-
What Grafana version and what operating system are you using? 8.4.5
-
What are you trying to achieve? Double auth (generic: aws cognito and azure ad)
-
How are you trying to achieve it? I’ve added both the configurations to the defaults.ini file.
-
What happened? The azure AD configuration has roles defined but I do not want any sync with those roles. So, i’m using
skip_org_role_sync = true
in azure Ad configuration.
-
What did you expect to happen? I expected it to not sync the roles but when a user logs in using the microsoft login they lose access to all the orgs that they had when they log in from cognito. I do not want the two login options to have any impact on access.
-
Can you copy/paste the configuration(s) that you are having problems with?
[auth.azuread]
name = Azure AD
enabled = true
;allow_sign_up = true
client_id = <id>
client_secret = <secret>
auth_url = <auth_url>
token_url = <token_url>
scopes = openid email profile
skip_org_role_sync = true
;allowed_domains =
;allowed_groups =
-
Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
-
Did you follow any online instructions? If so, what is the URL?Configure Azure AD OAuth2 authentication | Grafana documentation