Commit 6b0d7537 by Eivind Gussiås Løkseth Committed by GitHub

Docs: Fix list of sample providers (#26067)

* Fix list of sample providers

The sample providers on this page has changed, so the list at the top of the page is no longer correct. Also link to Octo and Azure AD pages from here, since they are also OAuth2 providers.

* Fix misspelled Okta

* Make bullet list of OAuth2 providers

* Sort list of OAuth2 providers alphabetically
parent d72c2550
...@@ -12,8 +12,13 @@ weight = 3 ...@@ -12,8 +12,13 @@ weight = 3
# Generic OAuth Authentication # Generic OAuth Authentication
You can configure many different OAuth2 authentication services with Grafana using the generic OAuth2 feature. Below you You can configure many different OAuth2 authentication services with Grafana using the generic OAuth2 feature. Examples:
can find examples using Okta, BitBucket, OneLogin and Azure. - [Auth0](#set-up-oauth2-with-auth0)
- [Azure AD]({{< relref "azuread.md" >}})
- [BitBucket](#set-up-oauth2-with-bitbucket)
- [Centrify](#set-up-oauth2-with-centrify)
- [Okta]({{< relref "okta.md" >}})
- [OneLogin](#set-up-oauth2-with-onelogin)
This callback URL must match the full HTTP address that you use in your browser to access Grafana, but with the prefix path of `/login/generic_oauth`. This callback URL must match the full HTTP address that you use in your browser to access Grafana, but with the prefix path of `/login/generic_oauth`.
...@@ -54,58 +59,6 @@ Check for the presence of a role using the [JMESPath](http://jmespath.org/exampl ...@@ -54,58 +59,6 @@ Check for the presence of a role using the [JMESPath](http://jmespath.org/exampl
See [JMESPath examples](#jmespath-examples) for more information. See [JMESPath examples](#jmespath-examples) for more information.
## Set up OAuth2 with Bitbucket
```bash
[auth.generic_oauth]
name = BitBucket
enabled = true
allow_sign_up = true
client_id = <client id>
client_secret = <client secret>
scopes = account email
auth_url = https://bitbucket.org/site/oauth2/authorize
token_url = https://bitbucket.org/site/oauth2/access_token
api_url = https://api.bitbucket.org/2.0/user
team_ids =
allowed_organizations =
```
## Set up OAuth2 with OneLogin
1. Create a new Custom Connector with the following settings:
- Name: Grafana
- Sign On Method: OpenID Connect
- Redirect URI: `https://<grafana domain>/login/generic_oauth`
- Signing Algorithm: RS256
- Login URL: `https://<grafana domain>/login/generic_oauth`
then:
2. Add an App to the Grafana Connector:
- Display Name: Grafana
then:
3. Under the SSO tab on the Grafana App details page you'll find the Client ID and Client Secret.
Your OneLogin Domain will match the URL you use to access OneLogin.
Configure Grafana as follows:
```bash
[auth.generic_oauth]
name = OneLogin
enabled = true
allow_sign_up = true
client_id = <client id>
client_secret = <client secret>
scopes = openid email name
auth_url = https://<onelogin domain>.onelogin.com/oidc/2/auth
token_url = https://<onelogin domain>.onelogin.com/oidc/2/token
api_url = https://<onelogin domain>.onelogin.com/oidc/2/me
team_ids =
allowed_organizations =
```
## Set up OAuth2 with Auth0 ## Set up OAuth2 with Auth0
1. Create a new Client in Auth0 1. Create a new Client in Auth0
...@@ -132,6 +85,23 @@ allowed_organizations = ...@@ -132,6 +85,23 @@ allowed_organizations =
api_url = https://<domain>/userinfo api_url = https://<domain>/userinfo
``` ```
## Set up OAuth2 with Bitbucket
```bash
[auth.generic_oauth]
name = BitBucket
enabled = true
allow_sign_up = true
client_id = <client id>
client_secret = <client secret>
scopes = account email
auth_url = https://bitbucket.org/site/oauth2/authorize
token_url = https://bitbucket.org/site/oauth2/access_token
api_url = https://api.bitbucket.org/2.0/user
team_ids =
allowed_organizations =
```
## Set up OAuth2 with Centrify ## Set up OAuth2 with Centrify
1. Create a new Custom OpenID Connect application configuration in the Centrify dashboard. 1. Create a new Custom OpenID Connect application configuration in the Centrify dashboard.
...@@ -163,6 +133,41 @@ allowed_organizations = ...@@ -163,6 +133,41 @@ allowed_organizations =
api_url = https://<your domain>.my.centrify.com/OAuth2/UserInfo/<Application ID> api_url = https://<your domain>.my.centrify.com/OAuth2/UserInfo/<Application ID>
``` ```
## Set up OAuth2 with OneLogin
1. Create a new Custom Connector with the following settings:
- Name: Grafana
- Sign On Method: OpenID Connect
- Redirect URI: `https://<grafana domain>/login/generic_oauth`
- Signing Algorithm: RS256
- Login URL: `https://<grafana domain>/login/generic_oauth`
then:
2. Add an App to the Grafana Connector:
- Display Name: Grafana
then:
3. Under the SSO tab on the Grafana App details page you'll find the Client ID and Client Secret.
Your OneLogin Domain will match the URL you use to access OneLogin.
Configure Grafana as follows:
```bash
[auth.generic_oauth]
name = OneLogin
enabled = true
allow_sign_up = true
client_id = <client id>
client_secret = <client secret>
scopes = openid email name
auth_url = https://<onelogin domain>.onelogin.com/oidc/2/auth
token_url = https://<onelogin domain>.onelogin.com/oidc/2/token
api_url = https://<onelogin domain>.onelogin.com/oidc/2/me
team_ids =
allowed_organizations =
```
## JMESPath examples ## JMESPath examples
To ease configuration of a proper JMESPath expression, you can test/evaluate expressions with custom payloads at http://jmespath.org/. To ease configuration of a proper JMESPath expression, you can test/evaluate expressions with custom payloads at http://jmespath.org/.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment