yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-13 20:18:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/openmetadata-docs-v1/content/v1.0.0/deployment/security/custom-oidc/index.md
Pere Miquel Brull 6fcdf803e6
Prepare Docs V1 structure (#11089) 
* Prepare Docs V1 structure

* Point to the v1.0.0 images dir

* Use the same ssh key

* Use new key

* Add connectors icons

* Update images
2023-04-17 16:45:47 +02:00

75 lines
2.3 KiB
Markdown
Raw Blame History

---
title: Custom OIDC SSO
slug: /deployment/security/custom-oidc
---
# Custom OIDC SSO
Follow the sections in this guide to set up Custom OIDC SSO.
<Important>
Security requirements for your **production** environment:
- **DELETE** the admin default account shipped by OM in case you had [Basic Authentication](/deployment/security/basic-auth)
enabled before configuring the authentication with Custom OIDC SSO.
- **UPDATE** the Private / Public keys used for the [JWT Tokens](/deployment/security/enable-jwt-tokens). The keys we provide
by default are aimed only for quickstart and testing purposes. They should NEVER be used in a production installation.
</Important>
## Create Server Credentials
- Go to the console of your preferred custom OIDC SSO provider
- Create an OIDC client application with implicit flow enabled to get a client ID.
### Create Client ID and Secret Key
- Navigate to your preferred OIDC provider console and create an OIDC client application.
- Generate client ID and secret key in JSON format.
After the applying these steps, you can update the configuration of your deployment:
<InlineCalloutContainer>
<InlineCallout
color="violet-70"
icon="celebration"
bold="Docker Security"
href="/deployment/security/custom-oidc/docker"
>
Configure Custom OIDC SSO for your Docker Deployment.
</InlineCallout>
<InlineCallout
color="violet-70"
icon="storage"
bold="Bare Metal Security"
href="/deployment/security/custom-oidc/bare-metal"
>
Configure Custom OIDC SSO for your Bare Metal Deployment.
</InlineCallout>
<InlineCallout
color="violet-70"
icon="fit_screen"
bold="Kubernetes Security"
href="/deployment/security/custom-oidc/kubernetes"
>
Configure Custom OIDC SSO for your Kubernetes Deployment.
</InlineCallout>
</InlineCalloutContainer>
## Configure Ingestion
After everything has been set up, you will need to configure your workflows if you are running them via the
`metadata` CLI or with any custom scheduler.
When setting up the YAML config for the connector, update the `workflowConfig` as follows:
```yaml
workflowConfig:
openMetadataServerConfig:
hostPort: 'http://localhost:8585/api'
authProvider: custom-oidc
securityConfig:
clientId: '{your_client_id}'
secretKey: '{your_client_secret}'
domain: '{your_domain}'
```
Reference in New Issue View Git Blame Copy Permalink