Configuring Okta Single Sign-on for Lakehouse Optimizer

Owned by bkepler@bpcs.com
Nov 21, 2024
2 min read

Sign in to your Okta portal with admin credentials. You will need permissions to create an App Integration

 

From the left side navigation, click on Applications to navigate to the Applications page

image-20241121-214009.png

Click on 'Create App Integration' image-20241121-214250.png .

Sign-in method: OIDC - OpenID Connect

Application type: Web Application

Click “Next'

On the ‘New Web App Integration’ page:

App integration name: Something descriptive. eg 'Lakehouse Optimizer'

Grant type: Click the option to also include ‘Refresh Token’ under ‘Core grants’

Sign-in redirect URIs: Add an entry for the Lakehouse Optimizer Public DNS

https://<application public DNS>/login/oauth2/code/okta

example: https://lho-example.blueprint.com/login/oauth2/code/okta

 

The rest of the configuration on this page can be left default or updated as dictated by your specific IT needs.

Click ‘Save'

image-20241121-220332.png

After saving you are navigated to the ‘General’ tab. Copy both the ‘Client ID’ and the active Client Secret. Save these values for later use. If the application integration did not configure this automatically, please edit the ‘Client Credentials to use ‘Client Secret’ as this is the required method of client authentication by Lakehouse Optimizer

Navigate to ‘Okta API Scopes’ and grant the below scopes:

okta.groups.read

okta.myAccount.profile.read

okta.roles.read

okta.users.read

okta.users.read.self

That’s it, you’re done! You can now continue with the rest of the Lakehouse Optimizer setup