Skip to main content

Configure Datawiza Cloud Management Console

About 3 min

Preview

In this section, we will show you how to create an application on the Datawiza Cloud Management Console (DCMC) and generate a pair of PROVISIONING_KEY and PROVISIONING_SECRET for this app. This key pair is used by the Datawiza Access Proxy to get the latest configurations and policies from the Datawiza Cloud Management Console.

Sign into DCMC

  1. Log into the DCMCopen in new window.

Log Into DCMC

Create New Deployment In DCMC

Welcome to the DCMC homepage! Let's get started:

  1. Click the orange button Getting started. Specify a Name and a Description, and click Next.

New deploymentNew deployment

Add Application

Configure your application with the following values:

  • Platform: WEB, API, AWS Elastic Map Reduce, or Oracle E-Business Suite
  • App Name: Demo App
  • Public Domain: http://localhost:9772
  • Listen Port: 9772
  • Upstream Servers: http://localhost:9902
  • Select Next.

Note that upstream sever is the address of the application that you want to enable SSO.

  • If you use the DAP in sidecar mode and your application is running on localhost:3001 on Mac or Windows, then set the upstream server to host.docker.internal:3001 (Docker 18.03+).
  • If your application is running on Linux, use ip addr show docker0 to get docker host IP (e.g., 172.17.0.1) and then set upstream server to 172.17.0.1:3001 (see thisopen in new window for more details).
  • If you do not have any prepared application, you can use our pre-built-in application and set upstream server to http://localhost:9902.

Create app in DCMC Azure

IdP Configuration

If you select WEB, AWS Elastic Map Reduce, or Oracle E-Business Suite as your Platform, you need to Configure IdP:

We provide four protocols for IdP: OIDC, SAML, LDAP, and OAUTH. For OIDC:

  1. Choose your Identity Provider from the drop-down menu.
  • Auth0

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Auth0. Choose Auth0 IdP

  • Azure AD

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Microsoft Azure AD. Choose Azure IdP Alternatively, you can use One Click Integration to configure the Azure. Choose Azure IdP

  • Azure AD B2C

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Microsoft Azure AD B2C. Choose Azure AD B2C IdP

  • Cognito

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Cognito. Choose Cognito IdP

  • Keycloak

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Keycloak. Choose Keycloak IdP

  • Generic OIDC

Populate the fields of the form with the keys/values obtained from your IdP. Choose Generic OIDC IdP

  • Google

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Google. Choose Google IdP

  • Google Workspace

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Google Workspace. Choose Google Workspace IdP

  • Okta

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Okta. Choose Okta IdP
Note that the Okta API Token is optional. It can be used to get more info about the user. You can see here for more details.

  • PingOne

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: PingOne. Choose PingOne IdP

For SAML:

  • Azure AD

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Microsoft Azure AD SAML. Choose SAML

  • Okta

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Okta. Choose SAML

For OAUTH:

  • Github

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Github. Choose OAUTH

  • Twitter

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Twitter. Choose OAUTH

Authorizer Configuration

If you select API as your Platform, you need to Configure Authorizer:

We support two types of API authorization: Basic Authopen in new window and JWTopen in new window

Basic Auth

For Basic Auth, we support Okta as IdP: Basic Auth

JWT

For JWT, we support Auth0, Keycloak, Microsoft Azure AD, Microsoft Azure AD B2C, and Okta: JWT

Note Down Docker Compose YAML file

After clicking the Create button, if the system passes configuration validation, you will see the screen similar to the one below. Step 1 and Step 2 are meant to help you to download our Datawiza Access Proxy image, but the most important part is step 3. In this sample YAML file, you will find a pre-created pair of PROVISIONING_KEY and PROVISIONING_SECRET. Make sure to copy or note down this YAML file, as you will need to use it later to run our Docker image using the docker-compose command. Please note that this file is specially for the Docker environment. If you are looking for Kubernetes-specific instructions, visit Deploy DAP with Kubernetes.

Obtain Provisioning Key

What is Next

Great! Now that you have learned how to create a deployment, configure an application, and set up the IdP on the Datawiza Cloud Management Console (DCMC), as well as obtained the Docker Compose file with the PROVISIONING_KEY and PROVISIONING_SECRET for Datawiza Access Proxy, you can proceed to deploy Datawiza Access Proxy. Please follow the instructions provided in the Deploy Datawiza Access Proxy guide to continue.

You can also reach us on discordDiscord
Copyright © 2023 Datawiza Technologies Inc