deployment

No menu items for this category
Home/Deployment/Security/Azure

Azure SSO

Follow the sections in this guide to set up Azure SSO.

Security requirements for your production environment:

  • DELETE the admin default account shipped by OM in case you had Basic Authentication enabled before configuring the authentication with Azure SSO.
  • UPDATE the Private / Public keys used for the JWT Tokens. The keys we provide by default are aimed only for quickstart and testing purposes. They should NEVER be used in a production installation.

Create Server Credentials

Step 1: Login to Azure Active Directory

Admin permissions are required to register the application on the Azure portal.

Step 2: Create a New Application

  • From the Azure Active Directory, navigate to the App Registrations section from the left nav bar.
create-app
  • Click on New Registration. This step is for registering the OpenMetadata UI.
create-app
  • Provide an Application Name for registration.
  • Provide a redirect URL as a Single Page Application.
  • Click on Register.
create-app

Step 3: Where to Find the Credentials

  • The Client ID and the Tenant ID are displayed in the Overview section of the registered application.
create-app
  • When passing the details for authority, the Tenant ID is added to the URL as shown in the example below. https://login.microsoftonline.com/TenantID

Configure Ingestion

Once your server security is set, it's time to review the ingestion configuration. Our bots support JWT tokens to authenticate to the server when sending requests.

Find more information on Enabling JWT Tokens.