IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use read_api scope for GitLab OAuth (#27976)

Browse Source 
`read_api` seems to be the minimal scope currently which can be used, it shall be preferred over `api` which grants complete read/write access.

- https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28944#note_322904691
- https://gitlab.com/gitlab-org/gitlab/-/issues/21909
This commit is contained in:
vin01 2020-10-01 18:29:48 +00:00 committed by GitHub
parent 185442115c
commit 78a2026a82
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/sources/auth/gitlab.md
View File

@ -31,9 +31,9 @@ instance, if you access Grafana at `http://203.0.113.31:3000`, you should use
http://203.0.113.31:3000/login/gitlab
```
Finally, select *api* as the *Scope* and submit the form. Note that if you're
Finally, select *read_api* as the *Scope* and submit the form. Note that if you're
not going to use GitLab groups for authorization (i.e. not setting
`allowed_groups`, see below), you can select *read_user* instead of *api* as
`allowed_groups`, see below), you can select *read_user* instead of *read_api* as
the *Scope*, thus giving a more restricted access to your GitLab API.
You'll get an *Application Id* and a *Secret* in return; we'll call them