-
What Grafana version and what operating system are you using?
docker - grafana/grafana:latest -
What are you trying to achieve?
Using Authentik as oauth to login into my grafana -
How are you trying to achieve it?
following this documentation : Grafana | authentik -
What happened?
canno’t log in :
“Redirect URI Error
The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).” -
What did you expect to happen?
it should log in -
Can you copy/paste the configuration(s) that you are having problems with?
this is my docker compose file : (the client id and secret will be regenerated, dw)
version: "3"
services:
grafana:
image: grafana/grafana
container_name: grafana_container
restart: always
environment:
GF_AUTH_GENERIC_OAUTH_ENABLED: "true"
GF_AUTH_GENERIC_OAUTH_NAME: "authentik.hlb1.ovh"
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "wKcJpFk2KUQJRhsI6t9I2EPAd0YQRzati5Gf2FAb"
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "xw6ZYh3NkpQEsbUSCv2OVU5yfpY9wN7tgjikbFwfttxtQjJghr4cNJ7MlrFs8rclGc3x1HZo2VoOUE2l4Lr2s7aQ5JYELeU804leVeDhBC4eeWMTaqJynGIHPVJf6QmQ"
GF_AUTH_GENERIC_OAUTH_SCOPES: "openid profile email"
GF_AUTH_GENERIC_OAUTH_AUTH_URL: "https://authentik.hlb1.ovh/application/o/authorize/"
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "https://authentik.hlb1.ovh/application/o/token/"
GF_AUTH_GENERIC_OAUTH_API_URL: "https://authentik.hlb1.ovh/application/o/userinfo/"
GF_AUTH_SIGNOUT_REDIRECT_URL: "https://authentik.hlb1.ovh/application/o/grafana/end-session/"
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'"
ports:
- 3000:3000
networks:
network:
ipv4_address: 172.23.0.201
volumes:
- grafana-volume:/var/lib/grafana
- Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
logger=http.server t=2024-03-22T19:08:40.379496321Z level=error msg="Failed to parse user ID" error="identifier is not initialized"
logger=context userId=0 orgId=0 uname= t=2024-03-22T19:08:40.725441435Z level=info msg= error="[auth.unauthorized] cannot authenticate request" remote_addr=10.100.20.43 traceID=
logger=context userId=0 orgId=0 uname= t=2024-03-22T19:08:40.725498626Z level=info msg="Request Completed" method=GET path=/api/live/ws status=401 remote_addr=10.100.20.43 time_ms=0 duration=109.091µs size=102 referer= handler=/api/live/ws
logger=context userId=0 orgId=0 uname= t=2024-03-22T19:08:41.357404826Z level=info msg= error="[auth.unauthorized] cannot authenticate request" remote_addr=10.100.20.43 traceID=
logger=context userId=0 orgId=0 uname= t=2024-03-22T19:08:41.357466836Z level=info msg="Request Completed" method=GET path=/api/live/ws status=401 remote_addr=10.100.20.43 time_ms=0 duration=163.462µs size=102 referer= handler=/api/live/ws
logger=context userId=0 orgId=0 uname= t=2024-03-22T19:08:41.709263766Z level=info msg="Request Completed" method=GET path=/login/generic_oauth status=302 remote_addr=10.100.20.43 time_ms=0 duration=141.381µs size=307 referer=https://grafana.hlb1.ovh/login handler=/login/:name
logger=context userId=0 orgId=0 uname= t=2024-03-22T19:09:04.262248711Z level=info msg="Request Completed" method=GET path=/ status=302 remote_addr=10.100.20.42 time_ms=0 duration=81.771µs size=29 referer= handler=/
logger=http.server t=2024-03-22T19:09:04.271275342Z level=error msg="Failed to parse user ID" error="identifier is not initialized"
- Did you follow any online instructions? If so, what is the URL?
Grafana | authentik