Issues with Role Assignment in Grafana 10.2 using Keycloak OAuth

Hi Grafana Community,

I’ve recently upgraded to Grafana 10.2 and i am experiencing issues with role assignment using Keycloak OAuth. Despite configuring GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH correctly, users authenticated via Keycloak are not receiving the appropriate permissions.

Configurations Tried:

  • GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH set to map Keycloak roles (grafana-admin, grafana-editor, grafana-viewer) to Grafana roles (Admin, Editor, Viewer).
  • Verified roles in Keycloak to ensure they match with Grafana’s expected roles.
  • Ensured that OAuth settings in Grafana are correctly configured.

Despite these configurations, users are receiving an error indicating insufficient permissions to view dashboards: “Error You’ll need additional permissions to perform this action. Permissions needed: dashboards:read”.

I would appreciate any insights or suggestions on resolving this issue.

Thank you!