OIDC_CLIENT_AUTH_METHOD:-"client_secret_post"}
       tenant: ${OIDC_TENANT:-""}
       maxClockSkew: ${OIDC_MAX_CLOCK_SKEW:-""}
       customParams: ${OIDC_CUSTOM_PARAMS:-}
 ```
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL`, `OIDC_SERVER_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 # Configuration Parameters
 
 ## Public Key Url (publicKeyUrls): 
-This needs to be updated as per different SSO providers. The default value is `http://localhost:8585/api/v1/system/config/jwks`. This is the URL where the public keys are stored. The public keys are used to verify the signature of the JWT token.
+This needs to be updated as per different SSO providers. The default value is `https://{your domain}/api/v1/system/config/jwks`. This is the URL where the public keys are stored. The public keys are used to verify the signature of the JWT token.
 
 {%important%}
 

openmetadata-docs/content/v1.5.x/deployment/security/okta/bare-metal.md

@@ -15,10 +15,10 @@ authenticationConfiguration:
   provider: "okta"
   publicKeyUrls:
     - "{ISSUER_URL}/v1/keys"
-    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
   authority: "{ISSUER_URL}"
   clientId: "{CLIENT_ID - SPA APP}"
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
 Then, 
@@ -36,34 +36,10 @@ authorizerConfiguration:
   principalDomain: "open-metadata.org"
 ```
 
-In `0.12.1` the `className` and `containerRequestFilter` must replace `org.openmetadata.catalog` by `org.openmetadata.service`.
-
-Finally, update the Airflow information:
-
-**Before 0.12.1**
-
-```yaml
-airflowConfiguration:
-  apiEndpoint: ${AIRFLOW_HOST:-http://localhost:8080}
-  username: ${AIRFLOW_USERNAME:-admin}
-  password: ${AIRFLOW_PASSWORD:-admin}
-  metadataApiEndpoint: ${SERVER_HOST_API_URL:-http://localhost:8585/api}
-  authProvider: okta
-  authConfig:
-    okta:
-      clientId: ${OM_AUTH_AIRFLOW_OKTA_CLIENT_ID:-""}
-      orgURL: ${OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL:-""}
-      privateKey: ${OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY:-""}
-      email: ${OM_AUTH_AIRFLOW_OKTA_SA_EMAIL:-""}
-      scopes: ${OM_AUTH_AIRFLOW_OKTA_SCOPES:-[]}
-```
-
-**After 0.12.1**
-
 ```yaml
 pipelineServiceClientConfiguration:
   apiEndpoint: ${PIPELINE_SERVICE_CLIENT_ENDPOINT:-http://localhost:8080}
-  metadataApiEndpoint: ${SERVER_HOST_API_URL:-http://localhost:8585/api}
+  metadataApiEndpoint: ${SERVER_HOST_API_URL:-https://{your domain}/api}
   ingestionIpInfoEnabled: ${PIPELINE_SERVICE_IP_INFO_ENABLED:-false}
   hostIp: ${PIPELINE_SERVICE_CLIENT_HOST_IP:-""}
   healthCheckInterval: ${PIPELINE_SERVICE_CLIENT_HEALTH_CHECK_INTERVAL:-300}
@@ -79,7 +55,15 @@ pipelineServiceClientConfiguration:
     # If we need to use SSL to reach Airflow
     truststorePath: ${AIRFLOW_TRUST_STORE_PATH:-""}
     truststorePassword: ${AIRFLOW_TRUST_STORE_PASSWORD:-""}
+
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 **Note:** Follow [this](/developers/bots) guide to configure the `ingestion-bot` credentials for
 ingesting data from Airflow.

openmetadata-docs/content/v1.5.x/deployment/security/okta/docker.md

@@ -15,51 +15,6 @@ generated when setting up the account.
 
 Note: Make sure to add the Ingestion Client ID for the Service application in `AUTHORIZER_INGESTION_PRINCIPALS`. This can be found in Okta -> Applications -> Applications, Refer to Step 3 for `Creating Service Application`.
 
-### 1.1 Before 0.12.1
-
-OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY to be set as per the example below using the escape sequence for quotes.
-
-```shell
-# OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME=org.openmetadata.service.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER=org.openmetadata.service.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot, <service_application_client_id>]
-AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
-
-AUTHENTICATION_PROVIDER=okta
-AUTHENTICATION_PUBLIC_KEYS=[{ISSUER_URL}/v1/keys, {your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
-AUTHENTICATION_AUTHORITY={ISSUER_URL} # Update with your Issuer URL
-AUTHENTICATION_CLIENT_ID={CLIENT_ID - SPA APP} # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
-
-# Airflow Configuration
-AIRFLOW_AUTH_PROVIDER=okta
-OM_AUTH_AIRFLOW_OKTA_CLIENT_ID={OM_AUTH_AIRFLOW_OKTA_CLIENT_ID:-""}
-OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL={OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL:-""}
-OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY=\'{"p":"lorem","kty":"RSA","q":"ipsum","d":"dolor","e":"AQAB","use":"sig","kid":"0oa5p908cltOc4fsl5d7","qi":"lorem","dp":"lorem","alg":"RS256","dq":"ipsum","n":"dolor"}\'
-OM_AUTH_AIRFLOW_OKTA_SA_EMAIL={OM_AUTH_AIRFLOW_OKTA_SA_EMAIL:-""}
-OM_AUTH_AIRFLOW_OKTA_SCOPES={OM_AUTH_AIRFLOW_OKTA_SCOPES:-[]}
-```
-
-### 1.2 After 0.12.1
-
-```shell
-# OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME=org.openmetadata.service.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER=org.openmetadata.service.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot, <service_application_client_id>]
-AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
-
-AUTHENTICATION_PROVIDER=okta
-AUTHENTICATION_PUBLIC_KEYS={ISSUER_URL}/v1/keys # Update with your Issuer URL
-AUTHENTICATION_AUTHORITY={ISSUER_URL} # Update with your Issuer URL
-AUTHENTICATION_CLIENT_ID={CLIENT_ID - SPA APP} # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
-```
-
-### 1.3 After 0.13.0
 
