mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-19 07:17:38 +00:00

sureshms 8ce7c879e8 OpenMetadata snapshot release 0.3

2021-08-01 14:27:44 -07:00

description
This is a guide to create ingestion bot service app.

Create Service Account

Step 1: Generate Public/Private key pair

Use a tool such as this JSON Web Key Generator to generate a JWKS public/private key pair for testing.
For a production use case, use your own internal instance of the key pair generator.
For production use case, clone the repository using git clone https://github.com/mitreid-connect/mkjwk.org.git.
Use mvn package -DskipTests && java -jar target/ROOT.war to run the above repo.
Go to http:localhost:8080 to generate public/private key pair.

Enter following values to generate public/private key pair:
- Key size - 2048
- Key use — signature
- Algorithm — RSA256
- Key ID — Optional This can be any random value.

Once you provide the input, click Generate. You will get the Public/Private Keypair, Public/Private Keypair Set and Public Key

You will need to make a POST request to https://${yourOktaDomain}/oauth2/v1/clients endpoint to create a service app in okta
The parameters involved in the request are:
- client_name - name of service app
- grant_type - client_credentials
- token_endpoint_auth_method — private_key_jwt
- application_type — service
- jwks — add the Public/Private Keypair Set that you created in the previous step.
The request looks something like this:

To add a grant for an allowed scope to your service app, we need to make a POST request to https://${yourOktaDomain}/api/v1/apps/{serviceappclient_id}/grants endpoint.
The parameters involved in the request are:
- scopeID — okta.clients.manage
The request looks something like this:

You can also add scopes by navigating to you Okta Dashboard and Clicking on Appications -> Applicaitons just like in step 2.