-
What Grafana version and what operating system are you using?
v8.5.2 -
What are you trying to achieve?
I’m trying to authenticate & authorize users using Azure Active Directory (AAD). -
How are you trying to achieve it?
We have some groups that include many users. Instead of assigning roles to individual users, I want to roles to groups, and I want that role assignments to reflect when users of those groups log into Grafana. -
What happened?
The assigned roles of the groups did not reflect on their members, so I am not able to authenticate/authorize users unless I manually assign roles for them which is a hassle. -
What did you expect to happen?
I expected that the assigned group roles will reflect on the users/members of those groups. -
Can you copy/paste the configuration(s) that you are having problems with?
#################################### Azure AD OAuth #######################
[auth.azuread]
name = Azure AD
enabled = true
allow_sign_up = true
client_id = <client-id>
client_secret = <client-secret>
scopes = openid email profile
auth_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/authorize
token_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
allowed_domains =
allowed_groups =
role_attribute_strict = true
-
Did you follow any online instructions? If so, what is the URL?
Yes, I basically followed this: Azure AD OAuth2 authentication | Grafana documentation
