Create An Application in Azure Active Directory.#
This example uses Azure Active Directory as the identity provider, but the same can be done with any identity provider supporting OAuth2.
Configure your identity provider.#
To use OAuth2 in hopsworks you first need to create and configure an OAuth client in your identity provider. We will take the example of Azure AD for the remaining of this documentation, but equivalent steps can be taken on other identity providers.
Navigate to the Microsoft Azure Portal and authenticate. Navigate to Azure Active Directory. Click on App Registrations. Click on New Registration.
Enter a name for the client such as hopsworks_oauth_client. Verify the Supported account type is set to Accounts in this organizational directory only. And Click Register.
In the Overview section, copy the Application (client) ID field. We will use it in Identity Provider registration under the name Client id.
Click on Endpoints and copy the OpenId Connect metadata document endpoint excluding the .well-known/openid-configuration part. We will use it in Identity Provider registration under the name Connection URL.
Click on Certificates & secrets, then Click on New client secret.
Add a description of the secret. Select an expiration period. And, Click Add.
Copy the secret. This will be used in Identity Provider registration under the name Client Secret.
Click on Authentication. Then click on Add a platform
In Configure platforms click on Web.
Enter the Redirect URI and click on Configure. The redirect URI is HOPSWORKS-URI/callback with HOPSWORKS-URI the URI of your hopsworks cluster.
Note
If your hopsworks cluster is created on the cloud (hopsworks.ai), you can find your HOPSWORKS-URI by going to the hopsworks.ai dashboard in the General tab of your cluster and copying the URI.