Skip to main content

Setting Up SAML with Just-In-Time (JIT) Provisioning for data.world

Single Sign On (SSO) is available as an authentication method for all Enterprise installations. data.world supports SSO with providers that uses SAML 2.0 protocol, such as Okta, Google, or Azure, etc.

Once SSO is configured, all members of the organization will use SSO to login to the platform.

Important

The SSO configuration is done in collaboration with the data.world support team.

Just In Time (JIT) account provisioning

By default all installations are setup with Just In Time (JIT) account provisioning. This means that once SSO is enabled, users automatically get created in data.world at the time of login, as long as the SSO provider administrator has added the data.world app to the user profile in the SSO provider administration tool.

Steps for private instance and single-tenant installations

Table 1.

Done by

Task

data.world

  • As part of onboarding, the data.world team initiates the process and share the first set of configuration details you need to complete SSO configuration on your side.

  • data.world team also shares a list of organization where users will get automatically provisioned once SSO is all set up.

Customer

  • Using the configuration details shared by the data.world support team, complete the configuration in your SSO provider administration space.

  • At the end of completing your task share the XML file generated from the SSO provider with data.world.

Customer

  • Review the list shared by data.world of organization where users will get automatically provisioned and confirm with data.world if you need anything adjusted.

data.world

  • Using the XML file you shared with data.world, the support team completes the configuration on their side.

Customer

  • In your SSO system, assign the data.world app to the users who need to login to data.world.

Customer

  • Share the login URL with your users to use data.world. Optionally, add the data.world access link to the launch page from where your users access other application.

Customer

  • Once the users access the link for the first time, they are automatically provisioned in data.world.

Customer

  • Optionally, go the Members tab of the Organization profile page to further adjust the user permissions in data.world.

Customer

  • Want users automatically added to other organizations in your deployment? Notify data.world so that they can adjust the SSO configuration on their side.