add docs for using oauth login with OneLogin (#10385)

f31d6438 · Dan Cech · Torkel Ödegaard · 58e0bdd7 · f31d6438
Commit f31d6438 authored Jan 03, 2018 by Dan Cech Committed by Torkel Ödegaard Jan 03, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 36 additions and 1 deletions

docs/sources/installation/configuration.md
+36 -1

No files found.
--- a/docs/sources/installation/configuration.md
+++ b/docs/sources/installation/configuration.md
@@ -496,7 +496,7 @@ name = BitBucket
 enabled = true
 allow_sign_up = true
 client_id = <client id>
-client_secret = <secret>
+client_secret = <client secret>
 scopes = account email
 auth_url = https://bitbucket.org/site/oauth2/authorize
 token_url = https://bitbucket.org/site/oauth2/access_token
@@ -505,6 +505,41 @@ team_ids =
 allowed_organizations =
 ```

+### Set up oauth2 with OneLogin
+
+1.  Create a new Custom Connector with the following settings:
+    - Name: Grafana
+    - Sign On Method: OpenID Connect
+    - Redirect URI: `https://<grafana domain>/login/generic_oauth`
+    - Signing Algorithm: RS256
+    - Login URL: `https://<grafana domain>/login/generic_oauth`
+
+    then:
+2.  Add an App to the Grafana Connector:
+    - Display Name: Grafana
+
+    then:
+3.  Under the SSO tab on the Grafana App details page you'll find the Client ID and Client Secret.
+
+    Your OneLogin Domain will match the url you use to access OneLogin.
+
+    Configure Grafana as follows:
+
+    ```bash
+    [auth.generic_oauth]
+    name = OneLogin
+    enabled = true
+    allow_sign_up = true
+    client_id = <client id>
+    client_secret = <client secret>
+    scopes = openid email name
+    auth_url = https://<onelogin domain>.onelogin.com/oidc/auth
+    token_url = https://<onelogin domain>.onelogin.com/oidc/token
+    api_url = https://<onelogin domain>.onelogin.com/oidc/me
+    team_ids =
+    allowed_organizations =
+    ```
+
 <hr>

 ## [auth.basic]