Completing SSO Setup Using the Data Fabric UI

Describes how to configure the HPE Ezmeral Data Fabric to work with your SSO server.

It is a best practice to complete the SSO setup task soon after your fabric is installed. Non-SSO users have limited capabilities in using the Data Fabric UI.

New installations of release 7.5.0 or later do not need to complete the SSO setup using the Data Fabric UI. But these instructions might be needed if you import a customer-managed cluster.

To complete the SSO setup task:
  1. Sign in to the Data Fabric UI, and switch to the Fabric manager experience.
  2. Click Security administration.
  3. On the SSO setup card, click Setup SSO. The SSO setup form is displayed:

  4. Specify the following parameters:
    Parameter Description Example
    Provider* Your SSO provider. Currently, Keycloak is the only supported provider. Keycloak
    Provider URL* The URL of the SSO provider server. https://myserver.keycloak.com/oauth2/default
    Client Secret* The key that is used to authenticate a client with the Keycloak server. _BfjlzbnnQNbNdprf0vnQDSyXcuzziMzyrbm0raB
    Client ID* An identifier that enables communication between the Data Fabric and the SSO provider. 0oa8m2onb7CAohGdW5d8
    Certificate The self-signed certificate from the SSO provider. Drag and drop the certificate into the box in the SSO Setup form. Or click Select File to navigate to the certificate file and select it. <ssoprovider.crt>
  5. Click Create. The webserver restarts automatically to ensure that correct authentication is enforced. After submitting, wait at least 15 minutes for the SSO configuration to be propagated. Then sign in again with your SSO credentials.

Related maprcli Commands

To implement the features described on this page, the Data Fabric UI relies on the following maprcli commands. These commands are provided for general reference. For more information, see maprcli Commands in This Guide.