Auth.Proxy and Group/Org assignment of users

redchili · February 10, 2019, 8:22pm

Hello,

I’m looking for a design how one would use auth.proxy (via SAML2) together with multiple organisations?
From LDAP it was easily possible to assign an org from an LDAP group.
Now I do not have LDAP information anymore and I’d like to use SAML assertions (where I get group names) to assign a user (who is member of one or more groups) permissions to certain organisations.

However this seems to be not possible? I’m missing a permission setting in grafana where you can create groups and assign access to one or more organisations, and also an option to pass groups (SAML assertions) from auth.proxy to grafana?

Has anyone solved this?

Thx,
Reinhard

torkel · February 11, 2019, 6:21pm

This is not currently possible

redchili · February 12, 2019, 6:52pm

Thanks for the confirmation! I guess this is ONLY possible through LDAP then.
“currently” gives hope to consider this as a future feature maybe? (guess it depends on requirements in the community)

Topic		Replies	Views
Servers.group_mappings with auth.proxy Configuration	2	1048	February 10, 2019
Auth.proxy and auth.ldap enabled. LDAP Admin user screw up after the organization creation Grafana	1	1173	June 9, 2018
Configure SAML auth in Grafana Authentication templating	0	319	October 11, 2022
Integrate apache auth proxy with LDAP group mapping Configuration	0	548	March 15, 2019
Different roles for organisation via SAML Authentication	0	240	July 27, 2022

Auth.Proxy and Group/Org assignment of users

Related topics