SSO | Dashworks

The first steps should be taken within the Okta Admin Panel:

Go to Applications under Applications

On the Applications page, select Browse App Catalog

Search for Dashworks App and add it

Add an Application label and click Done

User must specify the Initiate Login URI in the sign-on settings. In most cases this will be https://apigw.dashworks.ai/v1/google/auth-url?origin=web.dashworks.ai. For on-prem deployment, please contact [email protected] for the Initiate Login URI.

Once the App is added, you will have to assign users to the app under the Assignments tab. This will enable to users to log into Dashworks app using Okta. To add users, navigate to the Assign to People option under Assign option on Assignments Page. If you already have a group you can choose the Assign to Groups option and assign the entire group.

You can add people by clicking the Assign option next to their name. After you have all the people click the Done button

Note: Make sure all the user profiles have these fields populated:

Username
First Name,
Last Name
Primary Email
Display Name.

These fields are required to create profiles in Dashworks. Below is a sample user profile with all required attributes.

Now you're ready to open the Dashworks App:

Log into Dashworks and navigate to Settings -> Security under Workspace settings. Click on Configure next to OIDC.
You will require Client ID, Client Secret, and Issuer URL

Issuer URL will be of the format https://your-company.okta.com for example https://dashworks.okta.com. You can get this from the Okta browser tab.

Also if URL has -admin suffix for example https://your-company-admin.okta.com, just remove the suffix and only use https://your-company.okta.com (https:// is required).

Fill in the Client ID, Client Secret, and Issuer URL and click Submit

On successfully applying the changes, you should see the following message:

The first steps should be taken within the Azure Portal.

Go to Azure portal > Azure Active Directory
In your Active Directory, click +Add option and then click App registration

In the app registration form, give a unique name to your application and keep the default option for Supported account types. For Redirect URI, please set Redirect type as WEB and value as https://dashworks.auth.us-west-2.amazoncognito.com/oauth2/idpresponse

Click on Register and the application will be created. Save the Client ID and Tenant ID (highlighted below) for the newly created app, this will be required in the SSO creation process on Dashworks app

On the left window, select Certificates and Secrets to create a client secret

Click on +New Client Secret and fill in the relevant details in the client secret form.

Recommended expires value is 24 months, to avoid creating the SSO registration again for 24 months. Add the secret key after filling in the details in the form.

Copy the Value of the newly created secret key, this will be required in the SSO creation process on Dashworks app

Now you're ready to open the Dashworks App:

Navigate to Settings --> Security in the navigation bar.

Input the information below and configure the SSO
Client Id: Noted in Step 4 above
Client Secret: Noted in Step 7 above
Issuer Url: https://login.microsoftonline.com/<tenant_id>/v2.0, replace <tenant_id> with your org tenant id noted in Step 4 above.
Sign out of Dashworks, then click "Sign in with SSO" to sign in with Azure AD.

Google SSO does not require additional setup. You can simply select Google as your SSO provider in the “Single sign-on” page within Dashworks.

If you have a Google Workspace you will be prompted with Google SSO both when you first create an account:

You will also be prompted to use SSO if you are logging back in after logging out: