-
What Grafana version and what operating system are you using?
10.4.0 -
What are you trying to achieve?
Fix OAuth Implicit Grant Type flaw security issue -
How are you trying to achieve it?
I’ve already setuse_pkce = true
under [auth.generic_oauth] section -
What happened?
The security issue still there after I set theuse_pkce = true
-
What did you expect to happen?
OAuth Implicit Grant Type flaw issue fixed -
Can you copy/paste the configuration(s) that you are having problems with?
-
Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
-
Did you follow any online instructions? If so, what is the URL?
This is a Grafana setup in Openshift, and using the Oauth authentication
Please explain how you can have “OAuth Implicit Grant Type flow issue”, when you are using " Authorization Code Flow with Proof Key for Code Exchange (PKCE)"?
It looks like you are copying reports from some security scanner without any logical validation.