Hi Grafana Community,
I’ve recently upgraded to Grafana 10.2 and i am experiencing issues with role assignment using Keycloak OAuth. Despite configuring GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH
correctly, users authenticated via Keycloak are not receiving the appropriate permissions.
Configurations Tried:
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH
set to map Keycloak roles (grafana-admin
,grafana-editor
,grafana-viewer
) to Grafana roles (Admin
,Editor
,Viewer
).- Verified roles in Keycloak to ensure they match with Grafana’s expected roles.
- Ensured that OAuth settings in Grafana are correctly configured.
Despite these configurations, users are receiving an error indicating insufficient permissions to view dashboards: “Error You’ll need additional permissions to perform this action. Permissions needed: dashboards:read”.
I would appreciate any insights or suggestions on resolving this issue.
Thank you!