Skip to main content
Skip table of contents

Configure OTDS to act as an OAuth system

This article documents how to configure OTDS to act as an OAuth system for OpenSearch and OpenSearch Dashboards.

📘 OTDS Configuration

  1. Navigate to the OTDS admin page <otds url>/otds-admin
    (e.g. https://lab-opensearch-01.lab.shinydocs.local:8443/otds-admin)

  2. Navigate to OAuth Clients in the left sidebar.

  3. Click the Add button to add a new OAuth client.

  4. Provide the following details on the add page.

    1. Client ID: This is the unique ID of the OAuth client, you will need this value later to configure opensearch dashboards.

    2. Description: fill in a description of what this OAuth client’s purpose

    3. Confidential: check this checkbox, this will generate a client secret to be used with OpenSearch Dashboards.

    4. Sign out URL: can be left blank

    5. Sign out Method: can be left blank.

  5. Click Next to go to the next section and provide the following details

    1. User Partition: Select one of the radio buttons, Global or User Partition. Global means that all users in OTDS would be able to authenticate with this OAuth client, User Partition means that it would be restricted to only users in the specified partition

  6. Click the Next button to go to the Advanced section.

    1. Grant refresh token (when protocol permits): unchecked

    2. Use session lifetime as refresh token lifetime: unchecked

    3. Access token lifetime (seconds): how long should the access token be valid, 3600 seconds - 1 hour

    4. Refresh token lifetime (seconds): can be left blank

    5. Permissible scopes: add the value openid to the list

    6. Default scopes: add the value openid to the list

  7. Click the Next button to go to the Redirect Urls section.

    1. Click the Add button to add a redirect url, the url should be the base url to opensearch dashboards
      (e.g. https://lab-opensearch-01.lab.shinydocs.local:5601). Note, if it is not just the base url, there may be problems logging out of OpenSearch Dashboards.

  8. Click the Next button to go to the Custom Attributes section.

    1. This can be left blank.

  9. Click the Save button to save the OAuth client.

    1. Upon save, a Secret Key will be displayed on the screen. Save this value, it will be needed when setting up OpenSearch Dashboards. It will not be displayed again, so make sure you get a copy of it.

  10. 🥳 Congratulations, you are done configuring OTDS as an OAuth system.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close