From c156e01e34273bbaacdf906c93c0cfd0e6717f5d Mon Sep 17 00:00:00 2001 From: Sriharsha Chintalapani Date: Mon, 11 Dec 2023 18:37:13 -0800 Subject: [PATCH] Minor: Fix docs to include jwt url from OM in all the principalURLs config (#14342) --- .../deployment/security/amazon-cognito-sso/bare-metal.md | 1 + .../v1.2.x/deployment/security/amazon-cognito-sso/docker.md | 2 +- .../deployment/security/amazon-cognito-sso/kubernetes.md | 2 +- .../content/v1.2.x/deployment/security/auth0/bare-metal.md | 1 + .../content/v1.2.x/deployment/security/auth0/docker.md | 3 ++- .../content/v1.2.x/deployment/security/auth0/kubernetes.md | 2 +- .../content/v1.2.x/deployment/security/azure/bare-metal.md | 1 + .../content/v1.2.x/deployment/security/azure/docker.md | 2 +- .../content/v1.2.x/deployment/security/azure/kubernetes.md | 2 +- .../content/v1.2.x/deployment/security/basic-auth/index.md | 2 +- .../v1.2.x/deployment/security/custom-oidc/bare-metal.md | 1 + .../content/v1.2.x/deployment/security/custom-oidc/docker.md | 2 +- .../v1.2.x/deployment/security/custom-oidc/kubernetes.md | 2 +- .../content/v1.2.x/deployment/security/google/bare-metal.md | 1 + .../content/v1.2.x/deployment/security/google/docker.md | 2 +- .../content/v1.2.x/deployment/security/google/kubernetes.md | 1 + .../content/v1.2.x/deployment/security/keycloak/bare-metal.md | 1 + .../content/v1.2.x/deployment/security/keycloak/docker.md | 2 +- .../content/v1.2.x/deployment/security/keycloak/kubernetes.md | 2 +- .../content/v1.2.x/deployment/security/ldap/bare-metal.md | 2 +- .../content/v1.2.x/deployment/security/okta/bare-metal.md | 1 + .../content/v1.2.x/deployment/security/okta/docker.md | 2 +- .../content/v1.2.x/deployment/security/okta/kubernetes.md | 2 +- .../content/v1.2.x/deployment/security/one-login/bare-metal.md | 1 + .../content/v1.2.x/deployment/security/one-login/docker.md | 2 +- .../content/v1.2.x/deployment/security/one-login/kubernetes.md | 2 +- 26 files changed, 27 insertions(+), 17 deletions(-) diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/bare-metal.md index f3d9d5e71a8..5dbef621686 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/bare-metal.md @@ -16,6 +16,7 @@ authenticationConfiguration: provider: "aws-cognito" publicKeyUrls: - "https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}/.well-known/jwks.json" + - "http://{your domain}:8585/api/v1/system/config/jwks" authority: "https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}" clientId: "{Client ID}" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/docker.md index b42c5e9c3f5..0c0fd436cc8 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/docker.md @@ -20,7 +20,7 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin] # Your `name` from name@domain.com AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=aws-cognito -AUTHENTICATION_PUBLIC_KEYS=[{Cognito Domain}/{User Pool ID}/.well-known/jwks.json] # Update with your Cognito Domain and User Pool ID +AUTHENTICATION_PUBLIC_KEYS=[{Cognito Domain}/{User Pool ID}/.well-known/jwks.json, http://{your domain}:8585/api/v1/system/config/jwks] # Update with your Cognito Domain and User Pool ID AUTHENTICATION_AUTHORITY={Cognito Domain}/{User Pool ID} # Update with your Cognito Domain and User Pool ID as follows - https://cognito-idp.us-west-1.amazonaws.com/us-west-1_DL8xfTzj8 AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/kubernetes.md index 990f302779f..cdc78afb84c 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/amazon-cognito-sso/kubernetes.md @@ -22,7 +22,7 @@ openmetadata: authentication: provider: "aws-cognito" publicKeys: - - "http://openmetadata:8585/api/v1/config/jwks" + - "http://{your domain}:8585/api/v1/system/config/jwks" - "{Cognito Domain}/{User Pool ID}/.well-known/jwks.json" # Update with your Cognito Domain and User Pool ID authority: "{Cognito Domain}/{User Pool ID}" # Update with your Cognito Domain and User Pool ID as follows - https://cognito-idp.us-west-1.amazonaws.com/us-west-1_DL8xfTzj8 clientId: "{Client ID}" # Update with your Client ID diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/auth0/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/auth0/bare-metal.md index c3273840e2c..bb7f670409d 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/auth0/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/auth0/bare-metal.md @@ -14,6 +14,7 @@ authenticationConfiguration: provider: "auth0" publicKeyUrls: - "https://parth-panchal.us.auth0.com/.well-known/jwks.json" + - "http://{your domain}:8585/api/v1/system/config/jwks" #Make sure this URL is always configured to enable JWT tokens authority: "https://parth-panchal.us.auth0.com/" clientId: "{Client