grafana

Commit Graph

Author	SHA1	Message	Date
Giuseppe Crinò	b40f192c7e	chore(docs): clarify how to refer to GH teams (#57679 )	3 years ago
Eric Leijonmarck	c43e97cf37	Docs: Add prerequisites to enable auth.jwt for url login (#57806 ) * docs: add prerequisites * Update docs/sources/setup-grafana/configure-security/configure-authentication/jwt/index.md	3 years ago
Jo	07991c76fe	Doc: Fix wrong default callback URL (#57908 ) * doc: fix wrong default callback URL * doc: fix gitlab typos	3 years ago
Jo	61774ae7f1	Docs: Add keycloak oauth setup guide (#57685 ) * use scopes for generic_oauth devenv. Support refresh_tokens * add keycloak section * add teamsync support to oauth devenv * Add keycloak guide * Upgrade keycloak to version 19 * Update devenv/docker/blocks/auth/oauth/readme.md Co-authored-by: Misi <mgyongyosi@users.noreply.github.com> * feedback Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Misi <mgyongyosi@users.noreply.github.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>	3 years ago
Christopher Moyer	d09d39ddd4	Docs/restructures setup (#57125 ) * builds out configure grafana directory to align with hugo * restructures configure authentication, corrects relrefs * correct alias * corrects final relrefs	3 years ago
Ahmed	5c2b722287	Docs: Fix broken link (#57083 ) * Docs: Fix broken link * Update docs/sources/setup-grafana/configure-security/configure-authentication/auth-proxy.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>	3 years ago
Ben Golding	a46fa16b4e	<Documentation> Document usage of environment variables/files in GitHub Auth login (#52891 ) * Document usage of environment variables/files * Updating Github Auth Login Documentation Co-authored-by: Garrett Guillotte <100453168+gguillotte-grafana@users.noreply.github.com> Co-authored-by: Garrett Guillotte <100453168+gguillotte-grafana@users.noreply.github.com>	3 years ago
Gabriel MABILLE	0f4d126109	AzureAD: Add option to force fetch the groups from the Graph API (#56916 ) * Add a new option to systematically fetch AzureAD groups from the Graph API	3 years ago
Michael Mandrus	26e7228cd9	fix typo (#56802 )	3 years ago
Gabriel MABILLE	10c080dad1	LDAP: Add `skip_org_role_sync` configuration option (#56679 ) * LDAP: Add skip_org_role_sync option * Document the new config option * Nit on docs * Update docs/sources/setup-grafana/configure-security/configure-authentication/ldap.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Docs suggestions Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Add test, Fix disabled user when no role Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Jguer <joao.guerreiro@grafana.com>	3 years ago
Michael Mandrus	6827ca01a0	Docs: Add missing documentation for enterprise features (#56753 ) * add documentation about protected roles * add section about sync debug * add link to recorded queries to main enterprise pages * Update docs/sources/setup-grafana/configure-security/configure-authentication/ldap.md Co-authored-by: Eve Meelan <81647476+Eve832@users.noreply.github.com> * fixes from pr review * add missing char * Apply suggestions from code review Co-authored-by: Eve Meelan <81647476+Eve832@users.noreply.github.com> * fix other incorrect lines to match review Co-authored-by: Eve Meelan <81647476+Eve832@users.noreply.github.com>	3 years ago
Eric Leijonmarck	53f0928321	Docs: Add variable expansion recommendation (#56368 ) * docs: add variable expansion recommendation * docs: updated the ldap docs in configure grafana	3 years ago
Christopher Moyer	c5b68ed497	adds note about org_role being case sensitive (#56043 )	3 years ago
Gabriel MABILLE	3ce76e1e78	SAML: Allow wildcard mapping to add user to all existing orgs (#55628 )	3 years ago
Jo	0be644031d	Auth: Add SAML common resolutions to cookie issues (#55395 ) * Auth: Add SAML cookie specifics * Auth: remove legacy message * HTTPS Co-authored-by: Misi <mgyongyosi@users.noreply.github.com> Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>	3 years ago
Jo	e1af4e72bc	Auth: Add documentation on group overage claims in AzureAD (#55389 ) * Auth: Add documentation on group overage claims in AzureAD * add info on versioning	3 years ago
Garrett Guillotte	97ca109d84	Docs: Fix Cloud availability of JWT URL Embedding (#55260 ) * Docs: Fix Cloud availability of JWT URL Embedding * Docs: Clarify JWT URL embedding availability in docs	3 years ago
