Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.
Configure Grafana Cloud authentication
To enable Grafana Cloud as the Identity Provider for a Grafana instance, generate a client ID and client secret and apply the configuration to Grafana.
Create Grafana Cloud OAuth Client Credentials
To use Grafana Cloud authentication:
- Log in to Grafana Cloud.
- To create an OAuth client, locate your organization and click OAuth Clients.
- Click Add OAuth Client Application.
- Add the name and URL of your running Grafana instance.
- Click Add OAuth Client.
- Copy the client ID and client secret or the configuration that has been generated.
The following snippet shows an example configuration:
[auth.grafana_com]
enabled = true
allow_sign_up = true
auto_login = false
client_id = 450bc21c10dc2194879d
client_secret = eyJ0Ijoib2F1dGgyYyIhlmlkIjoiNzUwYmMzM2MxMGRjMjE6NDh3OWQiLCJ2IjoiZmI1YzVlYmIwYzFmN2ZhYzZmNjIwOGI1NmVkYTRlNWYxMzgwM2NkMiJ9
scopes = user:email
allowed_organizations = sampleorganization
enabled = true
Configure automatic login
Set auto_login
option to true to attempt login automatically, skipping the login screen.
This setting is ignored if multiple auth providers are configured to use auto login.
auto_login = true
Skip organization role sync
If a user signs in with their Grafana Cloud credentials, their assigned org role overrides the role defined in the Grafana instance. To prevent Grafana Cloud roles from synchronizing, set skip_org_role_sync
to true
. This is useful if you want to manage the organization roles for your users from within Grafana.
[auth.grafana_com]
# ..
# prevents the sync of org roles from Grafana.com
skip_org_role_sync = true