This guide will show how to configure Dataedo to work with an oAuth2 identity provider. For this article, we'll be using Google as the IdP, but similar steps can be taken for other providers too.
Initial configuration in Google Cloud Console (oAuth2 provider)
Open Google Cloud Console and create new project:
In the newly opened tab, type in the Project name for your internal use (I chose "Dataedo Web") and choose the location if needed:
Now change the project to the one that you've just created, and select API & Services:
After that go to OAuth consent screen, decide if you want your application for Internal or External use, and click Create:
On the new screen, fill in all the required information and click Save and continue. On the next screen select Add or remove scopes and then select .../auth/userinfo.email. After that click Update and Save and continue:
On the last screen, you can see a summary of your configuration. If everything is OK, click Back to dashboard. Go to Credentails section, click Create credentials and then select OAuth client ID:
Select Web application option in Application type dropdown and enter your Dataedo Portal URL twice: first in Authorised JavaScript origins section (in the format: https://your-Dataedo-Portal.address.com), then in Authorised redirect URIs section:
for Docker setup: api/oauth2/authenticate/azureAD
for example https://your-Dataedo-Portal.address.com/api/oauth2/authenticate/google)
for IIS setup, please use api/api/oauth2/authenticate/azureAD
for example https://your-Dataedo-Portal.address.com/api/api/oauth2/authenticate/google.)
and click Create.
If you're unsure about your setup, contact our support team.
On the next screen, copy and save values of Cliend ID and Client secret. You can also download them as JSON file:
Configuring oAuth in Dataedo Portal
Log in to your Dataedo Portal instance with admin permissions, go to System settings and open the Login options tab. Expand GOOGLE (OAUTH2) section, then paste Client ID and Client Secret you've copied in the steps above. Enable this authentication method by toggling the swtich to ON and click Save:
The next time you open Dataedo Portal, you should have an option to log in with Google:
Click this option to go to the Google login page or (if you’re already logged in) directly to your Dataedo Portal home page.