Data Access with OAuth Authentication

One of the ways users can connect to data sources is via OAuth Authentication. This type of authentication utilizes the user's credentials to connect and authenticate access to a given data source. The process is often used in big organizations that have centralized security and are using one framework to secure all data assets.

Authentication Options for Google BigQuery and Google Analytics

When creating a data source in Pyramid and completing the setup 'card', administrators can elect which type of authentication model to use:

  • Single Sign On (OAuth) – Specific User: All users of this data source will share and use the credentials and sign in code defined here.

  • Single Sign On (OAuth) – End User: Each user will be prompted to sign into Google when starting Pyramid or when connecting to the data source. This is a “one off” event. The user’s sign in code will be stored and reused for subsequent data access. Pyramid will automatically refresh this as needed. All users will share the Client ID and Client Secret defined here.

Enabling End User OAuth Authentication

Google BigQuery requires the creation of Client ID and Client Secret strings that provide in an encoded manner, the information needed to connect to the particular BigQuery data required. These strings are generated through the Google BigQuery management console and copied and pasted to the relevant dialogue boxes on the data card.

Once logged into Google BigQuery, Client ID and Client Secret strings can be generated from the “Get Credentials” button on this page.

  • Client ID: Google BigQuery Client ID

  • Client Secret: Google BigQuery Client Secret

The Client ID and Client Secret used by all users to access the Google BigQuery application. With the drop down set to “Single Sign On (OAuth) – End User”, each user will be prompted to sign into Google for individually authenticated data access.

With the drop down set to “Single Sign On (OAuth) – Specific User”, each user will share the Google account as well as the Client ID and Client Secret.

  • Sign Into Google: Use this button to sign into Google to retrieve the Refresh Code

  • Refresh Code: Returned by Google and used by Pyramid to connect to the Google Account.