93 docs tagged with "authentication"

Learn about add impact analysis in github.

Learn about add impact analysis in gitlab.

Choose between OAuth clients and API tokens for programmatic access to Atlan APIs

Use long-lived API tokens for simple, backwards-compatible programmatic access to Atlan APIs

How the Atlan MCP server handles authentication, authorization, data handling, tool controls, logging, and network security—with no shared state between tenants and no data sent to LLMs.

Token, user identity, and page in ATLAN_AUTH_CONTEXT (for example, asset GUID in page.params).

Sign in with your own SSO credentials to query data in Insights and preview sample data on asset profiles. Supported for Snowflake, Databricks, Amazon Redshift, and Google BigQuery.

Understand how Self-Deployed Runtime authentication works and why it protects your enterprise infrastructure.

Source system connectivity and metadata operations including credential validation, metadata retrieval, and preflight checks.

Configure ADFS authentication for Amazon Redshift connections using ADFS (Active Directory Federation Services) as the identity provider.

Set how long an Atlan session stays valid before it expires. Configure idle timeout, max timeout, and Remember Me settings for all users in the workspace.

Extract metadata from Hive to catalog databases, tables, views, and columns. Extract lineage and asset information after configuring user permissions.

Configure and run PostgreSQL metadata extraction workflows to catalog databases, schemas, tables, views, and columns in Atlan.

Once you have configured the [AWS Lambda permissions](/product/integrations/automation/aws-lambda/how-tos/set-up-aws-lambda), you can run an AWS Lambda function.

Troubleshoot timeout, iframe loading, and 401 errors when your app is embedded in Atlan.

Atlan supports [Snowflake OAuth-based authentication](https://docs.snowflake.com/user-guide/oauth-snowflake-overview) for [Snowflake](/apps/connectors/data-ware.

You will need to [create a client application in Okta](https://help.okta.com/en-us/Content/Topics/Apps/Apps_App_Integration_Wizard_OIDC.htm) to use for [configuring the identity provider in AWS](/apps/connectors/data-warehouses/amazon-redshift/how-tos/enable-sso-for-amazon-redshift).

Credentials are used to obtain an access token from Google's authorization servers for authentication in Atlan.

Configure SAML 2.0 single sign-on between Microsoft Entra ID (Azure AD) and Atlan so your users sign in to Atlan with their existing Microsoft credentials. Exchange service provider and identity provider metadata, assign users in Entra, and optionally sync Azure AD groups to Atlan.

Configure SAML 2.0 single sign-on between Google Workspace and Atlan so your users sign in to Atlan with their Google credentials. Exchange service provider and identity provider metadata, assign users in Google Admin Center, and optionally sync Google groups to Atlan.

Configure SAML 2.0 single sign-on between JumpCloud and Atlan so your users sign in to Atlan with their JumpCloud credentials. Exchange service provider and identity provider metadata, assign user groups in JumpCloud, and optionally sync JumpCloud groups to Atlan.

Configure SAML 2.0 single sign-on between Okta and Atlan so your users sign in to Atlan with their Okta credentials. Exchange service provider and identity provider metadata, assign users in Okta, and optionally sync Okta groups to Atlan.

Configure SAML 2.0 single sign-on between OneLogin and Atlan so your users sign in to Atlan with their OneLogin credentials. Exchange service provider and identity provider metadata, assign users in OneLogin, and optionally sync OneLogin groups to Atlan.

Configure SAML 2.0 single sign-on between any SAML-compatible identity provider and Atlan so your users sign in with their existing IdP credentials. Exchange service provider and identity provider metadata, then optionally sync IdP groups to Atlan.

Configure PingFederate as the External OAuth identity provider so Atlan Data Exploration queries on your Snowflake connection authenticate as each end user.

Set up OAuth SSO authentication for Databricks connections in Atlan.

Retrieve lineage from Unity Catalog and usage and popularity metrics from query history or system tables using REST API, offline, or system table extraction methods.

