Closed bioszombie closed 1 year ago
which keycloak auth are you referring to? there isn't any in here.
I ended up using Authentik. In the docker compose file I edited the grafana section to show:
`grafana: environment: GF_ROOT_URL: "http://host_ip_here:port_here/" GF_AUTH_GENERIC_OAUTH_ENABLED: "true" GF_AUTH_GENERIC_OAUTH_NAME: "authentik" GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "CLIENT HERE" GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "SECRET HERE" GF_AUTH_GENERIC_OAUTH_SCOPES: "openid profile email" GF_AUTH_GENERIC_OAUTH_AUTH_URL: "https://authentik.site.com/application/o/authorize/" GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "https://authentik.site.com/application/o/token/" GF_AUTH_GENERIC_OAUTH_API_URL: "https://authentik.site.com/application/o/userinfo/" GF_AUTH_SIGNOUT_REDIRECT_URL: "https://authentik.site.com/if/end-session/grafana/"
GF_AUTH_OAUTH_AUTO_LOGIN: "true"
# Optionally map user groups to Grafana roles
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'"`
This enabled me to have single sign-on with the rest of the apps I use on the network.
Team,
Where can I update the config for keycloak authentication?