Using Okta Service

You can configure the connector to authenticate your connection through IAM authentication using the credentials stored in Okta.

To configure IAM authentication using Okta:

  1. Set the UID property to the user name associated with your Okta account.
  2. Set the PWD property to the password associated with your Okta user name. If you are using a profile, this may be optional.
  3. Set the IAM property to 1.
  4. Set the plugin_name property to okta.
  5. If the ID and region of the Redshift server cluster are not already provided through the Server property, then do the following:
    1. Set the ClusterID property to the ID for the Redshift server cluster.
    2. Set the Region property to the region for the Redshift server cluster.
  6. Set the DbUser property to the ID that you want to designate to the Redshift user.
  7. If the ID you specified for the DbUser property does not already exist in your Redshift account, you must create it:
    1. Set the AutoCreate property to 1.
    2. Set the DbGroups property to the names of any user groups that you want the new DbUser to be added to, separated by commas.
    3. Optionally, to lowercase all DbGroups that are received from the identity provider, select the Force Lowercase check box.
  8. Optionally, set the EndpointUrl property to the endpoint used to retrieve the Redshift cluster's credentials.
  9. Optionally, set the StsEndpointUrl property to the endpoint used to communicate with the AWS Security Token Service (AWS STS).
  10. Optionally, set the VPCEndpointUrl property to the endpoint used to communicate with the Redshift cluster.
  11. Optionally, set the AuthProfile property to the authentication profile you want to use to manage the connection settings, then do the following: 
    1. Set the AccessKeyID property to your Redshift access key ID.
    2. Set the SecretAccessKey property to your Redshift secret key.
  12. Set the IdP_Host property to the address of the service host.
  13. Set the Preferred_Role property to the name or ID for the IAM role that you want the user to assume when logged in to Redshift.
  14. Set the App_ID property to the Okta-supplied ID associated with your Redshift application.
  15. Optionally, set the App_Name property to the name of your Okta application.