* Update azuread docs to mention about env variables
Add a note about the name of the environment variables to be used for configuring client_id and client_secret
* Update docs/sources/auth/azuread.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Update docs/sources/auth/azuread.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* fix typo
* Revert "fix typo"
This reverts commit ff84f70773eca3f6878be0ffa1d1275509a1475f.
* Fixed typo again, trying to kick start license check.
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <aparajita.chatterjee@grafana.com>
* Support `role_attribute_path` for GitLab OAuth
Allow role mapping for GitLab accounts.
Example:
[auth.gitlab]
role_attribute_path = is_admin && 'Admin' || 'Viewer'
* Support `role_attribute_path` for GitLab OAuth
Allow role mapping for GitLab accounts.
Example:
[auth.gitlab]
role_attribute_path = is_admin && 'Admin' || 'Viewer'
* docs: add docs for role_attribute_path
* Apply suggestions from code review
Co-authored-by: Peter Leitzen <splattael@users.noreply.github.com>
* docs: update example
example should suggest a full configuration
* Apply suggestions from code review
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Apply suggestions from code review
Co-authored-by: Fiona Artiaga <89225282+GrafanaWriter@users.noreply.github.com>
* docs: add suggestions from tech writers
Co-authored-by: Henry Sachs <Henry.Sachs@deutschebahn.com>
Co-authored-by: Henry Sachs <henrysachs@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Fiona Artiaga <89225282+GrafanaWriter@users.noreply.github.com>
* OAuth: clarify role & group paths prefer id_token over userinfo api (#39066)
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Improves SQL data sources documentation in regards to Grafana 8 changes
and adds some additional upgrade notes in regards to this.
Ref #35390
Ref #38666
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Pass role to Grafana using auth proxy
By default, the role will be applied to the default org of the user.
If the request uses the standard header "X-Grafana-Org-Id", the role will be applied to the specified org
Tested in both unit test and manually E2E
* Address comment: only allow the user role to be applied to the default org
Co-authored-by: Leonard Gram <leo@xlson.com>
* Docs:Adjust azuread.md for Powershell UUID command
Why this change is needed:
-Update the docs to include more Unique ID information for Windows users. This is intended to improve user experience.
-Adjust passive to active voice where it improves the documentation.
-Checking for style guide compliance.
Closes issue: #23094
* Update azuread.md
Fixed typo "possibile".
* Update docs/sources/auth/azuread.md
fix capital letter U and G.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Update docs/sources/auth/azuread.md
Adjust punctuation for clarity.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Update docs/sources/auth/azuread.md
Place Note in correct bold markup following style guide.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Update docs/sources/auth/azuread.md
Bold markup for UI fields.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Update docs/sources/auth/azuread.md
Capital for id > ID.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Including suggestions as noted by Diana Payton
* adjusting object IDs to match the docs.microsoft style
* using bold for UI elements
* Other fixes as needed
Update docs/sources/auth/azuread.md
Capital for id > ID.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Update docs/sources/auth/azuread.md
Add the adverb to place the next step directly after the previous step in sequence.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Update docs/sources/auth/azuread.md
Change remaining lowercase "id" use to upper case "ID" when it
appears in text.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Applying achatterjee's suggestions
Accepting the changes:
* Adding in articles
* Adjusting prepositions
* Other changes as requests
Completing this commit through the Github web interface for added speed.
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Added group mapping to support team sync in the Generic OAuth provider.
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* add parameter empty_scopes to override scope parameter with empty value and thus be able to authenticate against IdPs without scopes. Issue #27503
Update docs/sources/auth/generic-oauth.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* updated check according to feedback
* Update generic-oauth.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* OAuth: Add strict role mapping
By default the user is assigned the role Viewer if role_attribute_path
doesn't return a role, which is not always desirable. This commit adds a
strict mode, which deny the user access if a role isn't returned.
Fix#26626
* Update docs/sources/auth/generic-oauth.md
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Update docs/sources/auth/generic-oauth.md
* Update .gitignore file with WAN
* Removed WAN from .gitignore
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <aparajita.chatterjee@grafana.com>
* Changes. to metadata in Manage users
* changes to install section
* Added titile
* More changes.
* Updated administration folder metadata, moved 2 files from installation folder.
* Added links to Administration landing page, other metadata changes worked out.
* Updated alerting section metadata.
* Updated metadata of Auth section. Broke index and created separate Grafana Authentication section.
* Added correct weight.
* Updated metadata for the Best practices section.
* Updated metadata in templates, broke Overview topic.
* Updated subment Variable types metadata
* Fixed yaml file and H1 description of Variables syntax topic.
* Couple more metadata changes.
* Added aliases files, as suggested by Diana.
Allows login_maximum_inactive_lifetime_duration and
login_maximum_lifetime_duration to be configured using
time.Duration-compatible values while retaining backward compatibility.
Fixes#17554
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Fix list of sample providers
The sample providers on this page has changed, so the list at the top of the page is no longer correct. Also link to Octo and Azure AD pages from here, since they are also OAuth2 providers.
* Fix misspelled Okta
* Make bullet list of OAuth2 providers
* Sort list of OAuth2 providers alphabetically
