Skip to main content

Add an Identity Provider

note

To enable identity providers in Ahana, contact Ahana Support.

Adding an identity provider affects all Presto clusters in the Ahana Compute Plane created after the identity provider is added. Existing Presto clusters are not affected. To enable the identity provider for an existing Presto cluster, delete the Presto cluster and recreate it. See Delete a Presto Cluster and Create a Presto Cluster.

To add an identity provider definition in Ahana:

  1. In the Ahana SaaS Console, select Security, then select IdentityProvider.

    Identity Provider

  2. Select Add an Identity Provider.

  3. Select OIDC.

    Identity Provider Client Setup pane

  4. Copy the Sign-In Redirect URL and use it to configure your identity provider.

    Identity Provider Details pane

  5. Enter a Name. The name must be unique across your Ahana Compute Plane. Ahana recommends a descriptive name to help you identify the integration in your identity provider.

  6. In Well Known Config URL, enter the appropriate URL.

    For example, to create the Well Known Config URL if using Okta as the identity provider:

    1. In Okta, select Security, API, Authorization Servers, then select the authentication server for Ahana.

    2. In Settings, copy the Metadata URI. The Metadata URI will be similar to this example: https://account.okta.com/oauth2/default/.well-known/oauth-authorization-server

    3. Edit the URI by deleting everything after account.okta.com/ and adding .well-known/openid-configuration to the end. The result will be similar to this example: https://account.okta.com/.well-known/openid-configuration

    4. In Ahana, enter the edited URL into Well Known Config URL.

  7. Enter the Client ID and Client Secret that was generated from your identity provider configuration.

  8. Select Add Identity Provider.

    Identity Provider Confirmation

  9. In the confirmation dialog, select Add Identity Provider.