Configure authorization and permissions

Grafana Cloud user authorization and permissions

You can configure multiple ways to allow users to access your Grafana Cloud instance. Once they have been authenticated, you can then grant them roles with permissions that allow them different capabilities.

Authorization and authentication

Grafana Cloud uses Open Authorization, with as the authentication provider, by default, for all user accounts. If you are using a Grafana Cloud Pro or Grafana Advanced account, you also have the option to configure the following authentication or authorization methods:

  • OAuth
  • SAML
  • LDAP

You can configure Open Authorization (OAuth2) for your Grafana instance using Google, GitHub, and Azure AD client IDs. To configure SAML, LDAP, and OAuth for other providers, please contact support.

To learn how to configure and enable OAuth from your Grafana Cloud stack, see Configure Open Authorization.

User Roles and Permissions

You can assign users roles and permissions that allow them different capabilities. To learn more about the specific capabilities assigned to each role, see User account roles and permissions.

Configure user roles

You can assign users to one of three roles: Admin, Editor, and Viewer.

  1. From your Grafana Cloud instance home page, click the Configuration(gear) icon and select Users.
  2. In the Role column, select a role from the dropdown menu.