mirror of
https://github.com/grafana/grafana.git
synced 2025-07-28 21:02:22 +08:00
a568d421f8
* builds out refactored setup topics * Automatically fix some relrefs with mv-manager Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Use refs for tutorials content which is outside of this repository Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Manually fix complicated relrefs Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * consolidates team sync and db encryption topics * Fix relrefs Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * updates setup index file * Convert TOML to YAML Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Add current alias for new alerting content Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Add current aliases to new setup-grafana and configure-security pages Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * moves saml docs, updates order in TOC * Manually fix relrefs Signed-off-by: Jack Baldry <jack.baldry@grafana.com> * added usage insights topics, adjusted weights * corrected relrefs * Fix relrefs broken in rebase Signed-off-by: Jack Baldry <jack.baldry@grafana.com> Co-authored-by: Jack Baldry <jack.baldry@grafana.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
56 lines
2.2 KiB
Markdown
56 lines
2.2 KiB
Markdown
---
|
|
aliases:
|
|
- /docs/grafana/latest/auth/google/
|
|
- /docs/grafana/latest/setup-grafana/configure-security/configure-authentication/google/
|
|
description: Grafana OAuthentication Guide
|
|
title: Configure Google OAuth2 Authentication
|
|
weight: 300
|
|
---
|
|
|
|
# Configure Google OAuth2 authentication
|
|
|
|
To enable Google OAuth2 you must register your application with Google. Google will generate a client ID and secret key for you to use.
|
|
|
|
## Create Google OAuth keys
|
|
|
|
First, you need to create a Google OAuth Client:
|
|
|
|
1. Go to https://console.developers.google.com/apis/credentials.
|
|
1. Click **Create Credentials**, then click **OAuth Client ID** in the drop-down menu
|
|
1. Enter the following:
|
|
- Application Type: Web Application
|
|
- Name: Grafana
|
|
- Authorized JavaScript Origins: https://grafana.mycompany.com
|
|
- Authorized Redirect URLs: https://grafana.mycompany.com/login/google
|
|
- Replace https://grafana.mycompany.com with the URL of your Grafana instance.
|
|
1. Click Create
|
|
1. Copy the Client ID and Client Secret from the 'OAuth Client' modal
|
|
|
|
## Enable Google OAuth in Grafana
|
|
|
|
Specify the Client ID and Secret in the [Grafana configuration file]({{< relref "../../configure-grafana/#config-file-locations" >}}). For example:
|
|
|
|
```bash
|
|
[auth.google]
|
|
enabled = true
|
|
client_id = CLIENT_ID
|
|
client_secret = CLIENT_SECRET
|
|
scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
|
|
auth_url = https://accounts.google.com/o/oauth2/auth
|
|
token_url = https://accounts.google.com/o/oauth2/token
|
|
allowed_domains = mycompany.com mycompany.org
|
|
allow_sign_up = true
|
|
```
|
|
|
|
You may have to set the `root_url` option of `[server]` for the callback URL to be
|
|
correct. For example in case you are serving Grafana behind a proxy.
|
|
|
|
Restart the Grafana back-end. You should now see a Google login button
|
|
on the login page. You can now login or sign up with your Google
|
|
accounts. The `allowed_domains` option is optional, and domains were separated by space.
|
|
|
|
You may allow users to sign-up via Google authentication by setting the
|
|
`allow_sign_up` option to `true`. When this option is set to `true`, any
|
|
user successfully authenticating via Google authentication will be
|
|
automatically signed up.
|