Skip to main content

Okta

This is an object that represents your identity provider (IdP) when configured to use Okta. You can retrieve it to see what the current configuration is for Okta.

Related information: Identity Providers.

Identity Provider Object
{
"type": "OKTA",
"id": "23455721-06a5-43a7-84e2-4b1c770b2bb6",
"isActive": true,
"oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
"clientID": "0oa15f7o8yPtoKX0D5d7",
"clientSecret": null
}

Identity Provider Attributes

type String

The type of identity provider. For Okta, this attribute value is always OKTA.

Example: OKTA


id String (UUID)

The UUID generated to specifically identify the provider.

Example: 23455721-06a5-43a7-84e2-4b1c770b2bb6


isActive Boolean

The provider's current state, or level of accessibility. If true, the identity provider is configured, enabled, and usable to users from the Dremio Cloud login screen. If false, the identity provider is configured, but not enabled.

Example: true


oktaUrl String

The issuer URL for the registered Dremio application within an Okta organization.

Example: https://dcs-4472656d696f.okta.com/oauth2/default/


clientID String

The ID for the registered Dremio application with an Okta organization.

Example: e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff


clientSecret String

The client secret for the registered Dremio application with an Okta organization. Secrets are not shown in the object and will always return as null.

Example: null

Adding Okta

Add Okta as an identity provider. After adding an IdP, activate it using the associated endpoint.

Adding Okta
POST /v0/identity-providers

Parameters

type Body   String   Optional

The type of identity provider. For Okta, this value is always OKTA.

Example: OKTA


isActive Body   Boolean   Optional

Set to true to enable Okta as a usable identity provider. By default, this is set to false.

Example: false


oktaUrl Body   String   Optional

The issuer URL for the registered Dremio application within your Okta organization.

Example: https://dcs-4472656d696f.okta.com/oauth2/default/


clientID Body   String   Optional

The ID for the registered Dremio application with your Okta organization.

Example: 0oa15f7o8yPtoKX0D5d7


clientSecret Body   String   Optional

The client secret for the registered Dremio application with an Okta organization.

Example: AA-aOAAaAAAAAaaaaaAaA1aaa2aaAaAaAAaaA3AA

note

For information on how to get the client ID and client secret from the Okta organization, see Configure OIDC SSO.

Example Request
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json' \
-d '{
"type": "OKTA",
"isActive": "false",
"oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
"clientID": "0oa15f7o8yPtoKX0D5d7",
"clientSecret": "AA-aOAAaAAAAAaaaaaAaA1aaa2aaAaAaAAaaA3AA"
}'
Example Response
{
"id": "c7cfc963-a901-4c19-9d8f-630a7637063e"
}

Responses

200   OK

400   Bad Request

Retrieving Okta

Get the metadata for the Okta IdP. This is done by providing the ID that returned after initially creating the provider.

Retrieving Okta
GET /v0/identity-providers/{id}

Parameters

id Path   String

The ID of the Okta provider whose metadata you want to retrieve.

Example: acd23077-263a-4277-b5f6-926b1983c9de

Example Request
curl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
{
"type": "OKTA",
"id": "c7cfc963-a901-4c19-9d8f-630a7637063e",
"isActive": false,
"oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
"clientID": "0oa15f7o8yPtoKX0D5d7",
"clientSecret": null
}

Responses

200   OK

400   Bad Request

Activating Okta

After adding Okta as an IdP, it must be activated for an organization to begin using it. After completing this action, Okta will display as a login option for users accessing Dremio.

Activating Okta
POST /v0/identity-providers/{id}/activate

Parameters

id Path   String

The ID of the Okta provider whose metadata you want to activate.

Example: acd23077-263a-4277-b5f6-926b1983c9de

Example Request
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/activate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
No response

Responses

200   OK

400   Bad Request

Deactivating Okta

Deactivate Okta as an IdP. The Okta option will no longer display at the login page as an authentication option for users to access Dremio Cloud.

Deactivating Okta
POST /v0/identity-providers/{id}/deactivate

Parameters

id Path   String

The ID of the Okta provider whose metadata you want to deactivate.

Example: acd23077-263a-4277-b5f6-926b1983c9de

Example Request
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/deactivate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
No response

Responses

200   OK

400   Bad Request

Deleting Okta

Delete the Okta IdP. All metadata associated with this IdP is deleted from Dremio Cloud.

Deleting Okta
DELETE /v0/identity-providers/{id}

Parameters

id Path   String

The ID of the Okta provider whose metadata you want to delete.

Example: acd23077-263a-4277-b5f6-926b1983c9de

Example Request
curl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
No response

Responses

200   OK

400   Bad Request