Closed Andy--Rose closed 6 years ago
Hey @Andy--Rose , thanks for writing in!
@kevinhogan111 did you end up figuring out the right settings for this? Or does chronograf need direct support for azure?
We weren't able to able to find the right settings to get this working. The error I kept getting was: level=error msg="Unable to exchange code for token oauth2: cannot fetch token: 400 Bad Request\nResponse: {\"error\":\"invalid_resource\",\"error_description\":\"AADSTS50001: Resource identifier is not provided.
We think chronograf may need something similar to bmorton
mentions in their comment from March 24th here: https://github.com/golang/oauth2/issues/112
@kevinhogan111 what command-line options did you try?
@goller I do believe that Chronograf is going to need Azure specific configuration, specifically the resource
parameter.
This discussion on adding Azure to the bitly/oauth2_proxy should be relevant: https://github.com/bitly/oauth2_proxy/pull/170
@tyauvil great! I'm on it.
Ok, I have a PR #2400 up for review. I've added another option to allow override for oauth api url responses. The default is email
but azure is userPrincipalName
.
I'm thinking about making azure specific options, but, PR #2400 rounds out the generic oauth feature.
Please add Azure to supported Oauth providers.
Andy Rose The Trade Desk