What Grafana version and what operating system are you using?
Grafana version: v9.0.4 (c25601297)
OS: Linux (ubuntu 20.04)
What are you trying to achieve?
I am trying to authenticate sign ins through Azure B2C by configuring Grafana’s [auth.generic_oauth].
How are you trying to achieve it?
By configuring [auth.generic_oauth] in grafana.ini
I am receiving the following error:
After reviewing the logs, the problem appears to be I am not receiving the access_token from Azure B2C
What did you expect to happen?
To complete the sign-in successfully.
Can you copy/paste the configuration(s) that you are having problems with?
[auth.generic_oauth] name = AzureAD icon = signin enabled = true client_id = <redacted> client_secret = <redacted> scopes = https://graph.microsoft.com/openid https://graph.microsoft.com/offline_access auth_url = https://<redacted>/nupaSystem.onmicrosoft.com/<redacted>/oauth2/v2.0/authorize token_url = https://<redacted>/nupaSystem.onmicrosoft.com/<redacted>/oauth2/v2.0/token email_attribute_path = emails allow_sign_up = true ;tls_skip_verify_insecure = true [server] # Protocol (http, https, h2, socket) domain = <redacted domain>:<redacted port number> root_url = https://<redacted domain>:<redacted port number> protocol = https
Its worth noting that I am using a self signed certificate for HTTPS, maybe this could be the source of the problem, since my grafana [server] configs and redirect URI in Azure configs use a fully qualified domain name.
- Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
grafana log shows the following error:
level=error msg=login.OAuthLogin(NewTransportWithCode) error=“oauth2: server response missing access_token”
logger=context traceID=00000000000000000000000000000000 userId=0 orgId=1 uname= t=2022-09-29T15:51:55.294116834Z
I have debug enabled for the log level, but I don’t see any relevant logs to point me to the source of the problem.
- Did you follow any online instructions? If so, what is the URL?
- Configure generic OAuth authentication | Grafana documentation
- Trying use Azure AD B2C for SSO using generic_oauth and getting vague error when trying to troubleshoot - #2 by jangaraj
- SSO using Azure AD B2C - #2 by vassilis.vouvonikos
I appreciate any feedback, thanks!