Create An Application in Azure Active Directory.#
This example uses Azure Active Directory as the identity provider, but the same can be done with any identity provider supporting OAuth2 OpenID Connect protocol.
Step 1: Register Hopsworks as an application in your identity provider#
To use OAuth2 in Hopsworks you first need to create and configure an OAuth client in your identity provider. We will take the example of Azure AD for the remaining of this documentation, but equivalent steps can be taken on other identity providers.
Enter a name for the client such as hopsworks_oauth_client. Verify the Supported account type is set to Accounts in this organizational directory only. And Click Register.
Step 2: Get the nessary fields for client registration#
In the Overview section, copy the Application (client) ID field. We will use it in Identity Provider registration under the name Client id.
Click on Endpoints and copy the OpenId Connect metadata document endpoint excluding the .well-known/openid-configuration part. We will use it in Identity Provider registration under the name Connection URL.
Click on Certificates & secrets, then Click on New client secret.
Add a description of the secret. Select an expiration period. And, Click Add.
Copy the secret. This will be used in Identity Provider registration under the name Client Secret.
Click on Authentication. Then click on Add a platform
In Configure platforms click on Web.
Enter the Redirect URI and click on Configure. The redirect URI is HOPSWORKS-URI/callback with HOPSWORKS-URI the URI of your Hopsworks cluster.
If your Hopsworks cluster is created on the cloud (managed.hopsworks.ai), you can find your HOPSWORKS-URI by going to the managed.hopsworks.ai dashboard in the General tab of your cluster and copying the URI.
In this guide you learned how to create a client in your Azure identity provider and acquire a client id and a client secret.