IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-13 17:15:40 -06:00
Code Issues Packages Projects Releases Wiki Activity

document auth_style option (#51697)

Browse Source
This commit is contained in:
Ieva 2022-07-04 14:22:19 +01:00 committed by GitHub
parent c9708e1813
commit 1768e09cfd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/sources/setup-grafana/configure-security/configure-authentication/generic-oauth.md
View File

@ -51,6 +51,7 @@ tls_client_cert =
tls_client_key =
tls_client_ca =
use_pkce = true
auth_style =
```
Set `api_url` to the resource that returns [OpenID UserInfo](https://connect2id.com/products/server/docs/api/userinfo) compatible information.
@ -63,6 +64,9 @@ You can also specify the SSL/TLS configuration used by the client.
`tls_skip_verify_insecure` controls whether a client verifies the server's certificate chain and host name. If it is true, then SSL/TLS accepts any certificate presented by the server and any host name in that certificate. _You should only use this for testing_, because this mode leaves SSL/TLS susceptible to man-in-the-middle attacks.
`auth_style` controls which [OAuth2 AuthStyle](https://pkg.go.dev/golang.org/x/oauth2#AuthStyle) is used when token is requested from OAuth provider. It determines how `client_id` and `client_secret` are sent to Oauth provider.
Available values are `AutoDetect`, `InParams` and `InHeader`. By default, `AutoDetect` is used.
Set `empty_scopes` to true to use an empty scope during authentication. By default, Grafana uses `user:email` as scope.
### Email address