Data Observability platform Help

Authentication settings

In authentication page you can set up secondary authentication systems such as OAuth/LDAP/AD for DQM users

General options

General Options

  • Create user on first log in - Users from secondary authentication systems will be created automatically with role 'user' on initial login

  • Enable OAuth - Enable secondary authentication for OAuth

  • Enable LDAP/AD - Enable secondary authentication for LDAP/AD

OAuth settings

  • Use OpenID – enable OpenID for OAuth endpoint

  • Self-signed cert – Force OAuth to validate self-signed certificate from provided certificates

  • Server URL – URL where current DQM deployment is hosted

  • Auth endpoint – OAuth server authentication endpoint

  • Token endpoint – OAuth server token endpoint

  • Client ID – OAuth client ID

  • Client Secret – OAuth client secret (Can be entered, when key icon is green)

  • Scope – OAuth authorization scope

  • Username field – OAuth username field

Examples:

Google OAuth example
Okta OAuth example
LDAP settings

  • Server – LDAP server, either ldap or ldaps

  • Root DN – LDAP server root distinguished name (If group name has whitespaces then wrap it between quotes e.g. OU=”group name”)

  • Search by – LDAP filter for search user (for example uid)

AD settings

  • Server – AD server, either ldap or ldaps

  • Root DN – AD server root distinguished name (If group name has whitespaces then wrap it between quotes e.g. OU=”group name”)

  • Search by – AD filter for search user (for example sAMAccountName)

  • Domain – AD domain

Certificates

In certificates section you can add custom certificates in case any authentications/connections uses TLS/SSL.

Certificates

Adding a certificate

AddCert

  1. Press “Add” button under certificates section

  2. Choose a certificate file

  3. Give certificate an alias for distinction

  4. Press “Add new certificate”

Adding an https certificate (Enabling HTTPS for DQM)

AddCertHttps

  1. Press “Add” button under certificates section

  2. Choose a certificate file

  3. Give certificate an alias “https” (which is only used for https enabling. Certificate file has to be either .p12 keystore containing RSA private key or .pem file containing RSA private key and certificate chain)

  4. Insert password if certificate is protected by one

  5. Press “Add new certificate”

  6. Tool will shut down automatically

  7. Manually start DQM container/WAR file from server side

Replacing a certificate

ReplaceCert

  1. Press ReplaceButton button under certificate row

  2. Choose new certificate file

  3. Press “Change certificate”

  4. If you replaced “https” certificate, you should reload settings from “Load settings” button on the same page

Last modified: 22 July 2024
License settingsConnector settings