domino logo
Tech Ecosystem
Get started with Python
Step 0: Orient yourself to DominoStep 1: Create a projectStep 2: Configure your projectStep 3: Start a workspaceStep 4: Get your files and dataStep 5: Develop your modelStep 6: Clean up WorkspacesStep 7: Deploy your model
Get started with R
Step 0: Orient yourself to Domino (R Tutorial)Step 1: Create a projectStep 2: Configure your projectStep 3: Start a workspaceStep 4: Get your files and dataStep 5: Develop your modelStep 6: Clean up WorkspacesStep 7: Deploy your model
Get Started with MATLAB
Step 1: Orient yourself to DominoStep 2: Create a Domino ProjectStep 3: Configure Your Domino ProjectStep 4: Start a MATLAB WorkspaceStep 5: Fetch and Save Your DataStep 6: Develop Your ModelStep 7: Clean Up Your Workspace
Step 8: Deploy Your Model
Scheduled JobsLaunchers
Step 9: Working with Domino Datasets
Domino Reference
Notifications
On-Demand Open MPI
Configure MPI PrerequisitesFile Sync MPI ClustersValidate MPI VersionWork with your ClusterManage Dependencies
Projects
Projects OverviewProjects PortfolioReference ProjectsProject Goals in Domino 4+
Git Integration
Git Repositories in DominoGit-based ProjectsWorking from a Commit ID in Git
Jira Integration in DominoUpload Files to Domino using your BrowserFork and Merge ProjectsSearchSharing and CollaborationCommentsDomino File SystemCompare File Revisions
Revert Projects and Files
Revert a FileRevert a Project
Archive a Project
Advanced Project Settings
Project DependenciesProject TagsRename a ProjectSet up your Project to Ignore FilesUpload files larger than 550MBExporting Files as a Python or R PackageTransfer Project Ownership
Domino Runs
JobsDiagnostic Statistics with dominostats.jsonNotificationsResultsRun Comparison
Advanced Options for Domino Runs
Run StatesDomino Environment VariablesEnvironment Variables for Secure Credential StorageUse Apache Airflow with Domino
Scheduled Jobs
Domino Workspaces
WorkspacesUse Git in Your WorkspaceRecreate A Workspace From A Previous CommitUse Visual Studio Code in Domino WorkspacesPersist RStudio PreferencesAccess Multiple Hosted Applications in one Workspace Session
Spark on Domino
On-Demand Spark
On-Demand Spark OverviewValidated Spark VersionConfigure PrerequisitesWork with your ClusterManage DependenciesWork with Data
External Hadoop and Spark
Hadoop and Spark OverviewConnect to a Cloudera CDH5 cluster from DominoConnect to a Hortonworks cluster from DominoConnect to a MapR cluster from DominoConnect to an Amazon EMR cluster from DominoRun Local Spark on a Domino ExecutorUse PySpark in Jupyter WorkspacesKerberos Authentication
On-Demand Ray
On-Demand Ray OverviewValidated Ray VersionConfigure PrerequisitesWork with your ClusterManage DependenciesWork with Data
On-Demand Dask
On-Demand Dask OverviewValidated Dask VersionConfigure PrerequisitesWork with Your ClusterManage DependenciesWork with Data
Customize the Domino Software Environment
Environment ManagementDomino Standard EnvironmentsInstall Packages and DependenciesAdd Workspace IDEsAdding Jupyter Kernels
Use Custom Images as a Compute Environment
Pre-requisites for Automatic Custom Image CompatibilityModify the Default Workspace ToolsCreate a Domino Image with an NGC ContainerCreate a Domino Environment with a Pre-Built ImageManually Modify Images for Domino Compatibility
Partner Environments for Domino
Use MATLAB as a WorkspaceUse Stata as a WorkspaceUse SAS as a Workspace
Advanced Options for Domino Software Environment
Publish in Domino with Custom ImagesInstall Custom Packages in Domino with Git IntegrationAdd Custom DNS Servers to Your Domino EnvironmentConfigure a Compute Environment to User Private Cran/Conda/PyPi MirrorsUse TensorBoard in Jupyter Workspaces
Publish your Work
Publish a Model API
Model Publishing OverviewModel Invocation SettingsModel Access and CollaborationModel Deployment ConfigurationPromote Projects to ProductionExport Model ImageExport to NVIDIA Fleet Command
Publish a Web Application
App Publishing OverviewGet Started with DashGet Started with ShinyGet Started with FlaskContent Security Policies for Web Apps
Advanced Web Application Settings in Domino
App Scaling and PerformanceHost HTML Pages from DominoHow to Get the Domino Username of an App Viewer
Launchers
Launchers OverviewAdvanced Launcher Editor
Manage Externally-Hosted Models
Model Requirements
Use Domino's REST API to Export a Model
Export Model ImageExport to NVIDIA Fleet Command
Create an ExportCheck the Status of an ExportPush a New VersionSet up Monitoring for an ExportArchive an ExportView Monitoring StatusTroubleshooting
Assets Portfolio Overview
Model Monitoring and Remediation
Monitor WorkflowsData Drift and Quality Monitoring
Set up Monitoring for Model APIs
Set up Prediction CaptureSet up Drift DetectionSet up Model Quality MonitoringSet up NotificationsSet Scheduled ChecksSet up Cohort Analysis
Set up Model Monitor
Connect a Data SourceRegister a ModelSet up Drift DetectionSet up Model Quality MonitoringSet up Cohort AnalysisSet up NotificationsSet Scheduled ChecksUnregister a Model
Use Monitoring
Access the Monitor DashboardAnalyze Data DriftAnalyze Model QualityExclude Features from Scheduled Checks
Remediation
Cohort Analysis
Review the Cohort Analysis
Remediate a Model API
Monitor Settings
API TokenHealth DashboardNotification ChannelsTest Defaults
Monitoring Config JSON
Supported Binning Methods
Model Monitoring APIsTroubleshoot the Model Monitor
Connect to your Data
Data in Domino
Datasets OverviewProject FilesDatasets Best Practices
Connect to Data Sources
External Data VolumesDomino Data Sources
Connect to External Data
Connect to Amazon S3 from DominoConnect to Azure Data Lake StorageConnect to BigQueryConnect to DataRobotConnect to Generic S3 from DominoConnect to Google Cloud StorageConnect to IBM DB2Connect to IBM NetezzaConnect to ImpalaConnect to MSSQLConnect to MySQLConnect to OkeraConnect to Oracle DatabaseConnect to PostgreSQLConnect to RedshiftConnect to Snowflake from DominoConnect to Teradata
Work with Data Best Practices
Work with Big Data in DominoWork with Lots of FilesMove Data Over a Network
Advanced User Configuration Settings
User API KeysDomino TokenOrganizations Overview
Use the Domino Command Line Interface (CLI)
Install the Domino Command Line (CLI)Domino CLI ReferenceDownload Files with the CLIForce-Restore a Local ProjectMove a Project Between Domino DeploymentsUse the Domino CLI Behind a Proxy
Browser Support
Get Help with Domino
Additional ResourcesGet Domino VersionContact Domino Technical SupportSupport Bundles
domino logo
About Domino
Domino Data LabKnowledge BaseData Science BlogTraining
User Guide
>
Domino Reference
>
Connect to your Data
>
Connect to Data Sources
>
Connect to External Data
>
Connect to Okera

