How to map org id and roles via oauth

we have configured generic Oauth section to integrate with okta. Here we are unable to map org_role .
Do we have any parameters or config which can help to map groups with org_role.

We have the same questions here, to map groups from AzureAD o the roles in grafana.
If you managed to do it, please let meknow how.?!


With 6.3.5 we are able to use GenericOauth and Keycloak to logon/logoff seamlessly. And we can successfully map groups using the ‘role_attribute_path’ feature which has pretty good documentation explaining the JMESPath mappings. However, we are unable to map org_id at this point which is problematic and blocking us transitioning from LDAP auth. If anyone has any hints on org_id they’d be much appreciated.

How did you use role_attribute_path? When I configure auth.generic_oauth with:

role_attribute_path = contains(info.organization, 'MyCompany') && 'Admin' || 'Viewer'

and then login via OAuth I don’t get the Admin role.

organization is a property of the /userinfo return object.

Nevermind! I figured it out in the end.