* replace relrefs and minor edits
* add new content and links
* Update docs/sources/setup-grafana/configure-security/configure-authentication/saml/index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-security/configure-authentication/saml/index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* changes from linter and content suggestions
* Update docs/sources/setup-grafana/configure-security/configure-authentication/saml/index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-security/configure-authentication/saml/index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-security/configure-authentication/saml/index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-security/configure-authentication/saml/index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* run prettier
---------
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* Updating SAML for Azure specific attribute structures
Adding additional context surrounding SAML via Azure where the full attribute URL needs to be specified or it will not map correctly.
This generates a lot of support contacts and isn't documented causing friction when organizations can't set it up themselves or lack the technical staff to self manage.
* run prettier
---------
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* added backend support for client_secret_jwt
* added backend support for client_secret_jwt
* added all logic to the exchange function (overloaded social exchange in azuread_oauth to handle managed identity client id)
* ran yarn install to update lock file
* added support for client_secret_jwt when managed_identity_client_id is null
* added audience flag and changed exchange to directly access oauth config using .info
* added logic in setting oauth.Config for supported client authentication values
* added client_authentication, managed_identity_client_id, and audience to sample.ini file
* using provided ctx in ManagedIdentityCallback function
* added frontend support for federated identity credential auth
* added client authentication field
* added Azure AD documentation for Grafana
* added bold font to "Add" keyword in documentation
* minor wording change relating to previous commit
* addressed changing audience to federated_credential_audience, moving validation, and changing managedIdentityCallback to private function
* correction to audience name changing
* fixed orgMappingClientAuthentication function name, and added in logic into validateFederatedCredentialAudience function
* Change docs
* Add iam team as owner of azcore pkg
* added backend support for client_secret_jwt
* added all logic to the exchange function (overloaded social exchange in azuread_oauth to handle managed identity client id)
* ran yarn install to update lock file
* added support for client_secret_jwt when managed_identity_client_id is null
* added audience flag and changed exchange to directly access oauth config using .info
* added logic in setting oauth.Config for supported client authentication values
* added client_authentication, managed_identity_client_id, and audience to sample.ini file
* using provided ctx in ManagedIdentityCallback function
* added frontend support for federated identity credential auth
* added client authentication field
* added Azure AD documentation for Grafana
* added bold font to "Add" keyword in documentation
* minor wording change relating to previous commit
* addressed changing audience to federated_credential_audience, moving validation, and changing managedIdentityCallback to private function
* correction to audience name changing
* fixed orgMappingClientAuthentication function name, and added in logic into validateFederatedCredentialAudience function
* Change docs
* Add iam team as owner of azcore pkg
* updated yarn lock file
* updated doc for correction
* removed wrong changes in pkg directory
* removed newline in dashboard-generate.yaml and unified.ts
* updated yarn.lock to match upstream
* Lint
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* removing unwanted changes
* added back removed newline
* fixed failing test in azuread_oauth_test.go
* Update azuread_oauth.go
removed unnecessary newline, fixed lint
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* add note that support for Auth0 audience feature is not available
* Update docs/sources/setup-grafana/configure-security/configure-authentication/generic-oauth/index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
---------
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Docs: Clean up basic auth, anonymous access and main pages for auth configuration
* Fix the typo
* Prettier should fix this
* fix minor typo
* Update docs/sources/setup-grafana/configure-security/configure-authentication/_index.md
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
---------
Co-authored-by: Irene Rodríguez <irene.rodriguez@grafana.com>
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Move the configuration options to the bottom and extend it
* Improve assertion mapping docs for Okta
* fix typo
* Update index.md
---------
Co-authored-by: Irene Rodríguez <irene.rodriguez@grafana.com>
* add docs describing what GAS is and how it can be configured
* Update configure-group-attribute-sync.md
* Update configure-group-attribute-sync.md
---------
Co-authored-by: Aaron Godin <aaron.godin@grafana.com>
Update Usage insights logs docs: Scope
As far as I can tell, in https://github.com/grafana/grafana/pull/59931
we started to record Usage Insights events for Explore queries.
And in https://github.com/grafana/grafana/pull/78097 we further improved
our implementation of that logging.
This documentation should have been updated back then to match. So I'm
updating it now.
* IAM docs: Transform `API keys` to `Migrate API keys` docs
* Update links to `API keys` in other doc pages
* Grafana UI: update help button link
* Update OpenAPI/Swagger links
* Update docs/sources/administration/service-accounts/migrate-api-keys.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update `relref` links to the new URL
* fix space before em dash
spaces before or after em dashes are not recommended (https://developers.google.com/style/dashes)
---------
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* Auth: Implement org role mapping for google oauth provider
* Update docs
* Remove unused function
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Conf: Add org_mapping and org_attribute_path to github and gitlab conf
* Gitlab: Implement org role mapping
* Update docs
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Social: link to OrgRoleMapper
* OIDC: support Generic Oauth org to role mappings
Fixes: #73448
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Handle when getAllOrgs fails in the org_role_mapper
* Add more tests
* OIDC: ensure orgs are evaluated from API when not from token
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* OIDC: ensure AutoAssignOrg is applied with OrgMapping without RoleAttributeStrict
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Extend docs
* Fix test, lint
---------
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
* add function to static function to static service
* find email and login claims with jmespath
* rename configuration files
* Replace JWTClaims struct for map
* check for subclaims error
Removes legacy alerting, so long and thanks for all the fish! 🐟
---------
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Co-authored-by: Sonia Aguilar <soniaAguilarPeiron@users.noreply.github.com>
Co-authored-by: Armand Grillet <armandgrillet@users.noreply.github.com>
Co-authored-by: William Wernert <rwwiv@users.noreply.github.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
* query OAuth info from a new instance
* add `hd` validation flag
* add `disable_hd_validation` to settings map
* update documentation
---------
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Eric Leijonmarck
Vardan Torosyan
Jacob Valdez
Ieva
Misi
Quentin Bisson
Felix Dreissig
linoman
Beverly Buchanan
colin-stuart
Robby Milo
Ariana
Victor Cinaglia
John Naizer
bo0tzz
xavi
Mihai Doarna
Jay
Dana Axinte
haelekuin
David Garcia
Ryan Crutchfield
Dai Nguyen
Sam Jewell
Isabel Matwawana
Karl Persson
Pepe Cano
AHeinlein
Mathieu Parent
Fredrik Ekre
Larissa Wandzura
Gilles De Mey
Ivana Huckova
Aaron Godin
Armand Grillet
Christopher Moyer
Jo
Tobias Skarhed
Kristina