From dbef739814116fe82c110c9a665ff4f3ac78ddd6 Mon Sep 17 00:00:00 2001 From: linoman <2051016+linoman@users.noreply.github.com> Date: Fri, 27 Jun 2025 16:58:29 +0200 Subject: [PATCH] SCIM: Update authentication features table (#107299) * Update authentication features table --- .../configure-authentication/_index.md | 34 ++++++++++--------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/docs/sources/setup-grafana/configure-security/configure-authentication/_index.md b/docs/sources/setup-grafana/configure-security/configure-authentication/_index.md index 076136b7653..821ad95a9ef 100644 --- a/docs/sources/setup-grafana/configure-security/configure-authentication/_index.md +++ b/docs/sources/setup-grafana/configure-security/configure-authentication/_index.md @@ -19,22 +19,22 @@ Grafana provides many ways to authenticate users. Some authentication integratio The following table shows all supported authentication methods and the features available for them. [Team sync](../configure-team-sync/) and [active sync](enhanced-ldap/#active-ldap-synchronization) are only available in Grafana Enterprise. -| Authentication method | Multi Org Mapping | Enforce Sync | Role Mapping | Grafana Admin Mapping | Team Sync | Allowed groups | Active Sync | Skip OrgRole mapping | Auto Login | Single Logout | -| :---------------------------------- | :---------------- | :----------- | :----------- | :-------------------- | :-------- | :------------- | :---------- | :------------------- | :--------- | :------------ | -| [Anonymous access](anonymous-auth/) | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | -| [Auth Proxy](auth-proxy/) | no | yes | yes | no | yes | no | N/A | no | N/A | N/A | -| [Azure AD OAuth](azuread/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | -| [Basic auth](grafana/) | yes | N/A | yes | yes | N/A | N/A | N/A | N/A | N/A | N/A | -| [Passwordless auth](passwordless/) | yes | N/A | yes | yes | N/A | N/A | N/A | N/A | N/A | N/A | -| [Generic OAuth](generic-oauth/) | yes | yes | yes | yes | yes | no | N/A | yes | yes | yes | -| [GitHub OAuth](github/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | -| [GitLab OAuth](gitlab/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | -| [Google OAuth](google/) | yes | no | no | no | yes | no | N/A | no | yes | yes | -| [Grafana.com OAuth](grafana-cloud/) | no | no | yes | no | N/A | N/A | N/A | yes | yes | yes | -| [Okta OAuth](okta/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | -| [SAML](saml/) (Enterprise only) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | -| [LDAP](ldap/) | yes | yes | yes | yes | yes | yes | yes | no | N/A | N/A | -| [JWT Proxy](jwt/) | no | yes | yes | yes | no | no | N/A | no | N/A | N/A | +| Authentication method | Multi Org Mapping | Enforce Sync | Role Mapping | Grafana Admin Mapping | Team Sync | Allowed groups | Active Sync | Skip OrgRole mapping | Auto Login | Single Logout | SCIM support | +| :---------------------------------- | :---------------- | :----------- | :----------- | :-------------------- | :-------- | :------------- | :---------- | :------------------- | :--------- | :------------ | :----------- | +| [Anonymous access](anonymous-auth/) | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | +| [Auth Proxy](auth-proxy/) | no | yes | yes | no | yes | no | N/A | no | N/A | N/A | N/A | +| [Azure AD OAuth](azuread/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | N/A | +| [Basic auth](grafana/) | yes | N/A | yes | yes | N/A | N/A | N/A | N/A | N/A | N/A | N/A | +| [Passwordless auth](passwordless/) | yes | N/A | yes | yes | N/A | N/A | N/A | N/A | N/A | N/A | N/A | +| [Generic OAuth](generic-oauth/) | yes | yes | yes | yes | yes | no | N/A | yes | yes | yes | N/A | +| [GitHub OAuth](github/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | N/A | +| [GitLab OAuth](gitlab/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | N/A | +| [Google OAuth](google/) | yes | no | no | no | yes | no | N/A | no | yes | yes | N/A | +| [Grafana.com OAuth](grafana-cloud/) | no | no | yes | no | N/A | N/A | N/A | yes | yes | yes | N/A | +| [Okta OAuth](okta/) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | N/A | +| [SAML](saml/) (Enterprise only) | yes | yes | yes | yes | yes | yes | N/A | yes | yes | yes | yes | +| [LDAP](ldap/) | yes | yes | yes | yes | yes | yes | yes | no | N/A | N/A | N/A | +| [JWT Proxy](jwt/) | no | yes | yes | yes | no | no | N/A | no | N/A | N/A | N/A | Fields explanation: @@ -58,6 +58,8 @@ Fields explanation: **Single Logout:** Logging out from Grafana also logs you out of provider session +**SCIM support:** Support for SCIM provisioning. Supported Identity Providers are Azure AD and Okta. + ## Configuring multiple identity providers Grafana allows you to configure more than one authentication provider, however it is not possible to configure the same type of authentication provider twice.