Help with Okta Oauth

Hi all,

Im having alil difficulty with the okta oauth setting’s. Ive been checking from my network tab and it seem’s nothing is being redirected to Okta atm:

Current settings in my grafana.ini file:

name = Okta
enabled = true
allow_sign_up = true
client_id = some_id
client_secret = some_secret
scopes = openid profile email groups
auth_url =
token_url = same as above but with /token
api_url = same as above but with /userinfo
allowed_domains = xxx → not sure what to put here
log_level = debug → is this correct?
allowed_groups = infra-only → allowing only this group from Okta
role_attribute_path = GF_AUTH_ROLE_ATTRIBUTE_PATH=“contains(groups[], ‘okta-grafana-admin’) && ‘Admin’ || contains(groups[], ‘okta-grafana-reader’) && ‘Editor’ || ‘Viewer’”

A few things I’ve also noticed from Okta’s side - the OIDC app under Web doesn’t have a base URL.

openid scope indicates OpenID Connect, but that one is not selected on your okta screenshot + you have to press oidc login button on your grafana login screen. You didn’t configure oidc auto login.