anushreegawdeAP commented on PR #30081: URL: https://github.com/apache/superset/pull/30081#issuecomment-2448508356
I’ve been working on setting up OAuth2.0 integration for Trino with Okta in Superset, following the guidance from this PR (#30081). However, despite configuring authorization_request_uri, token_request_uri, and handling impersonation, I’m still encountering issues with 401 Unauthorized errors when trying to connect to Trino. My current setup looks like this: # trino_oauth DATABASE_OAUTH2_REDIRECT_URI: "http://localhost:8088/api/v1/database/oauth2/"; DATABASE_OAUTH2_CLIENTS: { 'HSH Trino Oauth': { 'id': '<trino_app_client_id>', 'secret': '<trino_app_client_secret>', 'scope': 'openid email offline_access roles profile', 'redirect_uri': 'http://localhost:8088/api/v1/database/oauth2/', 'authorization_request_uri': 'https://example.okta.com/oauth2/v1/authorize', 'token_request_uri': 'https://example.okta.com/oauth2/v1/token' } } {"connect_args":{"http_scheme":"https"}} Impersonate: true is in place as well and UI shows the correct configs. I've reviewed the setup and ensured that the OAuth tokens are obtained correctly from Okta, and all necessary permissions seem in place. Are there any additional configurations or specifics for Trino that this PR setup might require? Any guidance or insights on further troubleshooting would be greatly appreciated! Thank you! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
