DataSunrise Achieves AWS Data & Analytics Competency. Learn more →

This website stores cookies to collect information about how you interact with our website. To find out more visit our Privacy Policy.

  • Home
  • Guides
  • DataSunrise SSO Authentication Based on OpenID (Okta)

DataSunrise SSO Authentication Based on OpenID (Okta)

How to Migrate DataSunrise CloudFormation Template from Launch Configuration (LC) to Launch Template (LT) Resource in Auto Scaling Group How to Send DataSunrise Events to a Microsoft Teams Channel via Incoming Webhook using Subscribers How To Offload The Audit Database Data To AWS S3 And Read It Using AWS Athena Service Convert Trial or BYOL Configuration of DataSunrise to Hourly Billing PostgreSQL (RDS) vs Aurora PostgreSQL How to Troubleshoot “Connection Was Terminated” or “Connection Terminated Unexpectedly” Errors in Applications Using DataSunrise Proxies DataSunrise’s Performance Under High Traffic Conditions DataSunrise’s Approach to Configuring Penalties for SQL Injection Detection How to Block Specific Hosts in DataSunrise for Enhanced Database Security Troubleshooting AWS Metering and Hourly Billing Issues in DataSunrise on AWS Marketplace How To Perform Cloud Formation Modification Dynamic Data Masking with DataSunrise: Masking with Lua scripts How to Choose the Database for Audit Storage: A Performance Analysis How to Run pgbench Through DataSunrise Proxy on PostgreSQL 14 with SCRAM Authentication DataSunrise SSO Authentication Based on SAML (Okta) DataSunrise SSO Authentication Based on OpenID (Okta) Comprehensive Guide On How to Search for Sensitive Data in Images Hosted on AWS S3 How to Deploy DataSunrise with Terraform Template on Azure Integrate DataSunrise with SQL Server Always On Cluster How to Deploy DataSunrise in Microsoft Azure Using Azure Resource Manager How to Perform DataSunrise Static Data Masking for MongoDB How to Configure DB Audit Trailing for MS Azure MySQL Configure DB Audit Trailing for MS Azure PostgreSQL How to Configure DataSunrise to Mask Data for Amazon Athena How to Upgrade RHEL OS version of existing DataSunrise servers How to Integrate DataSunrise with AWS Database Activity Streams for Getting Auditing Results for AWS Aurora PostgreSQL Set Up SSL Certificates for DataSunrise Database Proxy Reports in DataSunrise: Crucial System for Enhanced Database Security How to Hide Schemas From Users in Redshift AWS RDS PostgreSQL Audit Logs in DataSunrise Audit Administrative Actions in Your Oracle RDS and EC2 How to Check if DataSunrise Receives Traffic Remove a Procedure or a Function From a Database

Previously, we described how to make Single sign-on authentication (SSO) based on SAML with the help of Okta. SSO is a useful tool when you need to authenticate in different applications or websites with one set of credentials. That is why we also implemented SSO authentication based on another popular standard OpenID.

Today we will describe how to configure SSO authentication based on OpenID with Okta. OpenID is one of the most popular authentication options. It is the protocol that provides authentication by creating a new token specifically for identity. OpenID enables you to use one login session across different applications and services.

Adding a New Application in Okta

To enable Open ID authentication to the DataSunrise’s Web Console, do the following:

  1. Register in the Okta service. Navigate to Dashboard and click Create App Integration.

  2. On the Create a new app integration tab, select OpenID Connect as Sign-in method and Web Application as Application type.

    Picture1: Creating a New App

  3. On the next tab, set the app integration name (any) and input the following URL:

    https://<DataSunrise_IP_address>:11000/sso_endpoint

    For example:

    https://127.0.0.1:11000/sso_endpoint
https://localhost:11000/sso_endpoint

    Picture 2: New App Integration

  4. Go to the following page:

    Okta OIDC Well-Known Configuration . See Request Example. Copy the first part of the query (for example):

    And delete the middle part of it:

    oauth2/${authServerId}

    The query should look like the following:

    Open this query in your web browser for query results.

    Note that you will need the following values from there:

    authorization_endpoint
token_endpoint
jwks_uri

  5. Go to Okta’s Dashboard and navigate to ApplicationYour AppGeneralClient Credentials. Note that you will need the Client ID and Client secret parameter’s values:

    Picture 3: Client Credentials

Configuring SSO in DataSunrise

  1. Enter the DataSunrise’s Web Console. Note that you need to specify the full IP address instead of just a hostname. For example:

    https://127.0.0.1:11000

    Navigate to System SettingsSSO, click Add SSO Service.

  2. Input a logical name (any), select OpenID Connect in the SSO Service Type. Input the following values:

    Picture 4: Add SSO Service

After all these steps are done you can log in to DataSunrise with the help of OpenID.

Picture 5: Login with OpenID

As you can see the configuration is quite simple. Now you have the opportunity to log in to the DataSunrise’s Web Console and other applications using one set of credentials.

Did this guide help you?

Contact Us