ID}" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/auth0/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/auth0/docker.md index ed6716edfb9..bcf775e7eb2 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/auth0/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/auth0/docker.md @@ -20,7 +20,8 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin] # Your `name` from name@domain.com AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=auth0 -AUTHENTICATION_PUBLIC_KEYS=[{Domain}/.well-known/jwks.json,http://openmetadata:8585/api/v1/config/jwks] # Update with your Domain +AUTHENTICATION_PUBLIC_KEYS=[{Domain}/.well-known/jwks.json,http://{your openmetadata domain}/api/v1/config/jwks] # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens + AUTHENTICATION_AUTHORITY={Domain} # Update with your Domain AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/auth0/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/auth0/kubernetes.md index 4ccb6bcbc56..187c75ef621 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/auth0/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/auth0/kubernetes.md @@ -22,7 +22,7 @@ openmetadata: authentication: provider: "auth0" publicKeys: - - "http://openmetadata:8585/api/v1/config/jwks" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens - "{Auth0 Domain Name}/.well-known/jwks.json" authority: "https://parth-panchal.us.auth0.com/" clientId: "{Client ID}" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/azure/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/azure/bare-metal.md index c340eaef044..ee5fd956e6f 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/azure/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/azure/bare-metal.md @@ -16,6 +16,7 @@ authenticationConfiguration: provider: "azure" publicKeyUrls: - "https://login.microsoftonline.com/common/discovery/keys" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: "https://login.microsoftonline.com/{Tenant ID}" clientId: "{Client ID}" # Azure Application callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/azure/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/azure/docker.md index 7482096a557..cf522418df5 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/azure/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/azure/docker.md @@ -24,7 +24,7 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin] # Your `name` from name@domain.com AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=azure -AUTHENTICATION_PUBLIC_KEYS=[https://login.microsoftonline.com/common/discovery/keys] +AUTHENTICATION_PUBLIC_KEYS=[https://login.microsoftonline.com/common/discovery/keys, http://{your openmetadata domain}/api/v1/config/jwks] # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens AUTHENTICATION_AUTHORITY=https://login.microsoftonline.com/{Tenant ID} # Update with your Tenant ID AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID of Azure Application AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/azure/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/azure/kubernetes.md index 6aca65ff6ec..834d11ebeea 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/azure/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/azure/kubernetes.md @@ -26,7 +26,7 @@ openmetadata: authentication: provider: "azure" publicKeys: - - "http://openmetadata:8585/api/v1/config/jwks" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens - "https://login.microsoftonline.com/common/discovery/keys" authority: "https://login.microsoftonline.com/{Tenant ID}" clientId: "{Client ID}" # Azure Application diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/basic-auth/index.md b/openmetadata-docs/content/v1.2.x/deployment/security/basic-auth/index.md index 82c38a5a221..5bcc4c048ba 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/basic-auth/index.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/basic-auth/index.md @@ -35,7 +35,7 @@ The following configuration controls the auth mechanism for OpenMetadata. Update ```yaml authenticationConfiguration: provider: ${AUTHENTICATION_PROVIDER:-basic} - publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]} + publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://{your openmetadata domain}/api/v1/config/jwks]} # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com} enableSelfSignup : ${AUTHENTICATION_ENABLE_SELF_SIGNUP:-true} ``` diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/bare-metal.md index ff85dccde6c..82b9058f384 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/bare-metal.md @@ -19,6 +19,7 @@ authenticationConfiguration: providerName: "KeyCloak" publicKeyUrls: - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: "http://localhost:8080/realms/myrealm" clientId: "{client