Support Questions
Find answers, ask questions, and share your expertise

Apache Atlas: AD integration authorization

Apache Atlas: AD integration authorization

New Contributor

I am doing Active Directory integration with Apache Atlas(opensource version) and the users are now able to login to the Atlas UI with AD credentials. Now I want to implement authorization for these users. 

- When the users login - they need to be assigned a Role in Atlas based on their AD Global Group Membership. For eg. If the user is part of atlas-admin AD group - I need to assign these user an ADMIN role in Atlas. 

How can this be implemented using Atlas Simple Authorizer mentioned here-

I can hardcode the username in policy to achieve this, but I need this to be done dynamically for all users in a particular AD group


{ "roles": { ... }, "userRoles": { "ad_user_1": [ "ROLE_ADMIN" ] }, "groupRoles": { ... }}


Or is there another way to do this ?