Versions Compared

Old Version 3

changes.mady.by.user Miguel Rosas

Saved on

compared with

New Version Current

changes.mady.by.user Parker Mauney

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Creation order:

  • Scopes

  • Claims

  • Clients

...

Application Name

...

Type

...

Following the OAuth 2.0 standard, ModelOp Center requires the following Okta configurations for a successful integration:

  1. Custom scope

    1. modelop_client

  2. Applications

    1. gateway-service

    2. internal-client

    3. external-integration-client

    4. go-cli

Proposed
Application
ID

Application
Type

Client Secret Required

Grant Type

Scope

Token Claim

Redirect URIs

gateway-service

WebApp

(C2B)

Web

  • Authorization Code

  • Refresh

token

Note: Refresh token behavior - Use persistent token.

  • Token

  • openid

  • profile

  • email

custom_scope

  • offline_access

  • email

  • family_name

  • given_name

  • groups

https://

Sign-in redirect URIs

  • <ModelOp Center URL>/login/oauth2/code/gateway-service

Sing

Sign-out redirect URIs

:http(s)://<<ModelOp Center URL>>/

  • <ModelOp Center URL>

internal-client

API

(B2B)

 

  • Client Credentials

  • modelop_client

  • email

  • family_name

  • given_name

  • idtyp

 

external-integration-client
(C2B)

WebApp -

Native

 

  • Implicit

modelop_client

  • Authorization Code (PKCE)

  • Refresh Token

  • openid

  • profile

  • email

  • family_name

  • given_name

  • groups

    • https://

    • offline_access

    • <ModelOp Center URL>/jupyterOauth2ImplicitGrant.html

    https://

    • <ModelOp Center URL>/modelOpWDC.html

    • https://oauth.powerbi.com/views/oauthredirect.html

    go-cli

    API

    (C2B)

    Native

    • Resource Owner Password

    modelop_client

    • Refresh Token

    • openid

    • profile

    • email

  • family_name

  • given_name

    • groups

    • offline_access

     

    ModelOp Center URL as a trusted origin

    For users to be redirected to ModelOp Center after login, the ModelOp Center URL has to be added as a trusted origin by following these steps:

    1. Open the Okta console

    2. Click the following tabs in the given order:

      1. Security

      2. API

      3. Trusted Origins

      4. Add origin

        1. Origin name: ModelOp Center

        2. Origin URL: <ModelOp Center URL>

        3. Choose Type:

          1. Cross-Origin Resource Sharing (CORS)

          2. Redirect

    Required User Attributes

    • Family name

    • Given name

    • User name

    • Email

    • Group(s)

    Okta Guide

    For instructions on how to create the custom modelop_client scope, please follow the Okta: How-to guide.