Dataedo Portal oAuth2 configuration with Google

Applies to: Dataedo 24.x (current) versions, Article available also for: 23.x

This guide will show how to configure Dataedo to work with an oAuth2 identity provider. For this article, we'll be using Google as the IdP, but similar steps can be taken for other providers too.

Initial configuration in Google Cloud Console (oAuth2 provider)

Open Google Cloud Console and create new project: Image title

In the newly opened tab, type in the Project name for your internal use (I chose "Dataedo Web") and choose the location if needed: Image title

Now change the project to the one that you've just created, and select API & Services: Image title

After that go to OAuth consent screen, decide if you want your application for Internal or External use, and click Create: Image title

On the new screen, fill in all the required information and click Save and continue. On the next screen select Add or remove scopes and then select .../auth/userinfo.email. After that click Update and Save and continue: Image title

On the last screen, you can see a summary of your configuration. If everything is OK, click Back to dashboard. Go to Credentails section, click Create credentials and then select OAuth client ID: Image title

Select Web application option in Application type dropdown and enter your Dataedo Portal URL twice: first in Authorised JavaScript origins section (in the format: https://your-Dataedo-Portal.address.com), then in Authorised redirect URIs section: for Docker setup: api/oauth2/authenticate/azureAD for example https://your-Dataedo-Portal.address.com/api/oauth2/authenticate/google)
for IIS setup, please use api/api/oauth2/authenticate/azureAD for example https://your-Dataedo-Portal.address.com/api/api/oauth2/authenticate/google.)
and click Create. If you're unsure about your setup, contact our support team. Image title

On the next screen, copy and save values of Cliend ID and Client secret. You can also download them as JSON file: Image title

Configuring oAuth in Dataedo Portal

Log in to your Dataedo Portal instance with admin permissions, go to System settings and open the Login options tab. Expand GOOGLE (OAUTH2) section, then paste Client ID and Client Secret you've copied in the steps above. Enable this authentication method by toggling the swtich to ON and click Save: Image title

The next time you open Dataedo Portal, you should have an option to log in with Google: Image title

Click this option to go to the Google login page or (if you’re already logged in) directly to your Dataedo Portal home page.