paradizelost/SSO_Basics
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

switch to docker-compose env for oauth configuration, verified admin role maps properly

Browse Source
This commit is contained in:
Dan Hamik
2024-01-17 01:17:30 -06:00
parent 9c06784555
commit c656edeaf7
3 changed files with 44 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.env.example Normal file
View File

@@ -0,0 +1,13 @@
GF_AUTH_GENERIC_OAUTH_ENABLED=true
GF_AUTH_GENERIC_OAUTH_NAME=authentik
GF_AUTH_GENERIC_OAUTH_CLIENT_ID=CLIENT_ID_GOES_HERE
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=CLIENT_SECRET_GOES_HERE
GF_AUTH_GENERIC_OAUTH_SCOPES=openid profile email
GF_AUTH_GENERIC_OAUTH_AUTH_URL=https://auth.example.net/application/o/authorize/
GF_AUTH_GENERIC_OAUTH_TOKEN_URL=https://auth.example.net/application/o/token/
GF_AUTH_GENERIC_OAUTH_API_URL=https://auth.example.net/application/o/userinfo/
GF_AUTH_SIGNOUT_REDIRECT_URL=https:///auth.example.net/application/o/grafana/end-session/
# Optionally enable auto-login (bypasses Grafana login screen)
GF_AUTH_OAUTH_AUTO_LOGIN=true
# Optionally map user groups to Grafana roles
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH=contains(groups, 'grafanaadmin') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'