Configure Single Sign-On (SSO)

hila support Single Sign-On (SSO) for user authentication using Azure, Okta, Auth0, and Google.

1. From the SSO provider of your choice, get the name and values of the credentials.

   • Okta — For instructions on configuring hila SSO in your Okta dashboard see Configure SSO Okta dashboard.
   • Azure — For instructions on configuring hila SSO in your Azure dashboard see Configure SSO Azure dashboard.

2. Configure deployment:

   1. SSH into your hila stack.

   2. Run the following command to edit your deployment:

      kubectl edit deployment qnaui

   3. Search for the section marked in yellow in the following image:

      

   4. Enter the value for the provider as follows:

      • Azure: VITE_MICROSOFT_CLIENT_ID and VITE_MICROSOFT_TENANT_ID
      • Auth0: VITE_APP_AUTH0_DOMAIN and VITE_AUTH0_CLIENT_ID
      • Okta: VITE_OKTA_DOMAIN and VITE_OKTA_CLIENT_ID

3. Configure hila:

   1. In the hila monitoring app (https://monitoring.your-stack-domain), click Settings in the bottom-left corner and then select Raw Config Values.

   2. Expand the Vianai row.

   3. Search for allowed_sso.

   4. Hover over the row that appears and click the edit icon.

      

   5. In the Edit Value pane, click Open Editor.

   6. If your provider is not in the list, add it and click Save Changes.

      

   7. Search for oauth and make sure the row for your provider includes the credentials you added when you edited the deployment.

      

   8. Search for both self_register_allow and self_register_allow_qnaui and set them both to ‘True’.

      

   9. Search for allowed_domains and add the domain of your machine.