Okta

This is an object that represents your identity provider (IdP) when configured to use Okta. You can retrieve it to see what the current configuration is for Okta.

Related information: Identity Providers.

Identity Provider Object

{
  "type": "OKTA",
  "id": "23455721-06a5-43a7-84e2-4b1c770b2bb6",
  "isActive": true,
  "oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
  "clientID": "0oa15f7o8yPtoKX0D5d7",
  "clientSecret": null
}

Identity Provider Attributes

type

String

The type of identity provider. For Okta, this attribute value will always be OKTA.

---

id

String (UUID)

The UUID generated to specifically identify the provider.

Example 23455721-06a5-43a7-84e2-4b1c770b2bb6

---

isActive

boolean

The provider's current state, or level of accessibility. If true, the identity provider is configured, enabled, and usable to users from the Dremio Cloud login screen. If false, the identity provider is configured, but not enabled.

Example true

---

oktaUrl

String

The issuer URL for the registered Dremio application within an Okta organization.

Example https://dcs-4472656d696f.okta.com/oauth2/default/

---

clientID

String

The ID for the registered Dremio application with an Okta organization.

Example e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff

---

clientSecret

String

The client secret for the registered Dremio application with an Okta organization. Secrets are not shown in the object and will always return as null.

Example null

---

Adding Okta

Add Okta as an identity provider. After adding an IdP, activate it using the associated endpoint.

Adding Okta

POST /v0/identity-providers

Parameters

type

body

String

The type of identity provider. For Okta, this value will always be OKTA.

---

isActive

body

boolean

Optional

Set to true to enable Okta as a usable identity provider. By default, this is set to false.

---

oktaUrl

body

String

The issuer URL for the registered Dremio application within your Okta organization.

---

clientID

body

String

The ID for the registered Dremio application with your Okta organization.

---

clientSecret

body

String

The client secret for the registered Dremio application with an Okta organization.

note

For information on how to get the client ID and client secret from the Okta organization, see Configure OIDC SSO.

Example Request

curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json' \
-d '{
     "type": "OKTA",
     "isActive": "false",
     "oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
     "clientID": "0oa15f7o8yPtoKX0D5d7",
     "clientSecret": "AA-aOAAaAAAAAaaaaaAaA1aaa2aaAaAaAAaaA3AA"
    }'

Example Response

{
    "id": "c7cfc963-a901-4c19-9d8f-630a7637063e"
}

Responses

200

Identity Provider added successfully

400

Bad input parameter

---

Retrieving Okta

Get the metadata for the Okta IdP. This is done by providing the ID that returned after initially creating the provider.

Retrieving Okta

GET /v0/identity-providers/{id}

Parameters

id

path

String

The ID of the Okta provider whose metadata you want to retrieve.

Example Request

curl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

{
  "type": "OKTA",
  "id": "c7cfc963-a901-4c19-9d8f-630a7637063e",
  "isActive": false,
  "oktaUrl": "https://dcs-4472656d696f.okta.com/oauth2/default/",
  "clientID": "0oa15f7o8yPtoKX0D5d7",
  "clientSecret": null
}

Responses

200

Identity Provider returned successfully

400

Bad input parameter

---

Activating Okta

After adding Okta as an IdP, it must be activated for an organization to begin using it. After completing this action, Okta will display as a login option for users accessing Dremio.

Activating Okta

POST /v0/identity-providers/{id}/activate

Parameters

id

path

String

The ID of the identity provider that you want to activate.

Example Request

curl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/activate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

No response

Responses

200

Identity Provider activated successfully

400

Bad input parameter

---

Deactivating Okta

Deactivate Okta as an IdP. The Okta option will no longer display at the login page as an authentication option for users to access Dremio Cloud.

Deactivating Okta

POST /v0/identity-providers/{id}/deactivate

Parameters

id

path

String

The ID of the identity provider that you want to deactivate.

Example Request

curl -X POST 'https://api.dremio.cloud/v0/identity-providers/c7cfc963-a901-4c19-9d8f-630a7637063e/deactivate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

No response

Responses

200

Identity Provider deactivated successfully

400

Bad input parameter

---

Deleting Okta

Delete the Okta IdP. All metadata associated with this IdP is deleted from Dremio Cloud.

Deleting Okta

DELETE /v0/identity-providers/{id}

Parameters

id

path

String

The ID of the identity provider that you want to delete.

Example Request

curl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'

Example Response

No response

Responses

200

Identity Provider deleted successfully

400

Bad input parameter

---