LDAP Auto Login

Grafana Authentication
1

Hi,

We have configured LDAP authentication in Grafana configuration file (defaults.ini) and it works properly. Users can login with their Active Directory accounts. But we want to skip login screen and use auto_login mechanism. We couldnt achive it works. We made required changes in config file but we are getting “Skipping OAuth auto login because multiple OAuth providers are configured” error in the log file. We just configured LDAP, others are disabled; but it still redirects us to login page. What is the solution for this problem. You can see configured parts of file below.

“”
oauth_auto_login = true
[auth.azuread]
enabled=false
[auth.basic]
enabled=false
[auth.generic_oauth]
enabled=false
[auth.github]
enabled=false
[auth.gitlab]
enabled=false
[auth.google]
enabled=false
[auth.grafana_com]
enabled=false
[auth.grafananet]
enabled=false
[auth.okta]
enabled=false
[auth.proxy]
enabled=false
auto_sign_up=false
[auth.saml]
enabled=false

#################################### Auth LDAP ###########################
[auth.ldap]
enabled = true
…other AD settings…

Thanks.

2

Hi ,
make this
'disable_login_form = true ’

Guna

3

I don’t think that this is actually possible, as the auto-login only works with OAuth - LDAP is not OAuth.

LDAP means that you are testing the passwords against the centralized directory, the users still need to enter their credentials when logging in.

OAuth means that while I’m logged into Google (for example) I can use Grafana with this account.

4

Hi Guna,

It was set; but still redirect to login page which has no textbox for user and password :slight_smile: this setting just hide textboxes :frowning:

5

Hi,

According to documentation it must works; and in the log file i can see that it is trying to login but gets error " Skipping OAuth auto login because multiple OAuth providers are configured" . The problem is what is the second OAuth config? I disabled all of them.

6

Hi,
For me it is working through iframe as anonymous user. but i try to pass the user through NGINX its not working (In iframe grafana is not loading)

7

Not sure which part of the documentation you’re referring to - do you have a link?

I can only repeat what @dereismann already stated, which is that what you’re trying to do (assuming I understand it correctly) is not possible. LDAP and OAuth are two very different things. In LDAP there isn’t such a thing as a “this user is already logged in” state/cookie. LDAP is just a back end that stores user credentials, which other services (e.g. Grafana) can use to check whether a given set of user credentials is valid.

8

Hi,

Even for me the same auto login is not working. did you solve the issue? we need to change Grafana Nginx file?

9

Is this even possible to take the windows credential from the windows users logged in and have that available in the browser to be able to pass to applications? I would think so.

Secondly, it’s been 5 years. I haven’t seen this in the documentation, so I assumed it’s still not straight forward if it’s even possible. We still use Active Directory and authenticate using LDAP. It would be really nice if it worked like some of our other desktop applications that use the LDAP / Kerberos authentication from the active user on the machine, skipping an additional sign in step.