Jo	3e2e9f93b9	Auth: Allow admins to manually change oauth user role if `oauth_skip_org_role_update_sync` is enabled (#55182 ) * Auth: Allow admins to change oauth user info it it's not synced. Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * Update public/app/features/admin/UserAdminPage.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Add missing import * Simplify init Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * SAML: Add option to skip org role sync (#55230) * SAML: Add option to skip org role sync * Modify frontend accordingly * Remove update from config option name Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Remove update from config option name Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Fix typo Co-authored-by: Jguer <joao.guerreiro@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: gamab <gabi.mabs@gmail.com> Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com>	3 years ago
Jo	00e7324bf6	Auth: Restore legacy behavior and add deprecation notice for empty org role in oauth (#55118 ) * Auth: Add deprecation notice for empty org role Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * fix recasts * fix azure tests missing logger * Adding test to gitlab oauth * Covering more cases * Cover more options * Add role attributestrict check fail * Adding one more edge case test * Using legacy for gitlab * Yet another edge case YAEC * Reverting github oauth to legacy Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Not using token Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Nit. * Adding warning in docs Co-authored-by: Jguer <joao.guerreiro@grafana.com> * add warning to generic oauth Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Be more precise Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Adding warning to github oauth Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Adding warning to gitlab oauth Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Adding warning to okta oauth Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Add docs about mapping to AzureAD Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Clarify oauth_skip_org_role_update_sync Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Nit. * Nit on Azure AD Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Reorder docs index Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Fix typo Co-authored-by: Jguer <joao.guerreiro@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: gamab <gabi.mabs@gmail.com>	3 years ago
Jo	ef245874da	OAuth: Allow assigning Server Admin (#54780 ) * extract errors to errors file * implement oauth server admin assignment * add server admin tests * deduplicate autoAssignOrgRole * deduplicate strict setting * deduplicate strict setting * add support for generic oauth * add role attribute strict support for generic oauth * add support for github/gitlab * assignGrafanaAdmin option is here to stay * unify similar errors * add config option * add okta server admin mapping * remove never used Company attribute * unify generic oauth role extract with other methods * case insensitive role match as in azure * add ini settings * add server admin to devenv * remove duplicate fields * add documentation to oauth * fix titlecase test * implement doc feedback	3 years ago
Nicholas Wiersma	9e704fec3c	JWT: Add support for assigning org roles (#54277 ) * feat: allow jwt role to be set * chore: update documentation * fix: cr suggestions * fix: lint issues * respect org auto assign and default org ID * add server admin to devenv Co-authored-by: jguer <joao.guerreiro@grafana.com>	3 years ago
Jo	4952b7f22d	Add JWT url auth documentation (#54040 ) * add jwt auth docs * add appropriate warnings to docs * remove unimplemented login_token assumptions * Update conf/sample.ini	3 years ago
linoman	82d35b7d72	Change LDAP configuration to secure connections (#53404 )	3 years ago
Jo	51e2a1c0a4	Deps: Update SAML libraries (#52893 ) Deps: ensure goxmldsig is pinned update go.mod	3 years ago
Jo	5c4aa4a7ac	OAuth: Allow role mapping from GitHub and GitLab groups (#52407 ) * OAuth: Add extract role support to github OAuth: correct github errors Oauth: add github tests Oauth: Allow mapping via group memberships Oauth: Add markdown instructions to the new mappers fix lint * Apply suggestions from code review Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Vardan Torosyan <vardants@gmail.com> * Apply suggestions from code review Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Vardan Torosyan <vardants@gmail.com>	3 years ago
