Strange oauth behavior

  • What Grafana version and what operating system are you using?
    Version 7.4.5 (commit: 8a2c78d3f8, branch: HEAD)

  • What are you trying to achieve?

oauth using generic_oauth

  • How are you trying to achieve it?

running container in k8s

  • What happened?

the oauth flow works as desired via kubectl port-forward $POD 3000 and then using http://localhost:3000 in the browser.
However when i try to use the same flow via configured DNS to the ingress, I successfully reach the service and am redirected to /login …but that does NOT show ‘or use oauth’ button.

I am at a loss why the browser UX decides to not show the oauth option.

  • What did you expect to happen?

The ‘or login with oauth’ checkbox appears and i can proceed to login via oauth.

  • Can you copy/paste the configuration(s) that you are having problems with?

      auth.generic_oauth:
    allow_signup: true
    allowed_domains: example.org
    api_url: https://hello.example.org/auth/realms/mine/protocol/openid-connect/userinfo
    auth_url: https://hello.example.org/auth/realms/mine/protocol/openid-connect/auth
    client_id: grafana-dev
    client_secret: readacted...
    enabled: true
    name: generic_oauth
    scopes: openid email profile
    tls_skip_verify_insecure: false
    token_url: https://hello.example.org/auth/realms/mine/protocol/openid-connect/token
    
  • Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.

no errors in UI nor in logs. Note: logs on grafana were configured to debug.

  • Did you follow any online instructions? If so, what is the URL?