Skip to main content

Version: Next

Enable OIDC SSO

Feature Availability

Self-Hosted DataHub

DataHub Cloud

This guide will walk you through configuring OIDC Single Sign-On in DataHub Cloud.

Step 1. Complete OIDC Prerequisites

You will need the following in order to enable OIDC SSO in DataHub Cloud:

Gather the Client ID, Client Secret, and Discovery URI for your OIDC provider, as detailed in this guide.
Confirm you have the Manage Platform Settings privilege in DataHub.

Step 2. Enable OIDC SSO

In DataHub Cloud, navigate to Settings > Platform > SSO and choose OIDC.

Enter the Client ID, Client Secret, and Discovery URI from Step 1.
Confirm your preferred User Provisioning Strategy:
- Just-in-Time (JIT) Provisioning is enabled by default, automatically creating a DataHub User on login if one does not exist.
- Pre-Provisioning DataHub Users will only allow login for pre-provisioned DataHub Users. Requires configuring SSO Ingestion.
Optionally enable Extract Groups to extract group memberships in the OIDC profile by default. Requires JIT Provisioning.
Click Connect.
Log out and log back in through SSO to confirm connection succeeded.

note

We do not yet support LDAP or SAML authentication. Please let us know if either of these integrations would be useful for your organization.

Is this page helpful?

Step 1. Complete OIDC Prerequisites
Step 2. Enable OIDC SSO