Connect to Okera

This topic describes how to connect to the Okera Active Data Access Platform from Domino.

The Okera Active Data Access Platform unifies and manages access for data consumers by providing an Automated Schema Registry, Policy Engine and Audit Engine.

Domino and Okera make it easy to access securely and simply data governed by Okera for analysis in Domino.

Credential setup

Option A - JWT Token

The simplest method for authentication with Okera from Domino is to use the JWT token provided by Domino.

Domino automatically populates all Workspaces and Batch Jobs with a user specific, securely signed token that can be used for authentication. When used in conjunction with Single Sign On (SSO), you can achieve a chain of identity from you identity provider through Domino to Okera. No additional set up in Domino is required.

Warning

Since all Domino issued tokens are securely signed by Domino, Okera needs to be configured to validate the JWT signature using Domino’s public key.

See the Okera docs for detailed instructions on Okera configuration.

Required metadata from Domino:

  • JWT_PUBLIC_KEY for your Domino deployment can be found at <your domino url>/auth/realms/DominoRealm

  • JWT_ALGORITHM will be RS256 by default

  • JWT_USER_CLAIM_KEY allows you to bind users identity in Domino to their identity in Okera so a user can only authenticate at themselves. Typically, you will want to use the preferred_username from the Domino token if you’ve used the same username pattern in Domino and Okera. Alternatively, you can create a custom claims in your Domino token by mapping in additional SAML attributes or deriving a value from the user’s email address, for example.

Option B - Username & Password

Alternatively, Okera also allows for authentication via a username and password. This requires an extra set up step on the part of each end user. Similar to storing credential for other data sources, users can add their credentials as Domino user environment variables. These variables are then populated to that user’s workspace and batch jobs.

See Environment Variables for Secure Credential Storage to learn more about Domino environment variables.

Environment libraries setup

Installation

Okera’s Pyokera package is available from pip. The Dockerfile instruction below is what you’ll need to install Pyokera.

RUN pip install pyokera

Alternative installation

A more secure method of reading S3 from the OS shell of a Domino executor is the AWS CLI. Making the AWS CLI work from your executor is a two-step process. You need to install it in your environment, and provide it with your credentials.

Usage (accessing data in Python)

After Pyokera is installed in your compute environment, you can access your Okera data using the following code snippet by adding in the URI for you Okera instance:

#Load the Pyokera package
import os
from okera import context

#Load the Domino Auth Token which should always be available and refreshed at $DOMINO_TOKEN_FILE
def get_token():
    return open(os.environ.get('DOMINO_TOKEN_FILE'), 'r').read().strip()

#Connect to Okera using your token and using the environment variable $DOMINO_STARTING_USERNAME which be populated with your Domino username
ctx = context()
ctx.enable_token_auth(token_func=get_token, user=os.environ['DOMINO_STARTING_USERNAME'])

#Query Okera
with ctx.connect(host='<URI for your Okera Instance>', port=12050) as conn:
    display(conn.scan_as_pandas('select * from okera_sample.whoami', strings_as_utf8=True))

Learn more about using Pyokera.

Domino Data LabKnowledge BaseData Science BlogTraining
Copyright © 2022 Domino Data Lab. All rights reserved.