SSO Properties

Additional properties required to connect to the identity provider in a semicolon-separated list.

Data Type

string

Default Value

Remarks

Additional properties required to connect to the identity provider in a semicolon-separated list. SSOProperties is used in conjunction with the the AWSRoleARN and RSBAmazonAthena_p_AWSPrincipalArn. The following section provides an example using the OKTA identity provider.

ADFS

The following SSOProperties are needed to authenticate to ADFS:

IdProvider: Set this to ADFS.
IdPSystemUserName: Set this to an IdP user if authentication is to be used for the IdP endpoint.
IdPSystemPassword: Set this to the password of the IdP if authentication is to be used for the IdP endpoint.
IdpUrl: Set this to the ADFS url.

Below is an example connection string:

AWSRegion=Ireland; Database=sampledb; AWSAccessKey=' '; AWSSecretKey=' '; SSOProperties='IdProvider=ADFS; IDPSystemUsername=user@cdata.com; IdPSystemPassword=CH8WerW121235647iCa6; IdpUrl=https://adfs.domain.com'; AWSRoleArn=arn:aws:iam::1234:role/ADFS_SSO; AWSPrincipalArn=arn:aws:iam::1234:saml-provider/ADFSProvider; S3StagingDirectory=s3://athena/staging;

OKTA

The following SSOProperties are needed to authenticate to OKTA:

IdProvider: Set this to OKTA.
IdPSystemUserName: Set this to an IdP user if authentication is to be used for the IdP endpoint.
IdPSystemPassword: Set this to the password of the IdP if authentication is to be used for the IdP endpoint.
OktaDomain: Set this to the specific domain you are using in OKTA.
OktaAppEmbedLink: Set this to the specific EMBED LINK of your Amazon Web Services OKTA app in the GENERAL tab.
OktaApiToken: Set this to one of the API tokens in your OKTA account.