Versions Compared

Old Version 13

changes.mady.by.user Dean Nguyen

Saved on

compared with

New Version Current

changes.mady.by.user Chichi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Scroll ignore
scroll-viewporttrue
scroll-pdftrue
scroll-officetrue
scroll-chmtrue
scroll-docbooktrue
scroll-eclipsehelptrue
scroll-htmltrue
scroll-epubtrue

Open in new tab

Note

This is a draft integration guide for Okta. Some steps may require further requirement. Any feedback is appreciated.

...

  • Open a new window and log in to your company’s Okta account. Go to the Admin portal

  • Go to Applications in the sidebar. Select Applications. Click Create App Integration


  • Select Open IDConnect & Web Application. Click Next

  • Under General Settings fill in the below and click Save

    • App integration name: Enter K Data Catalog

    • Application Logo: Use the image below or request the K Logo file from support@kada.ai

      Image RemovedImage Added

    • Sign-in redirect URIs: Paste the redirect URL from Step 1 in the Login redirect URLs field

    • Controlled Access: select Skip group assignment for now

  • In the General Tab, copy the Client ID and Client Secret for use in Step 3



  • Go down to General Settings and click Edit. Go to the Login section and update the following. Click Save

    • Login initiated by: Either Okta or App

    • Application visibility: Display application icon to users

    • Login flow: Redirect to app to initiate login (OIDC Compliant)

    • Initiate login URI: Enter your K instance URL e.g. https://[customer].kada.ai

  • Go to Security in the sidebar. Select API. Click on the Authentication Server to be used for SSO

  • Copy the Metadata URI for use in Step 3

...

  • Return to the Keycloak window from Step 1

  • Scroll to the bottom of the list and paste the Metadata URI that you copied in the previous step into the Import from URL and click Import

  • Some information will pre-populate from OKTA. Complete the missing information and click Save

    • Logout URL: Set this to your Okta login URL (e.g. https://abc123.okta.com/login/default) or any other URL

    • Client Authentication - Set to Client secret sent as basic auth

    • Client ID - Paste the Client ID saved from the previous step

    • Client Secret - Paste the Client Secret saved from the previous step

    • Default Scopes - Add openid email profile

    • Click Save

  • Select Authentication from the side panel to configure the first login flow.

  • On the Flow tab, select Browser in the dropdown menu

    • For the Auth Type Identity Provider Redirector, select Alternative

...

  • The Okta Log In option will now appear the next time you try to log in to KADA

...

To enable the configuration to be imported, set path for X.509 Client Certificate. Here is link to guide you through this from keycloak.

https://github.com/keycloak/keycloak-documentation/blob/master/server_admin/topics/authentication/x509.adoc