Understanding the User Authentication Configuration in DataHub 0.13.0

troubleshoot
1

Original Slack Thread

This message was deleted.

2

Hey there! :wave: Make sure your message includes the following information if relevant, so we can help more effectively!

  1. Which DataHub version are you using? (e.g. 0.12.0)
  2. Please post any relevant error logs on the thread!
3

0.13.0

4

Our config:

          value: "24"
        - name: AUTH_OIDC_ENABLED
          value: "true"
        - name: AUTH_OIDC_CLIENT_ID
          value: Datahub
        - name: AUTH_OIDC_CLIENT_SECRET
          valueFrom:
            secretKeyRef:
              key: sso-secret
              name: oidc-client-secret
        - name: AUTH_OIDC_DISCOVERY_URI
          value: {removed}
        - name: AUTH_OIDC_BASE_URL
          value: {removed}
        - name: AUTH_OIDC_PREFERRED_JWS_ALGORITHM
          value: RS256
        - name: AUTH_OIDC_JIT_PROVISIONING_ENABLED
          value: "true"
        - name: AUTH_OIDC_PRE_PROVISIONING_REQUIRED
          value: "false"
        - name: AUTH_OIDC_EXTRACT_GROUPS_ENABLED
          value: "true"
        - name: AUTH_OIDC_GROUPS_CLAIM
          value: groups```
5

user id token:

  "scope": "openid profile email",
  "authorization_details": [],
  "client_id": "Datahub",
  "iat": {removed},
  "jti": {removed},
  "name": "Hong, Hailey",
  "groups": "CVS-Datahub-Admin",
  "employeeID": {removed},
  "title": "DATA ENGINEER",
  "email": {removed},
  "exp": {removed}
}```
6

User with the group applied example:![attachment]({‘ID’: ‘F06UFQV9ADU’, ‘EDITABLE’: False, ‘IS_EXTERNAL’: False, ‘USER_ID’: ‘U05HUB7E31U’, ‘CREATED’: ‘2024-04-17 01:57:27+00:00’, ‘PERMALINK’: ‘Slack’, ‘EXTERNAL_TYPE’: ‘’, ‘TIMESTAMPS’: ‘2024-04-17 01:57:27+00:00’, ‘MODE’: ‘hosted’, ‘DISPLAY_AS_BOT’: False, ‘PRETTY_TYPE’: ‘PNG’, ‘NAME’: ‘Screenshot 2024-04-16 at 9.57.23 PM.png’, ‘IS_PUBLIC’: True, ‘PREVIEW_HIGHLIGHT’: None, ‘MIMETYPE’: ‘image/png’, ‘PERMALINK_PUBLIC’: ‘https://slack-files.com/TUMKD5EGJ-F06UFQV9ADU-0b870766d4’, ‘FILETYPE’: ‘png’, ‘EDIT_LINK’: None, ‘URL_PRIVATE’: ‘Slack’, ‘HAS_RICH_PREVIEW’: False, ‘TITLE’: ‘Screenshot 2024-04-16 at 9.57.23 PM.png’, ‘IS_STARRED’: False, ‘PREVIEW_IS_TRUNCATED’: None, ‘URL_PRIVATE_DOWNLOAD’: ‘Slack’, ‘PREVIEW’: None, ‘PUBLIC_URL_SHARED’: False, ‘MESSAGE_TS’: ‘1713319074.201649’, ‘PARENT_MESSAGE_TS’: ‘1713318903.699559’, ‘MESSAGE_CHANNEL_ID’: ‘C029A3M079U’, ‘_FIVETRAN_DELETED’: True, ‘LINES_MORE’: None, ‘LINES’: None, ‘SIZE’: 62470, ‘_FIVETRAN_SYNCED’: ‘2024-04-18 12:57:48.775000+00:00’})

7

User with no group example (Both users belong to the same group and both id tokens include the identical group claim):![attachment]({‘ID’: ‘F06U7T5R5HV’, ‘EDITABLE’: False, ‘IS_EXTERNAL’: False, ‘USER_ID’: ‘U05HUB7E31U’, ‘CREATED’: ‘2024-04-17 01:58:31+00:00’, ‘PERMALINK’: ‘Slack’, ‘EXTERNAL_TYPE’: ‘’, ‘TIMESTAMPS’: ‘2024-04-17 01:58:31+00:00’, ‘MODE’: ‘hosted’, ‘DISPLAY_AS_BOT’: False, ‘PRETTY_TYPE’: ‘PNG’, ‘NAME’: ‘Screenshot 2024-04-16 at 9.58.26 PM.png’, ‘IS_PUBLIC’: True, ‘PREVIEW_HIGHLIGHT’: None, ‘MIMETYPE’: ‘image/png’, ‘PERMALINK_PUBLIC’: ‘https://slack-files.com/TUMKD5EGJ-F06U7T5R5HV-73789a15f5’, ‘FILETYPE’: ‘png’, ‘EDIT_LINK’: None, ‘URL_PRIVATE’: ‘Slack’, ‘HAS_RICH_PREVIEW’: False, ‘TITLE’: ‘Screenshot 2024-04-16 at 9.58.26 PM.png’, ‘IS_STARRED’: False, ‘PREVIEW_IS_TRUNCATED’: None, ‘URL_PRIVATE_DOWNLOAD’: ‘Slack’, ‘PREVIEW’: None, ‘PUBLIC_URL_SHARED’: False, ‘MESSAGE_TS’: ‘1713319164.291379’, ‘PARENT_MESSAGE_TS’: ‘1713318903.699559’, ‘MESSAGE_CHANNEL_ID’: ‘C029A3M079U’, ‘_FIVETRAN_DELETED’: True, ‘LINES_MORE’: None, ‘LINES’: None, ‘SIZE’: 61186, ‘_FIVETRAN_SYNCED’: ‘2024-04-18 12:57:48.803000+00:00’})