Single Sign On (SSO) on Dataiku Cloud¶
Single sign-on (SSO) can be activated on Dataiku Cloud to enable your users to authenticate using your SAML 2.0-compliant organization’s identity provider (IdP).
Reference | Supported identity providers for SSO¶
Dataiku Cloud has been tested with the following identity providers:
Okta
Azure Azure Directory
Microsoft AD FS
Ping
How-to | Activate Single Sign-on (SSO)¶
Single Sign-on (SSO) can be activated upon request by the support team for eligible subscriptions with the information detailed below.
To do so, you will need to:
Create an application in your identity provider to connect with our service.
Then send us the information so our team can set it up.
Create a Dataiku Cloud application in your identity provider¶
First, you need to create a Dataiku Cloud application in your identity provider. Please check the documentation of your identity provider. To do so you will need to provide the following information:
Single sign on URL:
https://sso.dataiku.com/login/callback
Audience URI:
urn:auth0:dataiku:dataiku_space_id
Note
You need to replace
dataiku_space_id
by your space ID that can be found in the Settings panel of your Launchpad.Map the following value to the relevant attribute in your identity provider or fixed value:
given_name
to the attribute representing the user’s first name.family_name
to the attribute representing the user’s last name.user_id
to the attribute representing the user’s email address in lowercase.email
to the attribute representing the user’s email address in lowercase.email_verified
set to the value “true”.
Warning
Avoid mapping any additional attributes or adding namespaces for these attributes.
To send to lowercase, use
toLowercase(attribute)
in Azure AD andString.toLowerCase(attribute)
in Okta. If you are utilizing different Identity Providers (IdPs), please refer to their respective documentation.
Contact us with the correct information¶
You will need to gather the following information:
The single-sign-on (SSO) URL for your identity provider
The x.509 certificate
Or your identity provider Metadata link
The email domain you wish to use with SAML
The space id
Please send this information on support chat on Dataiku Cloud or mail to support-dataikucloud -at- dataiku -dot- com to get the SSO activated on your subscription. We will get back to you when the setup is ready or if we need additional information.