Technical details about Atlan's connection architecture to Informatica Cloud Data Integration

Once you have [configured the Anomalo settings](/apps/connectors/observability/anomalo/how-tos/set-up-anomalo), you can establish a connection between Atlan and Anomalo.

Atlan extracts job-level operational metadata from Apache Flink and generates job lineage through OpenLineage. To learn more about OpenLineage, refer to [OpenLineage configuration and facets](/product/connections/references/openlineage-configuration-and-facets).

Atlan extracts job-level operational metadata from Apache Spark and generates job lineage through OpenLineage. To learn more about OpenLineage, refer to [OpenLineage configuration and facets](/product/connections/references/openlineage-configuration-and-facets).

Use OAuth 2.0 Client Credentials flow for short-lived access tokens in machine-to-machine integrations

Each request requires an OAuth 2.0 access token generated via the [service account key](https://cloud.google.com/docs/authentication#service-accounts).

This check is performed for both [basic](/apps/connectors/data-warehouses/microsoft-azure-synapse-analytics/how-tos/set-up-microsoft-azure-synapse-analytics) and [service principal](/apps/connectors/data-warehouses/microsoft-azure-synapse-analytics/how-tos/set-up-microsoft-azure-synapse-analytics) authentication method.

Enter your own username and password or key pair for a connection in Atlan when bring-your-own-credentials (BYOC) is enabled, so Atlan queries and previews data with your own data source permissions instead of a shared account.

Prevent Atlan from auto-provisioning an account for every user who can authenticate against your identity provider. Restrict access to only the users and groups your IdP explicitly assigns to the Atlan application.

The Secure Agent is designed with multiple security controls to protect metadata, credentials, and communication between systems. This document outlines its security mechanisms across authentication, encryption, container security, network security, and logging and monitoring.

Complete guide to Atlan's security features, compliance certifications, and data protection capabilities.

postMessage types and payloads: send IFRAME_READY or request a token; handle ATLAN_AUTH_CONTEXT.

Set the role Atlan assigns to new users on their first SSO sign-in. Use Member for most workspaces, Guest for read-only users, or Admin for elevated access.

Prepare your ALTR environment and generate API credentials for Atlan integration.

Atlan supports basic authentication (SCRAM-SHA-1, username and password) and IAM authentication (MONGODB-AWS) for fetching metadata from Amazon DocumentDB. This guide walks you through creating a crawl user with the permissions Atlan needs.

Learn about set up amazon dynamodb.

Learn about set up amazon msk.

Learn about set up amazon quicksight.

Configure Basic or CA Certificate authentication to connect Anaplan to Atlan.

Atlan supports the API authentication method for fetching metadata from [Anomalo](https://docs.anomalo.com/integrations/atlan-integration). This method uses an API key to fetch metadata.

Configure authentication credentials in Ataccama ONE to enable Atlan to fetch data quality metadata from your Ataccama instance.

Set up authentication for Atlan: configure SSO with Okta, Azure AD, Google, JumpCloud, OneLogin, SAML 2.0, or PingFederate; automate the user lifecycle with SCIM; and set sign-in rules for new users.

Map Atlan connections to Bigeye sources and configure authentication credentials to enable Atlan to fetch data quality metadata from your Bigeye instance.

Configure a dedicated ClickHouse user with read-only access so Atlan can connect and extract metadata.

Configure Salesforce for OAuth 2.0 client credentials authentication in Atlan.

Atlan supports the API authentication method for fetching metadata from Confluent Kafka. This method uses an API key and API secret to fetch metadata.

Atlan supports three authentication methods for fetching metadata from Databricks. You can set up any of the following authentication methods:.

:::warning Who can do this? You'll need your Domo administrator to complete these steps - you may not have access yourself.

Configure permissions and authentication for Hive to enable metadata extraction in Atlan.

:::warning Who can do this? You must be an IBM Cognos Analytics administrator to complete these steps - you may not have access yourself.

Configure authentication and user permissions for Informatica Cloud Data Integration connector

Configure Salesforce for OAuth 2.0 JWT bearer authentication for Atlan.

