I follow Grafana docs and I not sure how to configure the Grafana with OpenID connect.
We already configured several applications with OpenID connect which works OK.
What I need is to configure the OpenID connect to Grafana.
What we have:
- ClientID
- Client Secret
- expose Grafana publicly
In addition, we exposed our Grafana publicly and should configure “/redirect” to it.
Our issuer configs is like following:
“issuer” : “https://accounts.fds.com”
AND also “authorization_endpoint” and “token_endpoint”
“response_types_supported”:[“code”,“id_token”,“token”]
“scope_supported”: [“openid”]
from the doc This callback URL must match the full HTTP address that you use in your browser to access Grafana, but with the prefix path of /login/generic_oauth"
So we provided this also, my question is what should I do further, what is mandatory ?
Should I create some application or this is just configuration task?
We are using Grafana 7.1 .
I’ve configured it like following:
grafana:
enabled: true
namespaceOverride: ""
grafana.ini:
server:
root_url: http://a725be449-30559695.eu-central-1.elb.amazonaws.com/
auth.generic_oauth:
enabled: true
client_id: foo_clientid
client_secret: foo_secert
scopes: "openid"
auth_url: https://accounts.fds.com/oauth2/authorize
token_url: https://accounts.fds.com/oauth2/token
# api_url: https://${domain}/userinfo. //Not sure what this
allow_sign_up: true
In the ‘root_url’ field I’ve put the the link to our grafana which redirects to to /login
Not sure what is the API_URL, what should I provide there? what am i missing here…
When deploying the app I see new button with sigh in with oAuth when I click I got error: “OpenID provider cannot process the request because the configuration is incorrect. Please contact your system administrator.” any idea ?