OAuth 2.0 is an industry-standard protocol for authorization between systems. In Trifacta® Self-Managed Enterprise Edition, it is implemented as a security protocol for access to data sources and publishing destinations. Trifacta adminstrators can enable users of the product to connect to specified third-party systems through an OAuth 2.0 client app that you create in the system, using an OAuth 2.0 client reference that is created in the Trifacta application.
When enabled and configured, the Trifacta application uses the OAuth 2.0 client to create a secure token, which is used to authenticate to the third-party system.Internally, the Trifacta platform leverages the secure token service to manage the creation and use of these secure tokens. For OAuth 2.0, this service uses a backing database for storing tokens.Requirements:
- OAuth 2.0 client app: In the target system, you must create an object called a client app, which provides an authentication interface into the system for external connections.
- You must create one client app for each external system to which you are enabling connectivity.
- OAuth 2.0 client: In the Trifacta application, you must create at least one configuration object for each client app that you have created.
- Enable the creation of OAuth 2.0 clients in the Trifacta application.
- Enable the secure token service, which is used to manage the secure tokens of the Trifacta application.
- Install and configure the database used by the secure token service. Installation should happen automatically as part of the normal install or upgrade process.
Details on these requirements are listed below.
Enable OAuth 2.0 client creation
The ability to create OAuth 2.0 clients in the Trifacta application must be enabled. Please verify the following configuration.
- You can apply this change through the Admin Settings Page (recommended) or
trifacta-conf.json. For more information, see Platform Configuration Methods.
Please locate the following setting and set it to
Save your changes.
Enable Secure Token Service
OAuth 2.0 requires the use of the secure token service for managing the authentication tokens. For more information, see Configure Secure Token Service.
Install Secure Token Database
The secure token service database is installed as part of normal database install or upgrade operations. For more information, see Install Databases.
Create OAuth 2.0 App
For each target system, you must create an OAuth 2.0 app in the system, which provides an external interface for Trifacta Self-Managed Enterprise Edition.
NOTE: The requirements for creating an OAuth 2.0 app depend on the system. Some example setups are available below. For more information, please see the documentation provided with your target system.
Create OAuth 2.0 Client
Through the Trifacta application, you must create an OAuth 2.0 client that connects to the OAuth 2.0 app that you have created.
- In the Admin console, select OAuth 2.0 Clients. For more information, see OAuth 2.0 Clients Page.
- For more information on creating a client, see Create OAuth2 Client.
Authenticate OAuth 2.0 Connections
When you create a connection that uses OAuth 2.0, the specified connection must be authorized to be given access to the datastore. In the Create Connection window, click Authenticate.
NOTE: If you modify a connection or the tokens generated under the previous authorization have expired, you must re-authenticate the connection. Edit the connection and click Re-authenticate.
This page has no comments.