grafana/docs/sources/auth/google.md

+++
title = "Google OAuth2 Authentication"
description = "Grafana OAuthentication Guide "
keywords = ["grafana", "configuration", "documentation", "oauth"]
type = "docs"
[menu.docs]
name = "Google"
identifier = "google_oauth2"
parent = "authentication"
weight = 600
+++

# Google OAuth2 Authentication

To enable Google OAuth2 you must register your application with Google. Google will generate a client ID and secret key for you to use.

## Create Google OAuth keys

First, you need to create a Google OAuth Client:

1. Go to https://console.developers.google.com/apis/credentials.
1. Click **Create Credentials**, then click **OAuth Client ID** in the drop-down menu
1. Enter the following:
   - Application Type: Web Application
   - Name: Grafana
   - Authorized JavaScript Origins: https://grafana.mycompany.com
   - Authorized Redirect URLs: https://grafana.mycompany.com/login/google
   - Replace https://grafana.mycompany.com with the URL of your Grafana instance.
1. Click Create
1. Copy the Client ID and Client Secret from the 'OAuth Client' modal

## Enable Google OAuth in Grafana

Specify the Client ID and Secret in the [Grafana configuration file]({{< relref "../administration/configuration.md#config-file-locations" >}}). For example:

```bash
[auth.google]
enabled = true
client_id = CLIENT_ID
client_secret = CLIENT_SECRET
scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
auth_url = https://accounts.google.com/o/oauth2/auth
token_url = https://accounts.google.com/o/oauth2/token
allowed_domains = mycompany.com mycompany.org
allow_sign_up = true
```

You may have to set the `root_url` option of `[server]` for the callback URL to be 
correct. For example in case you are serving Grafana behind a proxy.

Restart the Grafana back-end. You should now see a Google login button
on the login page. You can now login or sign up with your Google
accounts. The `allowed_domains` option is optional, and domains were separated by space.

You may allow users to sign-up via Google authentication by setting the
`allow_sign_up` option to `true`. When this option is set to `true`, any
user successfully authenticating via Google authentication will be
automatically signed up.
docs: updated 2018-09-06 05:11:56 -05:00			`+++`
			`title = "Google OAuth2 Authentication"`
			`description = "Grafana OAuthentication Guide "`
			`keywords = ["grafana", "configuration", "documentation", "oauth"]`
			`type = "docs"`
			`[menu.docs]`
docs: Updated auth docs 2018-09-06 06:15:36 -05:00			`name = "Google"`
docs: spelling (#24383) * Docs: spelling * Docs: spelling (contribute/ directory) * Drop whats-new-in changes 2020-06-30 16:42:50 -05:00			`identifier = "google_oauth2"`
docs: updated 2018-09-06 05:11:56 -05:00			`parent = "authentication"`
Change metadata of doc topics (#27943) * Changes. to metadata in Manage users * changes to install section * Added titile * More changes. * Updated administration folder metadata, moved 2 files from installation folder. * Added links to Administration landing page, other metadata changes worked out. * Updated alerting section metadata. * Updated metadata of Auth section. Broke index and created separate Grafana Authentication section. * Added correct weight. * Updated metadata for the Best practices section. * Updated metadata in templates, broke Overview topic. * Updated subment Variable types metadata * Fixed yaml file and H1 description of Variables syntax topic. * Couple more metadata changes. * Added aliases files, as suggested by Diana. 2020-10-01 16:37:26 -05:00			`weight = 600`
docs: updated 2018-09-06 05:11:56 -05:00			`+++`

			`# Google OAuth2 Authentication`

Google OAuth Docs: Fix typos (#25790) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 2020-06-24 08:46:31 -05:00			`To enable Google OAuth2 you must register your application with Google. Google will generate a client ID and secret key for you to use.`
docs: updated 2018-09-06 05:11:56 -05:00
			`## Create Google OAuth keys`

			`First, you need to create a Google OAuth Client:`

Correcting Line 22 (#22292) * Correcting Line 22 Menu drop down is correct description for the control , rather than the menu that drops down * Update docs/sources/auth/google.md Co-Authored-By: Diana Payton <52059945+oddlittlebird@users.noreply.github.com> * Update docs/sources/auth/google.md Co-Authored-By: Diana Payton <52059945+oddlittlebird@users.noreply.github.com> Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com> 2020-02-20 03:16:25 -06:00			`1. Go to https://console.developers.google.com/apis/credentials.`
Docs: Fixed lazy numbering in all documentation files (#27975) 2020-10-01 11:45:05 -05:00			`1. Click Create Credentials, then click OAuth Client ID in the drop-down menu`
			`1. Enter the following:`
docs: updated 2018-09-06 05:11:56 -05:00			`- Application Type: Web Application`
			`- Name: Grafana`
Google OAuth Docs: Fix typos (#25790) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 2020-06-24 08:46:31 -05:00			`- Authorized JavaScript Origins: https://grafana.mycompany.com`
docs: updated 2018-09-06 05:11:56 -05:00			`- Authorized Redirect URLs: https://grafana.mycompany.com/login/google`
			`- Replace https://grafana.mycompany.com with the URL of your Grafana instance.`
Docs: Fixed lazy numbering in all documentation files (#27975) 2020-10-01 11:45:05 -05:00			`1. Click Create`
			`1. Copy the Client ID and Client Secret from the 'OAuth Client' modal`
docs: updated 2018-09-06 05:11:56 -05:00
			`## Enable Google OAuth in Grafana`

Docs: Update configuration.md (#25707) * Update configuration.md * moved configuration.md to administration folder * updated links * Added quota section * Update upgrading.md * Update configuration.md * Update configuration.md * Update configuration.md * Updating links * Update configuration.md * Update configuration.md * Update configuration.md Reworked the security options * Update configuration.md * Update configuration.md * Update provisioning.md * Update provisioning.md * Update configuration.md * Update configuration.md * Update docs/sources/administration/configuration.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-06-23 11:56:44 -05:00			`Specify the Client ID and Secret in the [Grafana configuration file]({{< relref "../administration/configuration.md#config-file-locations" >}}). For example:`
docs: updated 2018-09-06 05:11:56 -05:00
			```bash
			`[auth.google]`
			`enabled = true`
			`client_id = CLIENT_ID`
			`client_secret = CLIENT_SECRET`
			`scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email`
			`auth_url = https://accounts.google.com/o/oauth2/auth`
			`token_url = https://accounts.google.com/o/oauth2/token`
			`allowed_domains = mycompany.com mycompany.org`
			`allow_sign_up = true`
			```

grafana/grafana#13340 complete oauth doc 2018-10-11 14:22:02 -05:00			You may have to set the `root_url` option of `[server]` for the callback URL to be
			`correct. For example in case you are serving Grafana behind a proxy.`

docs: updated 2018-09-06 05:11:56 -05:00			`Restart the Grafana back-end. You should now see a Google login button`
			`on the login page. You can now login or sign up with your Google`
			accounts. The `allowed_domains` option is optional, and domains were separated by space.

			`You may allow users to sign-up via Google authentication by setting the`
			`allow_sign_up` option to `true`. When this option is set to `true`, any
			`user successfully authenticating via Google authentication will be`
			`automatically signed up.`