On this page

    Microsoft Azure Active Directory (AAD)

    This object allows for the use of Microsoft AAD as an identity provider for accessing Dremio.

    Identity Provider Object
    {
        "type": "AZURE_AD",
        "id": "acd23077-263a-4277-b5f6-926b1983c9de",
        "isActive": true,
        "domain": "dremio.onmicrosoft.com",
        "clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
        "clientSecret": null
    }
    

    Identity Provider Attributes

    type

    String

    The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.


    id

    String (UUID)

    The UUID to identify the identity provider.

    Example acd23077-263a-4277-b5f6-926b1983c9de


    isActive

    boolean

    Set to true if the identity provider is configured and enabled. Otherwise displays as false.

    Example true


    domain

    String

    The domain of your Azure AD account in the Azure portal.

    Example dremio.onmicrosoft.com


    clientID

    String

    The client ID or application ID of your registered Dremio application on the Azure portal.

    Example e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff


    clientSecret

    String

    The client secret of your registered Dremio application on the Azure portal.

    Example The client secret is not shown in the object and so the value is returned as `null`


    Adding Microsoft AAD

    Add Microsoft AAD as an identity provider. After adding an IdP, activate it using the associated endpoint.

    Adding Microsoft AAD
    POST /v0/identity-providers
    

    Parameters

    type

    query

    String

    The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.


    isActive

    query

    boolean

    Optional

    Set to false to add Microsoft AAD as an identity provider.


    domain

    query

    String

    The domain for your Microsoft AAD account in the Azure portal.


    clientID

    query

    String

    The client ID or application ID of your registered Dremio application on the Azure portal.


    clientSecret

    query

    String

    The client secret of your registered Dremio application on the Azure portal.

    note:

    For information on how to get the domain, client ID, and client secret from the Azure portal, see required Azure AD properties.

    Example Request
    curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    -D '{
        "type": "AZURE_AD",
        "isActive": "false",
        "domain": "dremio.onmicrosoft.com",
        "clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
        "clientSecret": "aaAaA_a1aA1A_A1aaa_1a~aaA1_A11-AA1"
    }'
    
    Example Response
    {
        "id": "acd23077-263a-4277-b5f6-926b1983c9de"
    }
    

    Responses

    200

    Identity Provider added successfully

    400

    Bad input parameter


    Retrieving Microsoft AAD

    Get the metadata for Microsoft AAD by providing the identity provider ID that was returned on creation.

    Retrieving Microsoft AAD
    GET /v0/identity-providers/{id}
    

    Parameters

    Example Request
    curl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    {
        "type": "AZURE_AD",
        "id": "acd23077-263a-4277-b5f6-926b1983c9de",
        "isActive": true,
        "domain": "dremio.onmicrosoft.com",
        "clientID": "e1cec408-4c58-4283-9b9b-9ec6a6e96f83",
        "clientSecret": null
    }
    

    Responses

    200

    Identity Provider returned successfully

    400

    Bad input parameter


    Activating Microsoft AAD

    Activate Microsoft AAD as an identity provider, once configured. This will show Microsoft AAD as an option to users on the Dremio Cloud login page.

    Activating Microsoft AAD
    POST /v0/identity-providers/{id}/activate
    

    Parameters

    Example Request
    curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/activate' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    No response
    

    Responses

    200

    Identity Provider activated successfully

    400

    Bad input parameter


    Deactivating Microsoft AAD

    Deactivate Microsoft AAD. The Microsoft AAD option will no longer be available to users for authentication to Dremio Cloud and it will not be shown on the login page.

    Deactivating Microsoft AAD
    POST /v0/identity-providers/{id}/deactivate
    

    Parameters

    Example Request
    curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/deactivate' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    No response
    

    Responses

    200

    Identity Provider deactivated successfully

    400

    Bad input parameter


    Deleting Microsoft AAD

    Delete Microsoft AAD.

    Deleting Microsoft AAD
    DELETE /v0/identity-providers/{id}
    

    Parameters

    Example Request
    curl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    No response
    

    Responses

    200

    Identity Provider deleted successfully

    400

    Bad input parameter