Auth: Add skip_org_role_sync for Okta (#62106)

* WIP * Update pkg/services/login/authinfo.go * fix: merge * change order to internal last * adds: docs * add: configuration for defaults and sample * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Jo <joao.guerreiro@grafana.com> * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> --------- Co-authored-by: Jo <joao.guerreiro@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2025-08-03 02:02:12 +08:00 · 2023-01-30 10:54:14 +00:00
parent d7026900bd
commit a232e7ceca
11 changed files with 68 additions and 12 deletions
--- a/pkg/setting/setting.go
+++ b/pkg/setting/setting.go
@ -500,6 +500,9 @@ type Cfg struct {

 	SecureSocksDSProxy SecureSocksDSProxySettings

+	// Okta OAuth
+	OktaSkipOrgRoleSync bool
+
 	// Access Control
 	RBACEnabled         bool
 	RBACPermissionCache bool
@ -1394,6 +1397,11 @@ func readAuthGitlabSettings(iniFile *ini.File, cfg *Cfg) {
 	cfg.GitLabSkipOrgRoleSync = sec.Key("skip_org_role_sync").MustBool(false)
 }

+func readAuthOktaSettings(iniFile *ini.File, cfg *Cfg) {
+	sec := iniFile.Section("auth.okta")
+	cfg.OktaSkipOrgRoleSync = sec.Key("skip_org_role_sync").MustBool(false)
+}
+
 func readAuthSettings(iniFile *ini.File, cfg *Cfg) (err error) {
 	auth := iniFile.Section("auth")

@ -1454,6 +1462,9 @@ func readAuthSettings(iniFile *ini.File, cfg *Cfg) (err error) {
 	// GitLab Auth
 	readAuthGitlabSettings(iniFile, cfg)

+	// Okta Auth
+	readAuthOktaSettings(iniFile, cfg)
+
 	// anonymous access
 	AnonymousEnabled = iniFile.Section("auth.anonymous").Key("enabled").MustBool(false)
 	cfg.AnonymousEnabled = AnonymousEnabled