IBM Cloud Docs
Enabling Azure OIDC authentication

Enabling Azure OIDC authentication

Set your authentication method to OIDC with the REGISTER EXTERNAL AUTHENTICATION SYSTEM SQL statement.

OIDC external authentication system supports two-factor authentication. User needs to be configured with MFA on IdP(Identity Provider); for example, Microsoft Azure.

Setting Azure OIDC authentication with the Netezza UI

  1. Log in to the Netezza UI as a user who is part of an administrative group.

  2. Go to Settings tab.

  3. Click on OIDC to enable OIDC authentication.

  4. Create a user (or users) with the external authentication method set to OIDC, as described in Creating users.

  5. Verify whether the user is created successfully.

    1. Go to Users and groups > Users.
    2. Locate the user.
    3. Check the Authentication type section for the user.

Setting Azure OIDC authentication with the command-line

  1. Connect to NPSaaS as a user who is part of an administrative group. See, Connecting to NPSaaS.

    In the example, the 'nzsql' command is used. You can also use the ODBC or JDBC drivers.

    nzsql -host <nps_host_ip> -u <admin user> -pw XXXXX
    
    Example
    Input Description
    nps_host_ip

    Specifies the IP address of your instance.
    To retrieve NPS HOST IP:

    1. Log in to your IBM Cloud account.
    2. Go to Private endpoints > Service instance details.
    3. Select your instance.
      Your instance IP address appears on the page now.
    admin user Specifies the admin privileged user.
    password Specifies the password.
  2. As an admin, register an OIDC external authentication system.

    REGISTER EXTERNAL AUTHENTICATION SYSTEM 'OIDC';
    

    This action has to be performed only once.

  3. Create a user (or users) with the external authentication method set to OIDC.

    CREATE USER <USER> AUTH EXTERNAL 'OIDC';
    

    Example:

    CREATE USER OIDCUSER AUTH EXTERNAL 'OIDC';