Azure AD OAuth2 authentication

We have Kiali and Grafana setup in AKS and both are accessible through AKS ingress individually through oauth integration. Both working fine…

Now from Kiali, when I am trying to use “view in grafana” option, it is taking me to grafana login page where i used AAD account to get authenticated…As soon as auth is done, it is throwing - login.OAuthLogin(missing saved state)

Note - It is working fine if rather then trying to log using AAD, if i log with admin user and password… It seems that somehow it is missing the session/cookies i believe but not sure…

Try to configure cookie samesite setting to none bear in mind correct syntax/ lowercase value)

still same error…

Here is the part of grafana configmap -


It was working absolutely file when i am accessing Grafana directly but after adding cookie_samesite = none, even direct access stopped working… Redirection from Kiali to Grafana is not working either…

You are using https so cookie secure true setting is missing. Use browser console to inspect each login step: if it is trying to set cookie - network inspector and if it was able to set that cookie - storage inspector. Some browser may log error to the console if there is a problem to set a cookie.

:frowning: Still same error…

Here is the cookie information from browser -

image

@jangaraj - My dear friend, thanks for the help…

Issue is resolved and it was more of CORs issue then cookies… I got clue from your reply to watch for browser cookie blockage…

Thanks again…