Hi all,
Im having alil difficulty with the okta oauth setting’s. Ive been checking from my network tab and it seem’s nothing is being redirected to Okta atm:
Current settings in my grafana.ini file:
[auth.okta]
name = Okta
enabled = true
allow_sign_up = true
client_id = some_id
client_secret = some_secret
scopes = openid profile email groups
auth_url = https://company.okta-emea.com/oauth2/v1/authorize
token_url = same as above but with /token
api_url = same as above but with /userinfo
allowed_domains = xxx → not sure what to put here
log_level = debug → is this correct?
allowed_groups = infra-only → allowing only this group from Okta
role_attribute_path = GF_AUTH_ROLE_ATTRIBUTE_PATH=“contains(groups[], ‘okta-grafana-admin’) && ‘Admin’ || contains(groups[], ‘okta-grafana-reader’) && ‘Editor’ || ‘Viewer’”
A few things I’ve also noticed from Okta’s side - the OIDC app under Web doesn’t have a base URL.
