Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Grafana documentation Set up Configure security Configure authentication Grafana Com OAuth2

Configure Grafana Com authentication

To enable GrafanaCom as your authentication provider, you configure it to generate a client ID and a secret key.

Create GrafanaCom OAuth keys

To use GrafanaCom authentication:

1. Log in to GrafanaCom.
2. To create an OAuth client, locate your organization and click OAuth Clients.
3. Click Add OAuth Client Application.
4. Add the name and URL of your running Grafana instance.
5. Click Add OAuth Client.
6. Copy the client ID and secret key or the configuration that has been generated.

The following snippet shows an example configuration:

ini Copy

[auth.grafana_com]
enabled = true
allow_sign_up = true
auto_login = false
client_id = 450bc21c10dc2194879d
client_secret = eyJ0Ijoib2F1dGgyYyIhlmlkIjoiNzUwYmMzM2MxMGRjMjE6NDh3OWQiLCJ2IjoiZmI1YzVlYmIwYzFmN2ZhYzZmNjIwOGI1NmVkYTRlNWYxMzgwM2NkMiJ9
scopes = user:email
allowed_organizations = sampleorganization
enabled = true

Configure automatic login

Set auto_login option to true to attempt login automatically, skipping the login screen. This setting is ignored if multiple auth providers are configured to use auto login.

Copy

auto_login = true

Skip organization role sync

To prevent the sync of org roles from Grafana.com, set skip_org_role_sync to true. This is useful if you want to manage the organization roles for your users from within Grafana.

ini Copy

[auth.grafana_com]
# ..
# prevents the sync of org roles from Grafana.com
skip_org_role_sync = true