This guide is applicable to Dagster Cloud.
In this guide, you'll configure OneLogin to use single sign-on (SSO) with your Dagster Cloud organization.
To complete the steps in this guide, you'll need:
Sign into your OneLogin portal.
Navigate to Administration > Applications.
On the Applications page, click Add App.
On the Find Applications page, search for
Add and save the application.
In OneLogin, open the application and navigate to its Configuration.
In the Dagster Cloud organisation name field, enter your Dagster Cloud organization name. This is used to route the SAML response to the correct Dagster Cloud subdomain.
In the following example, the organization name is
hooli and our Dagster Cloud domain is
https://hooli.dagster.cloud. To configure this correctly, we'd enter
hooli into the Subdomain field:
When finished, click Done.
Next, you'll save and upload the application's SAML metadata to Dagster Cloud. This will enable single sign-on.
In OneLogin, open the Dagster Cloud application.
Navigate to More Actions > SAML Metadata.
When prompted, save the file to your computer.
After you've downloaded the SAML metadata file, upload it to Dagster Cloud using the
dagster-cloud organization settings saml upload-identity-provider-metadata <path/to/metadata> \ --api-token=<user_token> \ --url https://<organization_name>.dagster.cloud
Next, you'll assign users to the Dagster Cloud application in OneLogin. This will allow them to log in using their OneLogin credentials with the sign in flow is initiated.
In Okta, navigate to Users.
Select a user.
On the user's page, click Applications.
Assign the user to Dagster Cloud. In the following image, we've assigned user
Test D'Test to Dagster Cloud:
Click Save User.
Repeat steps 2-6 for every user you want to access Dagster Cloud.
Lastly, you'll test your SSO configuration:
Navigate to your Dagster Cloud sign in page at
Click the Sign in with SSO button.
Initiate the login flow and address issues that arise, if any.
In the OneLogin portal, click the Dagster Cloud icon:
If successful, you'll be automatically signed into your Dagster Cloud organization.