 ```shell
 # OpenMetadata Server Authentication Configuration
@@ -69,12 +24,19 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=okta
-AUTHENTICATION_PUBLIC_KEYS={ISSUER_URL}/v1/keys # Update with your Issuer URL
+AUTHENTICATION_PUBLIC_KEYS=[{ISSUER_URL}/v1/keys, https://{your domain}/api/v1/system/config/jwks]  # Update with your Issuer URL
 AUTHENTICATION_AUTHORITY={ISSUER_URL} # Update with your Issuer URL
 AUTHENTICATION_CLIENT_ID={CLIENT_ID - SPA APP} # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 **Note:** Follow [this](/developers/bots) guide to configure the `ingestion-bot` credentials for
 ingesting data from Airflow.
 

openmetadata-docs/content/v1.5.x/deployment/security/okta/kubernetes.md

@@ -30,7 +30,14 @@ openmetadata:
       - "{ISSUER_URL}/v1/keys"
       authority: "{ISSUER_URL}"
       clientId: "{CLIENT_ID - SPA APP}"
-      callbackUrl: "http://localhost:8585/callback"
+      callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 {% partial file="/v1.5/deployment/configure-ingestion.md" /%}

openmetadata-docs/content/v1.5.x/deployment/security/one-login/bare-metal.md

@@ -20,12 +20,20 @@ authenticationConfiguration:
   providerName: "OneLogin"
   publicKeyUrls: 
     - "{IssuerUrl}/certs"
-    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+    - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
   authority: "{IssuerUrl}"
   clientId: "{client id}"
-  callbackUrl: "http://localhost:8585/callback"
+  callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
+
 Then, 
 - Update `authorizerConfiguration` to add login names of the admin users in `adminPrincipals` section as shown below.
 - Update the `principalDomain` to your company domain name.
@@ -41,4 +49,6 @@ authorizerConfiguration:
   principalDomain: "open-metadata.org"
 ```
 
+
+
 {% partial file="/v1.5/deployment/configure-ingestion.md" /%}

openmetadata-docs/content/v1.5.x/deployment/security/one-login/docker.md

@@ -21,12 +21,19 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=custom-oidc
-AUTHENTICATION_PUBLIC_KEYS=[{public key url}, {your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+AUTHENTICATION_PUBLIC_KEYS=[{public key url}, https://{your domain}/api/v1/system/config/jwks] # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
 AUTHENTICATION_AUTHORITY={issuer url} # Update with your Issuer URL
 AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
-AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+AUTHENTICATION_CALLBACK_URL=https://{your domain}/callback
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 ## 2. Start Docker
 