If your Microsoft Azure Cosmos DB deployment includes a mix of vCore- and RU-based accounts, you must configure both to fetch metadata. You can then use the _vCore and RU_ deployment option to [crawl your Microsoft Azure Cosmos DB assets](/apps/connectors/database/microsoft-azure-cosmos-db/how-tos/crawl-microsoft-azure-cosmos-db).

Atlan supports service principal authentication for fetching metadata from Microsoft Azure Data Factory. This method requires a client ID, client secret, and tenant ID to fetch metadata.

Atlan supports the following authentication methods for Microsoft Azure Event Hubs:.

Atlan supports crawling the following with the Microsoft Azure Synapse Analytics package:.

Configure Microsoft Fabric authentication and permissions to connect with Atlan.

Enable Microsoft Power BI metadata access for Atlan using a service principal and scanner APIs.

Configure authentication and permissions for Microsoft SQL Server to enable Atlan to crawl metadata from your database.

Atlan supports basic authentication and API token authentication methods for fetching metadata from MicroStrategy.

Atlan supports SCRAM authentication (SCRAM-SHA-1 and SCRAM-SHA-256) for fetching metadata from MongoDB. This method uses a [username and password](#create-database-user) to fetch metadata.

Atlan supports the basic authentication method for fetching metadata from MongoDB. This method uses a username and password to fetch metadata

:::warning Who can do this? You will probably need your Monte Carlo [account owner](https://docs.getmontecarlo.com/docs/authorizationmanaged-roles-and-groups).

:::warning Who can do this? You probably need your MySQL administrator to run these commands - you may not have access yourself.

Configure token-based authentication to connect NetSuite to Atlan.

Learn about set up prestosql.

Configure API access in Atlan and Qualytics to enable secure authentication and data quality metadata synchronization between your Qualytics instance and Atlan.

:::warning Who can do this? You will probably need your Redash administrator to complete the following steps - you may not have access yourself.

Configure Salesforce authentication and connection with Atlan. Set up OAuth or JWT Bearer flow for secure integration with Sales Cloud and Financial Services Cloud.

:::warning Who can do this? You will probably need your SAP HANA administrator to run these commands - you may not have access yourself.

Set up single sign-on (SSO) so your team signs in to Atlan with their existing identity provider credentials. Configure SAML 2.0 with Okta, Azure AD, Google, JumpCloud, OneLogin, PingFederate, or any custom SAML provider.

Atlan supports the basic authentication method for fetching metadata from Sisense. This method uses a username and password to fetch metadata.

:::warning Who can do this? You will need your [Soda Cloud administrator](https://docs.soda.io/soda-cloud/roles-and-rights.html) to complete these steps -.

Configure authentication and permissions for Starburst Enterprise to enable Atlan to crawl metadata from your instance.

:::warning Who can do this? You need your Teradata administrator to run these commands - you may not have access yourself.

:::warning Who can do this? You will probably need your ThoughtSpot instance administrator to complete these steps - you may not have access yourself.

Configure authentication and permissions for Trino to enable Atlan to crawl metadata from your database.

Configure Salesforce username-password flow for Atlan integration.

Configure Workload Identity Federation (WIF) to enable Atlan to authenticate with Google BigQuery without using service account keys.

Reference for the parameters and field mappings when PingFederate is the OAuth identity provider for Snowflake query authentication.

Configure SAML 2.0 single sign-on between PingFederate and Atlan so your users sign in to Atlan with their PingFederate credentials. Copy Atlan's service provider metadata into PingFederate, configure both ACS endpoints, and import PingFederate's IdP metadata back into Atlan.

The metadata-extractor tool supports the following connection types.

Troubleshoot PingFederate OAuth errors when querying Snowflake from Atlan Data Exploration, with error, cause, and solution guidance.

Fix common SSO sign-in problems in Atlan, including first-time login errors, username mismatches, provider-specific issues, and group sync behavior.

Learn how to manage users and groups in Atlan to control access and organize your data team.

Atlan supports lineage for the following asset types:.