Completing SSO Setup Using the Data Fabric UI
Describes how to configure the HPE Ezmeral Data Fabric to work with your SSO server.
It is a best practice to complete the SSO setup task soon after your fabric is installed. Non-SSO users have limited capabilities in using the Data Fabric UI.
New installations of release 7.5.0 or later do not need to complete the SSO setup using the Data Fabric UI. But these instructions might be needed if you import a customer-managed cluster.
To complete the SSO setup task:
- Sign in to the Data Fabric UI, and switch to the Fabric manager experience.
- Click Security administration.
- On the SSO setup card, click Setup
SSO. The SSO setup form is displayed:
- Specify the following parameters:
Parameter Description Example Provider* Your SSO provider. Currently, Keycloak is the only supported provider. Keycloak
Provider URL* The URL of the SSO provider server. https://myserver.keycloak.com/oauth2/default
Client Secret* The key that is used to authenticate a client with the Keycloak server. _BfjlzbnnQNbNdprf0vnQDSyXcuzziMzyrbm0raB
Client ID* An identifier that enables communication between the Data Fabric and the SSO provider. 0oa8m2onb7CAohGdW5d8
Certificate The self-signed certificate from the SSO provider. Drag and drop the certificate into the box in the SSO Setup form. Or click Select File to navigate to the certificate file and select it. <ssoprovider.crt>
- Click Create. The webserver restarts automatically to ensure that correct authentication is enforced. After submitting, wait at least 15 minutes for the SSO configuration to be propagated. Then sign in again with your SSO credentials.
Related maprcli Commands
To implement the features described on this page, the Data Fabric UI relies on the following
maprcli
commands. These commands are provided for general reference.
For more information, see maprcli Commands in This Guide.