 ```commandline

openmetadata-docs/content/v1.5.x/deployment/security/one-login/kubernetes.md

@@ -24,11 +24,18 @@ openmetadata:
     authentication:
       provider: "custom-oidc"
       publicKeys:
-      - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
+      - "https://{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
       - "{IssuerUrl}/certs"
       authority: "{IssuerUrl}"
       clientId: "{client id}"
-      callbackUrl: "http://localhost:8585/callback"
+      callbackUrl: "https://{your domain}/callback"
 ```
 
+{% note %}
+
+`AUTHENTICATION_PUBLIC_KEYS` and `AUTHENTICATION_CALLBACK_URL` refers to https://{your domain} this is referring to your OpenMetdata installation domain name
+and please make sure to correctly put http or https depending on your installation.
+
+{% /note %}
+
 {% partial file="/v1.5/deployment/configure-ingestion.md" /%}

openmetadata-docs/content/v1.5.x/deployment/security/saml/aws.md

@@ -61,13 +61,13 @@ Security requirements for your **production** environment:
       entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"}
       ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"}
       idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""}
-      authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"}
+      authorityUrl: ${SAML_AUTHORITY_URL:-"https://{your domain}/api/v1/saml/login"}
       nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"}
     sp:
-      entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/acs"}
+      entityId: ${SAML_SP_ENTITY_ID:-"https://{your domain}/api/v1/saml/acs"}
-      acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"}
+      acs: ${SAML_SP_ACS:-"https://{your domain}/api/v1/saml/acs"}
       spX509Certificate: ${SAML_SP_CERTIFICATE:-""}
-      callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"}
+      callback: ${SAML_SP_CALLBACK:-"https://{your domain}/saml/callback"}
     security:
       strictMode: ${SAML_STRICT_MODE:-false}
       tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"}

openmetadata-docs/content/v1.5.x/deployment/security/saml/azure.md

@@ -86,13 +86,13 @@ openssl x509 -in saml.crt -out samlCER.cer -outform DER
       entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"}
       ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"}
       idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""}
-      authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"}
+      authorityUrl: ${SAML_AUTHORITY_URL:-"https://{your domain}/api/v1/saml/login"}
       nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"}
     sp:
-      entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/acs"}
+      entityId: ${SAML_SP_ENTITY_ID:-"https://{your domain}/api/v1/saml/acs"}
-      acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"}
+      acs: ${SAML_SP_ACS:-"https://{your domain}/api/v1/saml/acs"}
       spX509Certificate: ${SAML_SP_CERTIFICATE:-""}
-      callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"}
+      callback: ${SAML_SP_CALLBACK:-"https://{your domain}/saml/callback"}
     security:
       strictMode: ${SAML_STRICT_MODE:-false}
       tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"}

openmetadata-docs/content/v1.5.x/deployment/security/saml/bare-metal.md

@@ -19,7 +19,7 @@ are divided into the following three sections:-
       entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"}
       ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"}
       idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""}
-      authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"}
+      authorityUrl: ${SAML_AUTHORITY_URL:-"https://{your domain}/api/v1/saml/login"}
       nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"}
 ```
 
@@ -27,10 +27,10 @@ are divided into the following three sections:-
 
 ```yaml
   sp:
-    entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/acs"}
+    entityId: ${SAML_SP_ENTITY_ID:-"https://{your domain}/api/v1/saml/acs"}
-    acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"}
+    acs: ${SAML_SP_ACS:-"https://{your domain}/api/v1/saml/acs"}
     spX509Certificate: ${SAML_SP_CERTIFICATE:-""}
-    callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"}
+    callback: ${SAML_SP_CALLBACK:-"https://{your domain}/saml/callback"}
   
 ```
 - Security Config

openmetadata-docs/content/v1.5.x/deployment/security/saml/docker.md

@@ -26,14 +26,14 @@ If you are using an environment variable from an external file in our setup, and
 SAML_IDP_ENTITY_ID=https://mocksaml.com/api/saml/sso
 SAML_IDP_SSO_LOGIN_URL=https://saml.example.com/entityid
 SAML_IDP_CERTIFICATE=/path/to/the/certificate
-SAML_AUTHORITY_URL=http://localhost:8585/api/v1/saml/login
+SAML_AUTHORITY_URL=https://{your domain}/api/v1/saml/login
 SAML_IDP_NAME_ID=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
 
 # OpenMetadata Server SP Configuration
-SAML_SP_ENTITY_ID=http://localhost:8585/api/v1/saml/acs
+SAML_SP_ENTITY_ID=https://{your domain}/api/v1/saml/acs
-SAML_SP_ACS=http://localhost:8585/api/v1/saml/acs
+SAML_SP_ACS=https://{your domain}/api/v1/saml/acs
 SAML_SP_CERTIFICATE=/path/to/the/certificate
-SAML_SP_CALLBACK=http://localhost:8585/saml/callback
+SAML_SP_CALLBACK=https://{your domain}/saml/callback
 
 # OpenMetadata Server Security Configuration
 SAML_STRICT_MODE=false

openmetadata-docs/content/v1.5.x/deployment/security/saml/kubernetes.md

@@ -17,14 +17,14 @@ openmetadata:
       entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"}
       ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"}
       idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""}
-      authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"}
+      authorityUrl: ${SAML_AUTHORITY_URL:-"https://{your domain}/api/v1/saml/login"}
       nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"}
 
     sp:
-      entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/acs"}
+      entityId: ${SAML_SP_ENTITY_ID:-"https://{your domain}/api/v1/saml/acs"}
-      acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"}
+      acs: ${SAML_SP_ACS:-"https://{your domain}/api/v1/saml/acs"}
       spX509Certificate: ${SAML_SP_CERTIFICATE:-""}
-      callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"}
+      callback: ${SAML_SP_CALLBACK:-"https://{your domain}/saml/callback"}
     
     security:
       strictMode: ${SAML_STRICT_MODE:-false}