From 3ce76e1e7808436cba77fc8b9b0ebf7f1b82aefe Mon Sep 17 00:00:00 2001 From: Gabriel MABILLE Date: Thu, 22 Sep 2022 17:34:00 +0200 Subject: [PATCH] SAML: Allow wildcard mapping to add user to all existing orgs (#55628) --- .../configure-security/configure-authentication/saml.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/sources/setup-grafana/configure-security/configure-authentication/saml.md b/docs/sources/setup-grafana/configure-security/configure-authentication/saml.md index 39c7807f041..1a2892c1bad 100644 --- a/docs/sources/setup-grafana/configure-security/configure-authentication/saml.md +++ b/docs/sources/setup-grafana/configure-security/configure-authentication/saml.md @@ -340,10 +340,17 @@ You can specify multiple organizations both for the IdP and Grafana: - `org_mapping = Engineering:2, Sales:2` to map users from `Engineering` and `Sales` to `2` in Grafana. - `org_mapping = Engineering:2, Engineering:3` to assign `Engineering` to both `2` and `3` in Grafana. -You can use `*` as an Organization if you want all your users to be in some organizations with a default role: +You can use `*` as the SAML Organization if you want all your users to be in some Grafana organizations with a default role: - `org_mapping = *:2:Editor` to map all users to `2` in Grafana as Editors. +> **Note:** Available in Grafana version 9.2 and later. + +You can use `*` as the Grafana organization in the mapping if you want all users from a given SAML Organization to be added to all existing Grafana organizations. + +- `org_mapping = Engineering:*` to map users from `Engineering` to all existing Grafana organizations. +- `org_mapping = Administration:*:Admin` to map users from `Administration` to all existing Grafana organizations as Admins. + ### Configure allowed organizations > **Note:** Available in Grafana version 7.0 and later.