SSO login to Grafana

June 28, 2019

Page content

Configurate Gitab to use Keycloak as SSO Identity Proider.

Configurate Keycloak

Configurate Gitlab

nano /etc/grafana/grafana.ini
#################################### Generic OAuth ##########################
[auth.generic_oauth]
enabled = true
name = SSO
allow_sign_up = true
client_id = gitlab
client_secret = 47fd3013-4333-4825-bbfa-b7688548d9cf
# for old version
# scopes = user:email,read:org
scopes = openid email profile
auth_url = https://sso.devopstales.intra/auth/realms/gitlab/protocol/openid-connect/auth
token_url = https://sso.devopstales.intra/auth/realms/gitlab/protocol/openid-connect/token
api_url = https://sso.devopstales.intra/auth/realms/gitlab/protocol/openid-connect/userinfo
;team_ids =
;allowed_organizations =