security

No menu items for this category
Home/Security/One Login

OneLogin SSO

Follow the sections in this guide to set up OneLogin SSO.

Security requirements for your production environment:

  • DELETE the admin default account shipped by OM in case you had Basic Authentication enabled before configuring the authentication with OneLogin SSO.
  • UPDATE the Private / Public keys used for the JWT Tokens. The keys we provide by default are aimed only for quickstart and testing purposes. They should NEVER be used in a production installation.

Create Server Credentials

Step 1: Configure a new Application

  • Login to OneLogin as an administrator and click on Applications
create-account
  • Click on the Add App button and search for openid connect
  • Select the OpenId Connect (OIDC) app
create-account
  • Change the Display Name of the app to Open Metadata and click Save
create-account
  • Configure the login Url (http(s)://<domain>/signin) and redirect URI (http(s)://<domain>/callback) as shown below
create-account
  • Configure the users in the organization that can access OpenMetadata app by clicking on the Users
create-account
  • Click on "SSO" and select None (PKCE) for Token Endpoint.
create-account

Step 2: Where to find the Credentials

  • Go to "SSO" and copy the Client ID
create-account

You will need to share the following information with the Collate team:

  • Issuer URL
  • Client ID