|
|
|
|
@ -17,7 +17,7 @@ can find examples using Okta, BitBucket, OneLogin and Azure. |
|
|
|
|
|
|
|
|
|
This callback URL must match the full HTTP address that you use in your browser to access Grafana, but with the prefix path of `/login/generic_oauth`. |
|
|
|
|
|
|
|
|
|
You may have to set the `root_url` option of `[server]` for the callback URL to be |
|
|
|
|
You may have to set the `root_url` option of `[server]` for the callback URL to be |
|
|
|
|
correct. For example in case you are serving Grafana behind a proxy. |
|
|
|
|
|
|
|
|
|
Example config: |
|
|
|
|
@ -209,6 +209,17 @@ allowed_organizations = |
|
|
|
|
token_url = https://<your domain>.my.centrify.com/OAuth2/Token/<Application ID> |
|
|
|
|
``` |
|
|
|
|
|
|
|
|
|
## Set up OAuth2 with non-compliant providers |
|
|
|
|
|
|
|
|
|
Some OAuth2 providers might not support `client_id` and `client_secret` passed via Basic Authentication HTTP header, which |
|
|
|
|
results in `invalid_client` error. To allow Grafana to authenticate via these type of providers, the client identifiers must be |
|
|
|
|
send via POST body, which can be enabled via the following settings: |
|
|
|
|
|
|
|
|
|
```bash |
|
|
|
|
[auth.generic_oauth] |
|
|
|
|
send_client_credentials_via_post = true |
|
|
|
|
``` |
|
|
|
|
|
|
|
|
|
<hr> |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Tomas Dabasinskas
7 years ago