Auth.Proxy and Group/Org assignment of users


#1

Hello,

I’m looking for a design how one would use auth.proxy (via SAML2) together with multiple organisations?
From LDAP it was easily possible to assign an org from an LDAP group.
Now I do not have LDAP information anymore and I’d like to use SAML assertions (where I get group names) to assign a user (who is member of one or more groups) permissions to certain organisations.

However this seems to be not possible? I’m missing a permission setting in grafana where you can create groups and assign access to one or more organisations, and also an option to pass groups (SAML assertions) from auth.proxy to grafana?

Has anyone solved this?

Thx,
Reinhard


#2

This is not currently possible


#3

Thanks for the confirmation! I guess this is ONLY possible through LDAP then.
“currently” gives hope to consider this as a future feature maybe? (guess it depends on requirements in the community)