Using the Browser Azure AD Credentials Provider

You can configure the connector to authenticate the connection using credentials obtained from the Azure AD credentials provider. To do this, you must specify information about the Azure AD service, such as the Client ID and Secret and the Tenant ID.

To configure authentication using Azure AD:

  1. Set the AuthenticationType property to BrowserAzureAD.
  2. To specify your credentials for accessing the Azure AD server, do the following:
    1. Set the UID property to the user name that you use to access the Azure AD server.
    2. Set the PWD property to the password corresponding to the user name that you provided in the previous step.
  3. Optionally, set the Preferred_Role property to the Amazon Resource Name (ARN) of the role that you want to assume when authenticated through Azure AD.
  4. Optionally, set the Duration property to the duration, in seconds, of the role session.
  5. Set the idp_tenant property to the Azure AD-provided unique ID associated with your Athena application.
  6. Set the client_id property to the Client ID to use when authenticating the connection using the Azure AD service.
  7. Optionally, set the client_secret property to the Client Secret to use when authenticating the connection using the Azure AD service.
  8. Optionally, set the timeout property to the maximum amount of time, in seconds, that the connector is to wait for the redirect URI to fetch the authorization code during Browser Azure AD authentication.

Note:

The redirect URI must be in the following format: http://localhost:portnumber/athena.

Related topics