Use UAA for Grafana authentication/authorisation

[JCL38-ORANGE]

Hello,

I succeed in using UAA for grafana authentification. Now I would like to use it for authorisation (i.e mapping Admin, Editor and viewer roles with specific scopes). I made it working with the LDAP integration but it seems not possible with the UAA integration. Coud you confirm ? Do you plan to implement a such feature in the following weeks or months ? Thanks and regards, Jean-Christophe.

[JCL38-ORANGE]

Hello,

Some details about my implementation. I am using grafana in a bosh context => https://github.com/bosh-prometheus/prometheus-boshrelease I set up the configuration oauth with this documentation => https://github.com/bosh-prometheus/prometheus-boshrelease#use-uaa-for-grafana-authentication This configuration uses the generic oauth plugin => http://docs.grafana.org/installation/configuration/ My doubts about the authorisation implementation => https://stackoverflow.com/questions/41397059/how-to-tell-grafana-using-oauth-that-some-user-is-admin-or-belong-to-some-org Thanks and regards for your confirmation, Jean-Christophe.

[frodenas]

This is not possible actually. Grafana is working on external auth backends (see https://github.com/grafana/grafana/pull/11354), this will allow to create a custom UAA plugin that can be used to map roles/orgs.

[wireless00]

I have to say I am lost in all the threads related to that question. So, is there any development regarding roles maping in 5.1 or should I only expect to have such feature included in the 5.3 release.

Also, I am wondering if using the Grafana API bind with a microservice to manage such a feature would be more efficient .... hummm...

[github-actions[bot]]

This issue is stale because it has been open 60 days with no activity. Comment or this will be closed in 5 days.

[github-actions[bot]]

This issue was automatically closed because it has been stalled for 5 days with no activity.