OpenID Connect
This section includes a general guide for configuring an OpenID provider and guides for specific OpenID providers in Immuta. The getting started section below provides best practices for setup and configuration.
Getting started with OpenID Connect
Start by creating a few initial subscription and data policies so that you know the user metadata you will need from your IAM. For example, will user attributes be used to author policies, or will groups also be needed? The subscription and data policies below illustrate the need for both groups and attributes to be imported from the IAM to enforce appropriate access controls:
Subscription policy: Allow all users in the
Marketing
group to access data sources taggedMarketing
.Data policy: Mask all columns tagged
Location
except for users with the attributeAccessLevel.Gold
.
Validate that your provider is supported by Immuta and supports SCIM. If your provider is not listed or does not support SCIM, reach out to your Immuta representative for guidance.
Configure your OpenID provider in Immuta with SCIM enabled. Guides for specific providers are linked below.
Next steps
Once your IAM is configured, complete one of the following tasks:
Last updated