On this page

    Okta

    This is an object that represents your identity provider (IdP) when configured to use Okta. You can retrieve it to see what the current configuration is for Okta.

    Related information: Identity Providers.

    Identity Provider Object
    {
      "type": "OKTA",
      "id": "23455721-06a5-43a7-84e2-4b1c770b2bb6",
      "isActive": true,
      "oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
      "clientID": "0oa15f7o8yPtoKX0D5d7",
      "clientSecret": null
    }
    

    Identity Provider Attributes

    type

    String

    The type of identity provider. For Okta, this attribute value will always be OKTA.


    id

    String (UUID)

    The UUID generated to specifically identify the provider.

    Example 23455721-06a5-43a7-84e2-4b1c770b2bb6


    isActive

    boolean

    The provider's current state, or level of accessibility. If true, the identity provider is configured, enabled, and usable to users from the Dremio Cloud login screen. If false, the identity provider is configured, but not enabled.

    Example true


    oktaUrl

    String

    The issuer URL for the registered Dremio application within an Okta organization.

    Example https://dcs-4472656d696f.okta.com/oauth2/default/


    clientID

    String

    The ID for the registered Dremio application with an Okta organization.

    Example e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff


    clientSecret

    String

    The client secret for the registered Dremio application with an Okta organization. Secrets are not shown in the object and will always return as null.

    Example null


    Adding Okta

    Add Okta as an identity provider. After adding an IdP, activate it using the associated endpoint.

    Adding Okta
    POST /v0/identity-providers
    

    Parameters

    type

    query

    String

    The type of identity provider. For Okta, this value will always be OKTA.


    isActive

    query

    boolean

    Optional

    Set to true to enable Okta as a usable identity provider. By default, this is set to false.


    oktaUrl

    query

    String

    The issuer URL for the registered Dremio application within your Okta organization.


    clientID

    query

    String

    The ID for the registered Dremio application with your Okta organization.


    clientSecret

    query

    String

    The client secret for the registered Dremio application with an Okta organization.

    note:

    For information on how to get the client ID and client secret from the Okta organization, see required Okta properties.

    Example Request
    curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    -D '{
         "type": "OKTA",
         "isActive": "false",
         "oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
         "clientID": "0oa15f7o8yPtoKX0D5d7",
         "clientSecret": "AA-aOAAaAAAAAaaaaaAaA1aaa2aaAaAaAAaaA3AA"
        }'
    
    Example Response
    {
        "id": "c7cfc963-a901-4c19-9d8f-630a7637063e"
    }
    

    Responses

    200

    Identity Provider added successfully

    400

    Bad input parameter


    Retrieving Okta

    Get the metadata for the Okta IdP. This is done by providing the ID that returned after initially creating the provider.

    Retrieving Okta
    GET /v0/identity-providers/{id}
    

    Parameters

    id

    path

    String

    The ID of the Okta provider whose metadata you want to retrieve.

    Example Request
    curl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    {
      "type": "OKTA",
      "id": "c7cfc963-a901-4c19-9d8f-630a7637063e",
      "isActive": false,
      "oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
      "clientID": "0oa15f7o8yPtoKX0D5d7",
      "clientSecret": null
    }
    

    Responses

    200

    Identity Provider returned successfully

    400

    Bad input parameter


    Activating Okta

    After adding Okta as an IdP, it must be activated for an organization to begin using it. After completing this action, Okta will display as a login option for users accessing Dremio.

    Activating Okta
    POST /v0/identity-providers/{id}/activate
    

    Parameters

    id

    path

    String

    The ID of the identity provider that you want to activate.

    Example Request
    curl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/activate' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    No response
    

    Responses

    200

    Identity Provider activated successfully

    400

    Bad input parameter


    Deactivating Okta

    Deactivate Okta as an IdP. The Okta option will no longer display at the login page as an authentication option for users to access Dremio Cloud.

    Deactivating Okta
    POST /v0/identity-providers/{id}/deactivate
    

    Parameters

    id

    path

    String

    The ID of the identity provider that you want to deactivate.

    Example Request
    curl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/deactivate' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    No response
    

    Responses

    200

    Identity Provider deactivated successfully

    400

    Bad input parameter


    Deleting Okta

    Delete the Okta IdP. All metadata associated with this IdP is deleted from Dremio Cloud.

    Deleting Okta
    DELETE /v0/identity-providers/{id}
    

    Parameters

    id

    path

    String

    The ID of the identity provider that you want to delete.

    Example Request
    curl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
    -H 'Authorization: Bearer <personal access token>' \
    -H 'Content-Type: application/json' \
    
    Example Response
    No response
    

    Responses

    200

    Identity Provider deleted successfully

    400

    Bad input parameter