Skip to main content
Version: Next

Enable OIDC SSO

Feature Availability
Self-Hosted DataHub
DataHub Cloud

Note that we do not yet support LDAP or SAML authentication. Please let us know if either of these integrations would be useful for your organization.

After you have completed the OIDC Prerequisites, you are now ready to configure OIDC Single Sign-On in DataHub Cloud.

note

In order to set up the OIDC SSO integration, you must have the Manage Platform Settings privilege.

  1. In DataHub Cloud, navigate to Settings > Platform > SSO and choose OIDC.

  1. Enter the Client ID, Client Secret, and Discovery URI you obtained in the OIDC Prerequisites.
  2. Confirm your preferred User Provisioning Strategy:
  • Just-in-Time (JIT) Provisioning is enabled by defualt, automatically creating a DataHub User on login if one does not exist.
  • Pre-Provisioning DataHub Users will only allow login for pre-provisioned DataHub Users. Requires configuring SSO Ingestion.
  1. Optionally enable Extract Groups to exract group memberships in the OIDC profile by default. Requires JIT Provisioning.
  2. Click Connect.
  3. Log out and log back in through SSO to confirm connection succeeded.