►
Description
John Joyce (Acryl Data) provides an update on user and group management during the DataHub Community Town Hall on August 27, 2021.
Recent developments focus on:
- New user ingestion sources! Okta & Azure AD Batch
- Just-in-Time User & Group Provisioning with OIDC - when users log in, we will automatically provision an account if they do not already have one
- Within the UI, Groups are now searchable and Group Members appear on the Groups Page
A
John
here
I'm
just
going
to
give
a
quick
update
on
users
and
groups
management
in
data
hub.
So
let
me
just
present
my
screen
here.
A
So
we've
had
some
recent
developments
on
the
ingesting
users
and
groups
front.
So
this
is
something
we've
actually
gotten
quite
a
few
questions
about
recently,
so
we're
putting
some
effort
into
making
sure
our
guidance
is
is
clear
around
how
to
ingest
your
users,
as
well
as
your
groups,
into
datahub's
platform
on
the
recent
developments.
A
So
I
just
want
to
quickly
give
an
overview
at
a
high
level
of
like
user
and
group
management
and
data
hub,
there's
kind
of
two
paths
to
seeding
users
and
groups
into
into
data
hub.
The
first
is
what
we
call
proactive,
which
is
basically
your
batch
ingesting
users
and
groups
from
some
third-party
system,
some
external
system
like
octa
or
ad,
and
we
actually
now
provide
the
ability
to
validate
that
that
user
has
already
been
sort
of
ingested
at
login
time.
A
So,
basically,
you
can
go
into
octa
and
maybe
only
ingest
20
users
that
you
want
to
use
as
your
beta
users
and
when
they
log
in
they
will
either
be
allowed
or
denied
based
on,
if
they're
already
in
the
system.
So
that's
kind
of
the
proactive
approach
and
then
the
reactive
approach
is
what
I
just
talked
about.
It's
just
in
time.
Ingestion
at
login
time
over
oidc,
and
actually
both
of
these
today
do
require
open
id
connect
for
that
authentication
piece
if
you'll
hit
next
srishanka.
A
So
if,
if
this
doesn't
work
for
your
organization,
I.e,
you're
using
saml
or
ldap
would
work
better.
Something
else.
Please
do.
Let
us
know
we're
always
trying
to
get
feedback
about
this
particular
thing,
because
it's
a
it's
a
domain,
that's
kind
of
different
between
a
lot
of
organizations
and
we
do
it
one
way
we
use
oidc,
but
everyone
does
it
a
slightly
different
way.
So
we
definitely
want
feedback
to
understand
if
there's
a
better
way
to
to
kind
of
pull
in
your
organization's
users
and
groups
into
data
hub
and
seed
them.
A
Okay,
next
slide.
So
what's
on
the
horizon,
well
we'd
actually
like
to
add
sort
of
an
admin
console
in
the
ui
that
allows
you
to
manage
users
and
groups.
So
do
things
like
creating
new
groups
through
the
ui,
removing
groups
that
you
may
have
ingested
or
may
have
been
provisioned
and
then
manage
group
membership
so
actually
be
able
to
add.
You
know:
users
to
groups,
remove
users
from
groups
and
then
finally
we'd
like
kind
of
fine-grained
user
state
management,
the
ability
to
kind
of
activate
and
deactivate.
B
A
A
B
Awesome
so,
as
usual,
we
have
a
lot
of
integration
improvements
pretty
much
across
the
board.
A
few
call
outs
would
be
redash,
we'll
talk
about
that.
Later.
Kafka
connect,
we've
added
support
for
jdbc
sources
as
well,
not
just
the
bayesian
one
that
was
there
before
and
for
mongodb.
We
added
some
small
tweaks
to
handle
really
large
schemas
that
were
coming
out
of
the
schema
inference
system.
So
now
you
know,
data
hub
is
not
going
to
crash
on
you.
If
you
have
13
000
the
fields
in
your
schema,
like
some
people,
do
all
right.
B
Moving
on
on
the
developer
track,
we
are
going
to
talk
about
performance
metrics,
I'm
not
going
to
discuss
that
too
much
here,
we've
added
a
lot
of
improved
documentation
for
injection
sources.
So
if
you
go
check
out
our
injection
docs,
our
source
docs,
are
much
improved
thanks
to
john
and
kevin
for
doing
that,
and
so
as
new
sources
come
on
board,
we
have
a
pretty
nice
way
of
adding
them
to
their
documentation.
Now.