id}" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/docker.md index 6f5293ab076..578f5c24cef 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/docker.md @@ -21,7 +21,7 @@ AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=custom-oidc CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=KeyCloak -AUTHENTICATION_PUBLIC_KEYS=[{http://localhost:8080/realms/myrealm/protocol/openid-connect/certs}] +AUTHENTICATION_PUBLIC_KEYS=[http://localhost:8080/realms/myrealm/protocol/openid-connect/certs, http://{your openmetadata domain}/api/v1/config/jwks] # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens AUTHENTICATION_AUTHORITY={http://localhost:8080/realms/myrealm} AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/kubernetes.md index fe787a5ea81..bc9cba5aa8a 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/custom-oidc/kubernetes.md @@ -22,7 +22,7 @@ global: authentication: provider: "custom-oidc" publicKeys: - - "http://openmetadata:8585/api/v1/config/jwks" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs" authority: "http://localhost:8080/realms/myrealm" clientId: "{Client ID}" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/google/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/google/bare-metal.md index 4f78313b5c9..af707303009 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/google/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/google/bare-metal.md @@ -14,6 +14,7 @@ authenticationConfiguration: provider: "google" publicKeyUrls: - "https://www.googleapis.com/oauth2/v3/certs" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: "https://accounts.google.com" clientId: "{client id}" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/google/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/google/docker.md index 36eef3cd023..78a35eefbad 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/google/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/google/docker.md @@ -21,7 +21,7 @@ AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot] AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=google -AUTHENTICATION_PUBLIC_KEYS=[https://www.googleapis.com/oauth2/v3/certs] +AUTHENTICATION_PUBLIC_KEYS=[https://www.googleapis.com/oauth2/v3/certs, http://{your openmetadata domain}/api/v1/config/jwks] # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens AUTHENTICATION_AUTHORITY=https://accounts.google.com AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Google SSO Client ID AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/google/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/google/kubernetes.md index 8efa13c4dc9..a3176ef9823 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/google/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/google/kubernetes.md @@ -27,6 +27,7 @@ openmetadata: provider: "google" publicKeys: - "https://www.googleapis.com/oauth2/v3/certs" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: "https://accounts.google.com" clientId: "{client id}" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/bare-metal.md index b5accd35729..b4da663dfd0 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/bare-metal.md @@ -20,6 +20,7 @@ authenticationConfiguration: providerName: "KeyCloak" publicKeyUrls: - "http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: "http://localhost:8081/auth/realms/data-sec" clientId: "open-metadata" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/docker.md index a545d16595a..663b9b2561c 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/docker.md @@ -23,7 +23,7 @@ AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=custom-oidc CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=KeyCloak -AUTHENTICATION_PUBLIC_KEYS=[{http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs}] +AUTHENTICATION_PUBLIC_KEYS=[http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs, http://{your openmetadata domain}/api/v1/config/jwks] # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens AUTHENTICATION_AUTHORITY={http://localhost:8081/auth/realms/data-sec} AUTHENTICATION_CLIENT_ID=open-metadata # Update with your Client ID AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/kubernetes.md index fb8189ff790..a4402dd4ab3 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/keycloak/kubernetes.md @@ -24,7 +24,7 @@ openmetadata: authentication: provider: "custom-oidc" publicKeys: - - "http://openmetadata:8585/api/v1/config/jwks" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens - "http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs" authority: "http://localhost:8081/auth/realms/data-sec" clientId: "{Client ID}" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/ldap/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/ldap/bare-metal.md