Jo	c9c4fc604e	LDAP: Improve errors and documentation (#52111 )	3 years ago
hannes-256	62b0a8bae6	LDAP: Allow specifying LDAP timeout (#48870 ) * Allow specifying LDAP timeout * Update docs/sources/auth/ldap.md Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com> * LDAP timeout: Add annotations; Make functions "private" * Setting the default timeout if unspecified * fix goimports lint issue Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: jguer <joao.guerreiro@grafana.com>	3 years ago
Ieva	1768e09cfd	document auth_style option (#51697 )	3 years ago
Christopher Moyer	2df04582ce	Docs: fixes setup relrefs (#51178 ) * fixes setup relrefs * Update docs/sources/setup-grafana/configure-security/configure-authentication/enhanced_ldap.md Co-authored-by: Garrett Guillotte <100453168+gguillotte-grafana@users.noreply.github.com> * Update docs/sources/setup-grafana/configure-security/_index.md Co-authored-by: Garrett Guillotte <100453168+gguillotte-grafana@users.noreply.github.com> Co-authored-by: Garrett Guillotte <100453168+gguillotte-grafana@users.noreply.github.com>	3 years ago
Garrett Guillotte	845cebdee2	Docs: Refactor administration docs (#50592 ) * Move data source management to administration * Move RBAC to administration * Move team management up a docs org level * Combine and rename admin preferences docs * Move plugin management to administration * Combine plugin management docs * Combine API key docs * Combine service account docs * Combine server user management docs * Move datasource management to administration * Move enterprise licenses to administration * Move CLI out of admin, update links to admin * Merge org user management docs * Restructure to Torkel's plan * Fix typo * Weigh admin topics for navigation * Weigh administration topics and align to Torkel's plan * Move server user management from server admin to admin/user management * Move configure docker image to setup guide * Move the remaining server admin docs to the root admin directory * Reweight docker config	3 years ago
Christopher Moyer	da731a38cc	Docs: updates auth alias to fix redirect 404 (#50892 ) * updates auth alias * Update docs/sources/setup-grafana/configure-security/configure-authentication/_index.md	3 years ago
Eric Leijonmarck	2abb6a461f	Docs: updated CSRF additional headers (#50589 ) * Docs: updated CSRF additional headers * Update docs/sources/setup-grafana/configure-security/configure-authentication/saml.md Co-authored-by: heoelri <heoelri@users.noreply.github.com> * update to include referer * Update docs/sources/setup-grafana/configure-security/configure-authentication/saml.md Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: heoelri <heoelri@users.noreply.github.com>	3 years ago
Eric Leijonmarck	52deb821d6	Docs: fix authsaml to security (#50478 ) Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	3 years ago
Eric Leijonmarck	b5615a1a18	Docs: CSRF add configuration options and documentation for additional headers and origins (#50473 ) * added troubleshooting for "origin not allowed" messages * include in configuration.ini * moved doc to security * removed enterprise congiruation * Update conf/sample.ini Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	3 years ago
Christopher Moyer	a568d421f8	Docs: Setup refactor (#49739 ) * builds out refactored setup topics * Automatically fix some relrefs with mv-manager Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Use refs for tutorials content which is outside of this repository Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Manually fix complicated relrefs Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * consolidates team sync and db encryption topics * Fix relrefs Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * updates setup index file * Convert TOML to YAML Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Add current alias for new alerting content Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Add current aliases to new setup-grafana and configure-security pages Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * moves saml docs, updates order in TOC * Manually fix relrefs Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * added usage insights topics, adjusted weights * corrected relrefs * Fix relrefs broken in rebase Signed-off-by: Jack Baldry <jack.baldry@grafana.com> Co-authored-by: Jack Baldry <jack.baldry@grafana.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com>	3 years ago

35 Commits (a9458c8c00c5aba6efcbf9879662ebdd6174c248)