mirror of
https://github.com/open-metadata/OpenMetadata.git
synced 2025-07-09 10:09:09 +00:00

* DOCS - Prepare 1.7 Release and 1.8 SNAPSHOT * DOCS - Prepare 1.7 Release and 1.8 SNAPSHOT
4.9 KiB
4.9 KiB
title | slug | collate |
---|---|---|
Auth0 SSO for Bare Metal | /deployment/security/auth0/bare-metal | false |
Auth0 SSO for Bare Metal
Update conf/openmetadata.yaml
In openmetadata.yaml
file and use the following example as a reference. Replace the placeholder values with the details generated during your Auth0 account and application credentials setup.
Check the more information about environment variable here.
{% codeWithLanguageSelector title="Auth Configuration" id="container-1" languagesArray=["implicit","authcode"] theme="dark" %}
# Implicit Flow Configuration
authorizerConfiguration:
className: "org.openmetadata.service.security.DefaultAuthorizer"
containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
adminPrincipals:
- "admin" # Administrator email prefix (e.g., "admin" from "admin@domain.com")
- "user1" # Additional administrator email prefix
- "user2" # Additional administrator email prefix
principalDomain: "open-metadata.org" # Primary domain for your organization (e.g., "yourdomain.com")
principalDomain: "open-metadata.org" # Update with your Domain,The primary domain for the organization (example.com from john.doe@example.com).
authenticationConfiguration:
provider: "auth0" # Authentication provider, set to "auth0"
publicKeyUrls:
- "https://{Auth0 Domain Name}/.well-known/jwks.json" # Replace {Auth0 Domain Name} with your Auth0 domain
- "{Your OMD Server URL}/api/v1/system/config/jwks" # Replace {Your OMD Server URL} with your OpenMetadata server URL
authority: "https://{Your Auth0 Domain}" # Base URL of your Auth0 domain
clientId: "{Client ID}" # Auth0 Client ID for your application
callbackUrl: "http://localhost:8585/callback" # Callback URL for OpenMetadata authentication
clientType: "public" # Set to "public" for implicit flow
# Auth Code Flow Configuration
authorizerConfiguration:
className: "org.openmetadata.service.security.DefaultAuthorizer"
containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
adminPrincipals:
- "admin" # Administrator email prefix (e.g., "admin" from "admin@domain.com")
- "user1" # Additional administrator email prefix
- "user2" # Additional administrator email prefix
principalDomain: "open-metadata.org" # Primary domain for your organization (e.g., "yourdomain.com")
authenticationConfiguration:
provider: "auth0" # Authentication provider, set to "auth0"
publicKeyUrls:
- "https://{Auth0 Domain Name}/.well-known/jwks.json" # Replace {Auth0 Domain Name} with your Auth0 domain
- "{Your OMD Server URL}/api/v1/system/config/jwks" # Replace {Your OMD Server URL} with your OpenMetadata server URL
authority: "https://{Your Auth0 Domain}" # Base URL of your Auth0 domain
clientId: "{Client ID}" # Auth0 Client ID for your application
callbackUrl: "http://localhost:8585/callback" # Callback URL for OpenMetadata authentication
clientType: "confidential" # Set to "confidential" for auth code flow
oidcConfiguration:
id: "{Client ID}" # Auth0 Client ID for your application
type: "auth0" # Ensure this matches your provider type
secret: "{Client Secret}" # Auth0 Client Secret for your application
discoveryUri: "https://{Auth0 Domain Name}/.well-known/openid-configuration"
# Discovery URI for OpenID configuration; replace {Auth0 Domain Name} with your Auth0 domain
callbackUrl: "http://localhost:8585/callback" # Callback URL for OpenMetadata authentication
serverUrl: "http://localhost:8585" # OpenMetadata server URL; update for production environments
{% /codeWithLanguageSelector %}
{% partial file="/v1.8/deployment/configure-ingestion.md" /%}
{% inlineCalloutContainer %} {% inlineCallout color="violet-70" icon="MdArrowBack" bold="Auth" href="/deployment/security/auth0" %} Go to Auth0 Configuration {% /inlineCallout %} {% /inlineCalloutContainer %}