Configuring Domo connections
Domo supports the CLIENT_CREDENTIALS grant type for OAuth2.
This grant type is considered two-legged OAuth as only the client application authenticates itself to the server, with no involvement to the user.
Users may opt to create their own connected app in Domo and provide their own client ID and client secret when creating connections through the Amazon Glue console.
For public Domo documentation on creating a connected app for the Authorization Code OAuth flow, see OAuth Authentication
.
To configure a Domo connection:
In Amazon Secrets Manager, create a secret with the following details:
For the customer managed connected app, the Secret should contain the connected app access token,
client_id, andclient_secret.Note: you must create a secret for your connections in Amazon Glue.
In Amazon Glue Glue Studio, create a connection under Data Connections by following the steps below:
Under Connections, choose Create connection.
When selecting a Data Source, select Domo.
Select the Amazon IAM role which Amazon Glue can assume and has permissions for following actions:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterface", "ec2:DeleteNetworkInterface", ], "Resource": "*" } ] }Select the
secretNamewhich you want to use for this connection in Amazon Glue to put the tokens.Select the network options if you want to use your network.
Grant the IAM role associated with your Amazon Glue job permission to read
secretName.