yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-13 03:59:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/docs/install/enable-security/okta-sso/create-ingestion-service-account.md
parthp2107 e2578d6be3
Added documentation changes done in 0.5.0 branch to main (#1168) 
* GitBook: [#177] Documentation Update - Airflow

* GitBook: [#195] Removing Cron from databaseServices

* GitBook: [#196] Added trino

* GitBook: [#197] removed cron from config

* GitBook: [#198] Added Redash Documentation

* GitBook: [#199] Added Bigquery Usage Documentation

* GitBook: [#200] Added page link for presto

* GitBook: [#201] Added Local Docker documentation

* GitBook: [#202] Added Documentation for Local Docker Setup

* GitBook: [#203] Added Git Command to clone Openmetadata in docs

* GitBook: [#207] links update

* GitBook: [#208] Updating Airflow Documentation

* GitBook: [#210] Adding Python installation package under Airflow Lineage config

* GitBook: [#211] Change the links to 0.5..0

* GitBook: [#213] Move buried connectors page up

* GitBook: [#214] Update to connectors page

* GitBook: [#215] Removed sub-categories

* GitBook: [#212] Adding Discovery tutorial

* GitBook: [#220] Updated steps to H2s.

* GitBook: [#230] Complex queries

* GitBook: [#231] Add lineage to feature overview

* GitBook: [#232] Make feature overview headers verbs instead of nouns

* GitBook: [#233] Add data reliability to features overview

* GitBook: [#234] Add complex data types to feature overview

* GitBook: [#235] Simplify and further distinguish discovery feature headers

* GitBook: [#236] Add data importance to feature overview

* GitBook: [#237] Break Connectors into its own section

* GitBook: [#238] Reorganize first section of docs.

* GitBook: [#239] Add connectors to feature overview

* GitBook: [#240] Organize layout of feature overview into feature categories as agreed with Harsha.

* GitBook: [#242] Make overview paragraph more descriptive.

* GitBook: [#243] Create a link to Connectors section from feature overview.

* GitBook: [#244] Add "discover data through association" to feature overview.

* GitBook: [#245] Update importance and owners gifs

* GitBook: [#246] Include a little more descriptive documentation for key features.

* GitBook: [#248] Small tweaks to intro paragraph.

* GitBook: [#249] Clean up data profiler paragraph.

* GitBook: [#250] Promote Complex Data Types to its own feature.

* GitBook: [#251] Update to advanced search

* GitBook: [#252] Update Roadmap

* GitBook: [#254] Remove old features page (text and screenshot based).

* GitBook: [#255] Remove references to removed page.

* GitBook: [#256] Add Descriptions and Tags section to feature overview.

* GitBook: [#257] Update title for "Know Your Data"

Co-authored-by: Ayush Shah <ayush.shah@deuexsolutions.com>
Co-authored-by: Suresh Srinivas <suresh@getcollate.io>
Co-authored-by: Shannon Bradshaw <shannon.bradshaw@arrikto.com>
Co-authored-by: OpenMetadata <github@harsha.io>
2021-11-13 09:33:20 -08:00

3.7 KiB
Raw Blame History

description
This is a guide to create ingestion bot service app.

Create Service Account

Step 1: Generate Public/Private key pair

  • Use a tool such as this JSON Web Key Generator to generate a JWKS public/private key pair for testing.
  • For a production use case, use your own internal instance of the key pair generator.
  • For production use case, clone the repository using git clone https://github.com/mitreid-connect/mkjwk.org.git.
  • Use mvn package -DskipTests && java -jar target/ROOT.war to run the above repo.
  • Go to http:localhost:8080 to generate public/private key pairs.

Alt text

  • Enter the following values to generate a public/private key pair:
    • Key size - 2048
    • Key use — signature
    • Algorithm — RSA256
    • Key ID — (Optional) This can be any random value.

Alt text

  • Once you provide the input, click Generate. You will get the Public/Private Keypair, Public/Private Keypair Set, and Public Key

Alt text

Step 2: Create Service-App

  • You will need to make a POST request to https://${yourOktaDomain}/oauth2/v1/clients endpoint to create a service app in okta
  • The parameters involved in the request are:
    • client_name - the name of the service app
    • grant_type - client_credentials
    • token_endpoint_auth_methodprivate_key_jwt
    • application_typeservice
    • jwks — add the Public/Private Keypair Set that you created in the previous step.
  • The request looks something like this:

Alt text

  • To check if the service app is created navigate to your Okta Dashboard.

Alt text

  • Click on Applications -> Applications on the left side.

Alt text

  • You should see your service account in the list.

Alt text

Step 3: Grant allowed scopes

  • To add a grant for an allowed scope to your service app, we need to make a POST request to https://${yourOktaDomain}/api/v1/apps/{serviceappclient_id}/grants endpoint.
  • The parameters involved in the request are:
    • scopeIDokta.clients.manage
  • The request looks something like this:

Alt text

  • You can also add scopes by navigating to your Okta Dashboard and Clicking on Applications -> Applications just like in step 2.

Alt text

  • Click on your service app.

Alt text

  • Now click on Okta API Scopes available on the top of the form.

Alt text

  • Grant the scopes by clicking on Grant.
  • To get more info on the scopes. Visit the Doc