Add documentation

e8823f71 · Tomas Dabasinskas · 3aa24b3a · e8823f71
Commit e8823f71 authored Dec 19, 2018 by Tomas Dabasinskas
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 1 deletions

docs/sources/auth/generic-oauth.md
+12 -1

No files found.
--- a/docs/sources/auth/generic-oauth.md
+++ b/docs/sources/auth/generic-oauth.md
@@ -17,7 +17,7 @@ can find examples using Okta, BitBucket, OneLogin and Azure.

 This callback URL must match the full HTTP address that you use in your browser to access Grafana, but with the prefix path of `/login/generic_oauth`.

-You may have to set the `root_url` option of `[server]` for the callback URL to be 
+You may have to set the `root_url` option of `[server]` for the callback URL to be
 correct. For example in case you are serving Grafana behind a proxy.

 Example config:
@@ -209,6 +209,17 @@ allowed_organizations =
    token_url = https://<your domain>.my.centrify.com/OAuth2/Token/<Application ID>
    ```

+## Set up OAuth2 with non-compliant providers
+
+Some OAuth2 providers might not support `client_id` and `client_secret` passed via Basic Authentication HTTP header, which
+results in `invalid_client` error. To allow Grafana to authenticate via these type of providers, the client identifiers must be
+send via POST body, which can be enabled via the following settings:
+
+    ```bash
+    [auth.generic_oauth]
+    send_client_credentials_via_post = true
+    ```
+
 <hr>