GitHub user dosubot[bot] added a comment to the discussion: How to enable SSO login using microsoft azure, having xml file of metadata, deploying using Helmchart
<!-- Answer --> I found a similar unsolved discussion regarding SAML Integration in Apache Superset, which might be relevant to your query. You can check it out [here](https://github.com/apache/superset/discussions/32786) <sup>[[1]](https://github.com/apache/superset/discussions/32786)</sup>. For enabling SSO with Microsoft Azure in Apache Superset, you can follow these steps: 1. **Install the AuthLib package**: This is necessary for handling OAuth authentication. 2. **Configure OAuth settings**: Update your Superset configuration file with the necessary OAuth settings. Here's an example configuration: ```python from flask_appbuilder.security.manager import AUTH_OAUTH AUTH_TYPE = AUTH_OAUTH AUTH_USER_REGISTRATION = True AUTH_USER_REGISTRATION_ROLE = 'Public' OAUTH_PROVIDERS = [{ 'name': 'azure', 'token_key': 'access_token', 'icon': 'fa-windows', 'remote_app': { 'client_id': 'your_client_id', 'client_secret': 'your_client_secret', 'api_base_url': 'https://login.microsoftonline.com/your_tenant_id/oauth2', 'access_token_url': 'https://login.microsoftonline.com/your_tenant_id/oauth2/token', 'authorize_url': 'https://login.microsoftonline.com/your_tenant_id/oauth2/authorize', 'client_kwargs': { 'scope': 'openid email name profile User.Read GroupMember.Read.All upn' } } }] AUTH_ROLES_MAPPING = { 'Gamma': ['Gamma'], 'Admin': ['Admin'] } ``` 3. **Custom Security Manager**: Implement a custom security manager to handle user information retrieval. Create a file named `custom_sso_security_manager.py`: ```python def oauth_user_info(self, provider, response=None): logging.debug("Oauth2 provider: {0}.".format(provider)) if provider == 'azure': me = self.appbuilder.sm.oauth_remotes[provider].get('userDetails').data logging.debug("user_data: {0}".format(me)) return { 'name': me['name'], 'email': me['email'], 'id': me['user_name'], 'username': me['user_name'], 'first_name': '', 'last_name': '' } ``` 4. **Update `superset_config.py`**: Use the custom security manager: ```python from custom_sso_security_manager import CustomSsoSecurityManager CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager ``` Regarding the deployment using Helm charts and handling SAML metadata XML files, I couldn't find specific instructions in the repository. You might need to adapt the Helm chart values to include these configurations, but the exact steps are not documented in the available sources. <!-- Dosu Comment Footer --> *To continue talking to [Dosu](https://dosu.dev), mention @dosu.* --- <sup>Help Dosu learn! Give it feedback: [Great Response](https://app.dosu.dev/response-feedback/5c8efbef-e518-4320-b1be-7d9b11bc90d6?feedback_type=great_response) | [Irrelevant Answer](https://app.dosu.dev/response-feedback/5c8efbef-e518-4320-b1be-7d9b11bc90d6?feedback_type=irrelevant_answer) | [Incorrect Sources](https://app.dosu.dev/response-feedback/5c8efbef-e518-4320-b1be-7d9b11bc90d6?feedback_type=incorrect_sources) | [Too Verbose](https://app.dosu.dev/response-feedback/5c8efbef-e518-4320-b1be-7d9b11bc90d6?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/5c8efbef-e518-4320-b1be-7d9b11bc90d6?feedback_type=hallucination) | [Bug Report](https://app.dosu.dev/response-feedback/5c8efbef-e518-4320-b1be-7d9b11bc90d6?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/5c8efbef-e518-4320-b1be-7d9b11bc90d6?feedback_type=other)</sup> GitHub link: https://github.com/apache/superset/discussions/32787#discussioncomment-12574065 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
