Authentication Providers (OAuth/SAML)

OAuth/SAML configuration settings for Databand Self-Hosted.

OAuth2 integrations

Databand currently supports the following OAuth2 providers:

  • GitHub
  • GitLab
  • Okta
    We also support SAML, see below.

All integrated providers should appear on Databand web Login page:

Other OAuth2 providers are not supported out of the box, but you can request such implementations.
Please add the following variables to your custom.env file.

GitHub

GitHub configuration:

DBND__AB_AUTH__OAUTH2_PROVIDERS=["github"]
DBND__AB_AUTH__GITHUB_KEY=************
DBND__AB_AUTH__GITHUB_SECRET=************

Okta

Okta configuration:


DBND__AB_AUTH__OAUTH2_PROVIDERS='["okta"]'
DBND__AB_AUTH__OKTA_KEY=************
DBND__AB_AUTH__OKTA_SECRET=************
DBND__AB_AUTH__OKTA_BASE_URL=https://dev-******.okta.com/oauth2/default

GitLab

GitLab configuration:

DBND__AB_AUTH__OAUTH2_PROVIDERS='["gitlab"]'
DBND__AB_AUTH__GITLAB_KEY=************
DBND__AB_AUTH__GITLAB_SECRET=************

### Multiple Providers Configuration

Make sure you update DBND__AB_AUTH__OAUTH2_PROVIDERS with all relevant providers. For example:
```bash
DBND__AB_AUTH__OAUTH2_PROVIDERS=["github","okta","gitlab"]

SAML

SAML support was tested with OKTA provider. You can find the full guide on configuring OKTA here

To configure DBND with SAML details use following variables:

DBND__AB_AUTH__SAML_PROVIDER_NAME=okta
DBND__AB_AUTH__SAML_ENTITYID=http://www.okta.com/************
DBND__AB_AUTH__SAML_METADATA_URL=https://dev-*****.okta.com/app/************/sso/saml/metadata

Requirements

The following information is required.

Entity ID

Make sure that you set Audience Restriction to Identity Provider Issuer value. Both Audience and Issuer are defined in DBND__AB_AUTH__SAML_ENTITYID.

Attribute Mappings

Attribute mappings need to include:

  • firstName
  • lastName
  • email
  • username

SSO and other URLs

The URLs you provide should be in the following format: https://<dbnd-host>/saml/sso/<saml-provider-name>

E.g.: https://companyname/saml/sso/okta

Example Configuration

Let's see how to enable authentication providers for a sample project dbnd-saml-example. The following screenshots are consecutive screenshots of the same page.

Part 1. (Beginning)

Part 2. (General Settings)

Step 3. (Attribute Statements)


Did this page help you?