Generic OAuth redirect URL problem

Hi,
I’ve got a problem with a redirecting on Generic OAuth using Keycloak. My grafana and keycloak are running on other machine as docker containers. Now I’m trying from my PC to login into Grafana like that:
http://other_machine_host:3000/, clicking OAuth button, then it redirects me to http://other_machine_host:8080 (keycloak) and then it’s trying to redirect me back, but on http://grafana.staged-by-discourse.com. How to deal with that? I’m connected with that machine by SSH Key.
When I changed my root_url to that:

domain = other_machine_host:3000
root_url = "%(protocol)s://%(domain)s/grafana/"

Then I’m getting http://other_machine_host:3000/grafana/login loop of redirects.

Thanks for your help.

I repaired that… But now I’ve got problem with login.OAuthLogin(missing saved state). After logging on keycloak dashboard after clicking “OAuth login”. My grafana.ini:

[server]
domain = other_machine_host

[session]
cookie_secure = true
cookie_samesite = lax

[auth.generic_oauth]
enabled = true
name = generic_oauth
allow_sign_up = true
scopes: openid profile
client_id = name_of_client
client_secret = generated_secret
auth_url = http://other_machine_host:8080/auth/realms/name_of_client/protocol/openid-connect/auth
token_url = http://other_machine_host:8080/auth/realms/name_of_client/protocol/openid-connect/token
api_url = http://other_machine_host:8080/auth/realms/name_of_client/protocol/openid-connect/userinfo

When my scopes are default, then I’ve got an error during login on redirected keycloak (Invalid scope).