we have configured generic Oauth section to integrate with okta. Here we are unable to map org_role .
Do we have any parameters or config which can help to map groups with org_role.
We have the same questions here, to map groups from AzureAD o the roles in grafana.
If you managed to do it, please let meknow how.?!
Thanks
TF
With 6.3.5 we are able to use GenericOauth and Keycloak to logon/logoff seamlessly. And we can successfully map groups using the ‘role_attribute_path’ feature which has pretty good documentation explaining the JMESPath mappings. However, we are unable to map org_id at this point which is problematic and blocking us transitioning from LDAP auth. If anyone has any hints on org_id they’d be much appreciated.
How did you use role_attribute_path? When I configure auth.generic_oauth with:
role_attribute_path = contains(info.organization, 'MyCompany') && 'Admin' || 'Viewer'
and then login via OAuth I don’t get the Admin role.
organization is a property of the /userinfo return object.
Nevermind! I figured it out in the end.