Skip to main content

OAuth Applications

This topic describes how to configure OAuth applications to integrate third-party applications with Dremio. This allows Dremio and third-party applications to interact without exposing user login credentials. For example, an organization might use GitLab accounts to access Dremio. In the unlikely event of a Dremio data breach, the organization's login credentials would remain unaffected and protected.

Additional authentication and security measures are available in Authentication.

  • Native – Mobile, desktop, CLI, and smart device apps that run natively on their respective operating systems, such as iOS and Chrome OS.
  • Single-Page Application (SPA) – JavaScript-enabled, front-end applications that use an API, such as Angular, React, and Vue.
  • Web – Traditional web applications that utilize redirects, such as Java, PHP, and ASP.NET.

Prerequisites

Before setting up OAuth applications, ensure you have:

  • Dremio admin privileges or the CONFIGURE SECURITY privilege.
  • An OIDC-compliant Identity Provider (IDP) configured in Dremio if OAuth applications will rely on external authentication.

Add an OAuth App

To add a new OAuth application in Dremio:

  1. Click Settings on the left navigation bar and select Organization settings, then select OAuth Applications.
  2. Click Add Application in the top-right corner of the screen.
  3. Enter a value for OAuth Application Name to identify the associated service.
  4. Enter a value for Redirect URI. This value is used as the destination for return responses (tokens) after successfully authenticating a user. If there is an issue with the provided URI's format, red text will display below the field to indicate the required format.
  5. Select the desired OAuth Application Type from the dropdown menu. The type of application selected determines which authentication flow Dremio will follow. This cannot be changed after the application is added.
  6. Click Add to create the application service. A success message will appear at the top of the screen.

Upon creating the application, the dialog will refresh with a new field: Client ID. Copy this value, as it is needed to link with the third-party OAuth application. Include this string where the Client ID is required by your respective OAuth application.

Edit an OAuth App

To edit an existing OAuth application in Dremio:

  1. Click Settings on the left navigation bar and select Organization settings, then select OAuth Applications.
  2. Click the edit icon for the desired application.
  3. Make any necessary changes to the application name or redirect URI. You cannot change the Client ID or OAuth Application Type.
  4. Click Save.