Linking Talend Identity and Access Management with Talend Data Authoring for MDM - 7.3

Talend Installation Guide for Linux

Version
7.3
Language
English
EnrichDitaval
Linux
EnrichSubscriptionType
Subscription
Product
Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Module
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend Data Preparation
Talend Data Stewardship
Talend DQ Portal
Talend ESB
Talend Identity and Access Management
Talend Installer
Talend JobServer
Talend LogServer
Talend MDM Server
Talend MDM Web UI
Talend Repository Manager
Talend Runtime
Talend SAP RFC Server
Talend Studio
Content
Installation and Upgrade
Available in...

Data Fabric

MDM Platform

If you have installed Talend Identity and Access Management manually, you need to create an OIDC client in order to link Talend Identity and Access Management with Talend Data Authoring for MDM. Note that this operation is automatically done if you install Talend Identity and Access Management using Talend Installer.

Procedure

  1. Stop Talend Identity and Access Management and Talend Data Authoring for MDM if they have been already started.
  2. Go to iam-A.B.C/apache-tomcat-x.x.xx/clients.
  3. Create a mdm-da-client.json file.
  4. Paste the following content:
    {
    "post_logout_redirect_uris" : [ "http://my-machine:8180", "http://localhost:8180", "http://127.0.0.1:8180" ],
    "grant_types" : [ "authorization_code", "refresh_token", "password" ],
    "scope" : "openid refreshToken",
    "client_secret" : "L7QGABLpJ2jAoa0i2QmCfLBHm0N3T3pEFCEtyU6Q6YE=",
    "redirect_uris" : [ "http://my-machine:8180/login", "http://localhost:8180/login", "http://127.0.0.1:8180/login" ],
    "backchannel_logout_uri" : "http://localhost:8180/logout-op",
    "client_name" : "MDM DA OIDC Gateway",
    "client_id" : "JpL3iigU6mfd6A"
    }
  5. Adapt the parameters to your needs:
    Parameter Description
    post_logout_redirect_uris URI to which the user is redirected after logging out.

    If Talend Identity and Access Management and Talend Data Authoring for MDM are located on the same machine, be sure to put the name of the machine in addition to localhost and 127.0.0.1 as shown in the example.

    grant_types The OAuth specification has different grant types. These authorizations allow the client application to obtain an access token. This token represents the client permission to access user data. Set the grant_types to the values shown in the example.
    scope OpenID defined scopes. Set it to the value shown in the example.
    client_secret Client password.

    This parameter needs to be set to the same value as security.oauth2.client.clientSecret in the data-authoring-proxy.properties and data-authoring-gateway.properties configuration files of Talend Data Authoring for MDM.

    The client password is encrypted at first launch.

    redirect_uris URI to which the user is redirected after logging in. The /login part of the URI is mandatory.

    If Talend Identity and Access Management and Talend Data Authoring for MDM are located on the same machine, be sure to put the name of the machine in addition to localhost and 127.0.0.1 as shown in the example.

    client_name Name of the OIDC client. The MDM part of the client name (with the trailing space) is mandatory.
    client_id Identifier of the OIDC client.

    This parameter needs to be set to the same value as security.oauth2.client.clientId in the data-authoring-proxy.properties and data-authoring-gateway.properties configuration files of Talend Data Authoring for MDM.

  6. Start Talend Identity and Access Management and Talend Data Authoring for MDM.