Okta
This is an object that represents your identity provider (IdP) when configured to use Okta. You can retrieve it to see what the current configuration is for Okta.
Related information: Identity Providers.
Identity Provider Object{
"type": "OKTA",
"id": "23455721-06a5-43a7-84e2-4b1c770b2bb6",
"isActive": true,
"oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
"clientID": "0oa15f7o8yPtoKX0D5d7",
"clientSecret": null
}
Identity Provider Attributes
type String
The type of identity provider. For Okta, this attribute value is always OKTA
.
Example: OKTA
id String (UUID)
The UUID generated to specifically identify the provider.
Example: 23455721-06a5-43a7-84e2-4b1c770b2bb6
isActive Boolean
The provider's current state, or level of accessibility. If true
, the identity provider is configured, enabled, and usable to users from the Dremio Cloud login screen. If false
, the identity provider is configured, but not enabled.
Example: true
oktaUrl String
The issuer URL for the registered Dremio application within an Okta organization.
Example: https://dcs-4472656d696f.okta.com/oauth2/default/
clientID String
The ID for the registered Dremio application with an Okta organization.
Example: e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff
clientSecret String
The client secret for the registered Dremio application with an Okta organization. Secrets are not shown in the object and will always return as null
.
Example: null
Adding Okta
Add Okta as an identity provider. After adding an IdP, activate it using the associated endpoint.
Adding OktaPOST /v0/identity-providers
Parameters
type Body String Optional
The type of identity provider. For Okta, this value is always OKTA
.
Example: OKTA
isActive Body Boolean Optional
Set to true
to enable Okta as a usable identity provider. By default, this is set to false
.
Example: false
oktaUrl Body String Optional
The issuer URL for the registered Dremio application within your Okta organization.
Example: https://dcs-4472656d696f.okta.com/oauth2/default/
clientID Body String Optional
The ID for the registered Dremio application with your Okta organization.
Example: 0oa15f7o8yPtoKX0D5d7
clientSecret Body String Optional
The client secret for the registered Dremio application with an Okta organization.
Example: AA-aOAAaAAAAAaaaaaAaA1aaa2aaAaAaAAaaA3AA
For information on how to get the client ID and client secret from the Okta organization, see Configure OIDC SSO.
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json' \
-d '{
"type": "OKTA",
"isActive": "false",
"oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
"clientID": "0oa15f7o8yPtoKX0D5d7",
"clientSecret": "AA-aOAAaAAAAAaaaaaAaA1aaa2aaAaAaAAaaA3AA"
}'
{
"id": "c7cfc963-a901-4c19-9d8f-630a7637063e"
}
Responses
200 OK400 Bad Request
Retrieving Okta
Get the metadata for the Okta IdP. This is done by providing the ID that returned after initially creating the provider.
Retrieving OktaGET /v0/identity-providers/{id}
Parameters
id Path String
The ID of the Okta provider whose metadata you want to retrieve.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
{
"type": "OKTA",
"id": "c7cfc963-a901-4c19-9d8f-630a7637063e",
"isActive": false,
"oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
"clientID": "0oa15f7o8yPtoKX0D5d7",
"clientSecret": null
}
Responses
200 OK400 Bad Request
Activating Okta
After adding Okta as an IdP, it must be activated for an organization to begin using it. After completing this action, Okta will display as a login option for users accessing Dremio.
Activating OktaPOST /v0/identity-providers/{id}/activate
Parameters
id Path String
The ID of the Okta provider whose metadata you want to activate.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/activate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Responses
200 OK400 Bad Request
Deactivating Okta
Deactivate Okta as an IdP. The Okta option will no longer display at the login page as an authentication option for users to access Dremio Cloud.
Deactivating OktaPOST /v0/identity-providers/{id}/deactivate
Parameters
id Path String
The ID of the Okta provider whose metadata you want to deactivate.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/deactivate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Responses
200 OK400 Bad Request
Deleting Okta
Delete the Okta IdP. All metadata associated with this IdP is deleted from Dremio Cloud.
Deleting OktaDELETE /v0/identity-providers/{id}
Parameters
id Path String
The ID of the Okta provider whose metadata you want to delete.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Responses
200 OK400 Bad Request