Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.
Configure Grafana Com authentication
To enable GrafanaCom as your authentication provider, you configure it to generate a client ID and a secret key.
Create GrafanaCom OAuth keys
To use GrafanaCom authentication:
- Log in to GrafanaCom.
- To create an OAuth client, locate your organization and click OAuth Clients.
- Click Add OAuth Client Application.
- Add the name and URL of your running Grafana instance.
- Click Add OAuth Client.
- Copy the client ID and secret key or the configuration that has been generated.
The following snippet shows an example configuration:
[auth.grafana_com]
enabled = true
allow_sign_up = true
auto_login = false
client_id = 450bc21c10dc2194879d
client_secret = eyJ0Ijoib2F1dGgyYyIhlmlkIjoiNzUwYmMzM2MxMGRjMjE6NDh3OWQiLCJ2IjoiZmI1YzVlYmIwYzFmN2ZhYzZmNjIwOGI1NmVkYTRlNWYxMzgwM2NkMiJ9
scopes = user:email
allowed_organizations = sampleorganization
enabled = true
Configure automatic login
Set auto_login
option to true to attempt login automatically, skipping the login screen.
This setting is ignored if multiple auth providers are configured to use auto login.
auto_login = true
Skip organization role sync
If a user signs in with their Grafana.com credentials, their assigned org role overrides the role defined in the Grafana instance. To prevent Grafana.com roles from synchronizing, set skip_org_role_sync
to true
. This is useful if you want to manage the organization roles for your users from within Grafana.
[auth.grafana_com]
# ..
# prevents the sync of org roles from Grafana.com
skip_org_role_sync = true