Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Okta specifications.

Creation order:

  • Scopes

  • Claims

  • Clients

...

Application Name

...

Type

...

Following the OAuth 2.0 standard, ModelOp Center requires the following Okta configurations for a successful integration:

  1. Custom scope

    1. modelop_client

  2. Applications

    1. gateway-service

    2. internal-client

    3. external-integration-client

    4. go-cli

Proposed
Application
ID

Application
Type

Client Secret Required

Grant Type

Scope

Token Claim

Redirect URIs

gateway-service

WebApp

Web

  • Authorization Code

  • Refresh

token

Note: Refresh token behavior - Use persistent token.

  • Token

  • openid

  • profile

  • email

custom_scope
  • offline_access

  • email

  • family_name

  • given_name

  • groups

https://

Sign-in redirect URIs

  • <ModelOp Center URL>/login/oauth2/code/gateway-service

Sing

Sign-out redirect URIs

:http(s)://<<ModelOp Center URL>>/

  • <ModelOp Center URL>

internal-client

API

  • Client Credentials

  • modelop_client

  • email

  • family_name

  • given_name
  • idtyp

  • external-integration-client

    WebApp -

    Native

    • Implicit

    Implicit
    • openid

    modelop_client
    • profile

    • email

  • family_name

  • given_name

  • groups
    https://
    • <ModelOp Center URL>/jupyterOauth2ImplicitGrant.html

    https://
    • <ModelOp Center URL>/modelOpWDC.html

    • https://oauth.powerbi.com/views/oauthredirect.html

    go-cli

    APImodelop_client

    Native

    Password

    • Resource Owner Password

    • Refresh Token

    • openid

    • profile

    • email

  • family_name

  • given_name

  • groups
    • offline_access

    ModelOp Center URL as a trusted origin

    For users to be redirected to ModelOp Center after login, the ModelOp Center URL has to be added as a trusted origin by following these steps:

    1. Open the Okta console

    2. Click the following tabs in the given order:

      1. Security

      2. API

      3. Trusted Origins

      4. Add origin

        1. Origin name: ModelOp Center

        2. Origin URL: <ModelOp Center URL>

        3. Choose Type:

          1. Cross-Origin Resource Sharing (CORS)

          2. Redirect

    Required User Attributes

    • Family name

    • Given name

    • User name

    • Email

    • Group(s)

    Okta Guide

    For instructions on how to create the custom modelop_client scope, please follow the Okta: How to guide.