IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-16 18:34:52 -06:00
Code Issues Packages Projects Releases Wiki Activity
3bd6b8a5ae
grafana/docs/sources/auth/google.md
Jack Baldry 51dfcd7d37
Add current alias to all files (#48635) 
* Add aliases to all files

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Prettify front matter

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
2022-05-17 08:24:11 -07:00

2.1 KiB
Raw Blame History

+++ aliases = ["/docs/grafana/latest/auth/google/"] description = "Grafana OAuthentication Guide " keywords = ["grafana", "configuration", "documentation", "oauth"] title = "Google OAuth2 Authentication" weight = 600 +++

Google OAuth2 Authentication

To enable Google OAuth2 you must register your application with Google. Google will generate a client ID and secret key for you to use.

Create Google OAuth keys

First, you need to create a Google OAuth Client:

  1. Go to https://console.developers.google.com/apis/credentials.
  2. Click Create Credentials, then click OAuth Client ID in the drop-down menu
  3. Enter the following:
  4. Click Create
  5. Copy the Client ID and Client Secret from the 'OAuth Client' modal

Enable Google OAuth in Grafana

Specify the Client ID and Secret in the [Grafana configuration file]({{< relref "../administration/configuration.md#config-file-locations" >}}). For example:

[auth.google]
enabled = true
client_id = CLIENT_ID
client_secret = CLIENT_SECRET
scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
auth_url = https://accounts.google.com/o/oauth2/auth
token_url = https://accounts.google.com/o/oauth2/token
allowed_domains = mycompany.com mycompany.org
allow_sign_up = true

You may have to set the root_url option of [server] for the callback URL to be correct. For example in case you are serving Grafana behind a proxy.

Restart the Grafana back-end. You should now see a Google login button on the login page. You can now login or sign up with your Google accounts. The allowed_domains option is optional, and domains were separated by space.

You may allow users to sign-up via Google authentication by setting the allow_sign_up option to true. When this option is set to true, any user successfully authenticating via Google authentication will be automatically signed up.