IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Auth: Allow admins to manually change oauth user role if oauth_skip_org_role_update_sync is enabled (#55182)

Browse Source 
* Auth: Allow admins to change oauth user info it it's not synced.

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update public/app/features/admin/UserAdminPage.tsx

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>

* Add missing import

* Simplify init

Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>

* SAML: Add option to skip org role sync (#55230)

* SAML: Add option to skip org role sync

* Modify frontend accordingly

* Remove update from config option name

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Remove update from config option name

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Fix typo

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com>
This commit is contained in:
Jo
2022-09-15 18:06:09 +02:00
committed by GitHub
parent ebcbb66548
commit 3e2e9f93b9
7 changed files with 39 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/sources/setup-grafana/configure-security/configure-authentication/saml.md
View File

@@ -297,7 +297,7 @@ For more information about roles and permissions in Grafana, refer to [Roles and
Example configuration:
```bash
```ini
[auth.saml]
assertion_attribute_role = role
role_values_editor = editor, developer
@@ -307,6 +307,17 @@ role_values_grafana_admin = superadmin
**Important**: When role sync is configured, any changes of user roles and organization membership made manually in Grafana will be overwritten on next user login. Assign user organizations and roles in the IdP instead.
> **Note:** Available in Grafana version 9.2 and later.
If you don't want user organizations and roles to be synchronized with the IdP, you can use the `skip_org_role_sync` configuration option.
Example configuration:
```ini
[auth.saml]
skip_org_role_sync = true
```
### Configure organization mapping
> **Note:** Available in Grafana version 7.0 and later.