kPow.IO
kPow.IO
The Ultimate Engineering Toolkit for Apache Kafka®
kPow User Guide
About
Introduction
Our Team
System Requirements
Trials and Licenses
Releases
Support
Installation
Quick Start
Configuration
Environment Variable Glossary
Kafka Cluster
Schema Registry
Kafka Connect
Multi-Cluster Management
User Authentication
Overview
LdapLoginModule
PropertyFileLoginModule
JDBCLoginModule
OpenID/OAuth 2.0
SAML
Okta integration
AWS SSO integration
Azure AD integration
User Authorization
Overview
Simple Access Control
Role Based Access Control
Features
Data Governance
Data Policies
HTTPS Connections
Live Mode
Data Inspect
Prometheus Integration
Slack Integration
Powered by GitBook

SAML

Integration guides for SAML and OpenID

kPow can integrate with your SAML IdP of choice.

We have integration guides for common providers:

Generic configuration

  • AUTH_PROVIDER_TYPE=saml

  • SAML_RELYING_PARTY_IDENTIFIER= the Audience URI (SP Entity ID)

  • SAML_ACS_URL= the Single sign-on URL, e.g.

    https://kpow.corp.com/saml

  • SAML_METADATA_FILE= the path to the IDP metadata file, e.g.

    /var/saml/saml-idp-metadata.xml

  • SAML_CERT= the path to the SAML certificate. Note: This is optional, as it is most commonly bundled inside the IDP metdata XML

    /var/saml/saml-cert.pem

Debugging SAML

Start kPow with the environment variable DEBUG_SAML=true to debug SAML configurations.

This will log the SAMLResponse payload from your IdP. You can use a tool like samltool.com to inspect and verify your IdP is correctly forwarding your configured claims/attributes.

kPow provides an endpoint for inspecting the state of the currently authenticated user. kpow_host/me returns a JSON payload like:

{"provider": "saml", 
 "email": "[email protected]",
 "name": "User",
 "roles": ["admin"]}
Previous
Okta
Next
Okta integration
Last updated 2 months ago
Contents
Generic configuration
Debugging SAML