index 1d8b7d7eac5..5026215d17b 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/ldap/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/ldap/bare-metal.md @@ -14,7 +14,7 @@ The following configuration controls the auth mechanism for OpenMetadata. Update ```yaml authenticationConfiguration: provider: ${AUTHENTICATION_PROVIDER:-ldap} - publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]} + publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://{your openmetadata domain}/api/v1/config/jwks]} # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com} enableSelfSignup : ${AUTHENTICATION_ENABLE_SELF_SIGNUP:-false} ldapConfiguration: diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/okta/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/okta/bare-metal.md index a9792051a43..6b7b00b810e 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/okta/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/okta/bare-metal.md @@ -14,6 +14,7 @@ authenticationConfiguration: provider: "okta" publicKeyUrls: - "{ISSUER_URL}/v1/keys" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: "{ISSUER_URL}" clientId: "{CLIENT_ID - SPA APP}" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/okta/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/okta/docker.md index 7a9e524c40d..9878b2fa8b9 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/okta/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/okta/docker.md @@ -27,7 +27,7 @@ AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot, ] AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=okta -AUTHENTICATION_PUBLIC_KEYS={ISSUER_URL}/v1/keys # Update with your Issuer URL +AUTHENTICATION_PUBLIC_KEYS=[{ISSUER_URL}/v1/keys, http://{your openmetadata domain}/api/v1/config/jwks] # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens AUTHENTICATION_AUTHORITY={ISSUER_URL} # Update with your Issuer URL AUTHENTICATION_CLIENT_ID={CLIENT_ID - SPA APP} # Update with your Client ID AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/okta/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/okta/kubernetes.md index f182af0790f..d50f80887ca 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/okta/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/okta/kubernetes.md @@ -25,7 +25,7 @@ openmetadata: authentication: provider: "okta" publicKeys: - - "http://openmetadata:8585/api/v1/config/jwks" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens - "{ISSUER_URL}/v1/keys" authority: "{ISSUER_URL}" clientId: "{CLIENT_ID - SPA APP}" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/one-login/bare-metal.md b/openmetadata-docs/content/v1.2.x/deployment/security/one-login/bare-metal.md index f75264b669e..85639c862f4 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/one-login/bare-metal.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/one-login/bare-metal.md @@ -19,6 +19,7 @@ authenticationConfiguration: providerName: "OneLogin" publicKeyUrls: - "{IssuerUrl}/certs" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens authority: "{IssuerUrl}" clientId: "{client id}" callbackUrl: "http://localhost:8585/callback" diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/one-login/docker.md b/openmetadata-docs/content/v1.2.x/deployment/security/one-login/docker.md index 244c9e17fa5..9c1f5c08313 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/one-login/docker.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/one-login/docker.md @@ -20,7 +20,7 @@ AUTHORIZER_ADMIN_PRINCIPALS=[admin] # Your `name` from name@domain.com AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain AUTHENTICATION_PROVIDER=custom-oidc -AUTHENTICATION_PUBLIC_KEYS={public key url} # Update with your Public Key URL +AUTHENTICATION_PUBLIC_KEYS=[{public key url}, http://{your openmetadata domain}/api/v1/config/jwks] # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens AUTHENTICATION_AUTHORITY={issuer url} # Update with your Issuer URL AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback diff --git a/openmetadata-docs/content/v1.2.x/deployment/security/one-login/kubernetes.md b/openmetadata-docs/content/v1.2.x/deployment/security/one-login/kubernetes.md index c762c8501e7..ad09778566d 100644 --- a/openmetadata-docs/content/v1.2.x/deployment/security/one-login/kubernetes.md +++ b/openmetadata-docs/content/v1.2.x/deployment/security/one-login/kubernetes.md @@ -23,7 +23,7 @@ openmetadata: authentication: provider: "custom-oidc" publicKeys: - - "http://openmetadata:8585/api/v1/config/jwks" + - "http://{your openmetadata domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens - "{IssuerUrl}/certs" authority: "{IssuerUrl}" clientId: "{client id}"