diff --git a/SelfHosted/Keycloak.html b/SelfHosted/Keycloak.html index 2d981e8..d84fe7f 100644 --- a/SelfHosted/Keycloak.html +++ b/SelfHosted/Keycloak.html @@ -2,17 +2,27 @@ title: Keycloak description: Centralisation de l’authentification published: true -date: 2021-05-09T09:04:03.926Z +date: 2021-05-09T09:09:20.881Z tags: editor: ckeditor dateCreated: 2021-05-09T09:02:57.765Z --> -
+
- GF_AUTH_GENERIC_OAUTH_ENABLED=true
+ - GF_AUTH_GENERIC_OAUTH_SCOPES=email
+ - GF_AUTH_GENERIC_OAUTH_NAME=<NAME>
+ - GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP=true
+ - GF_AUTH_GENERIC_OAUTH_CLIENT_ID=grafana
+ - GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=<CLIENT_SECRET>
+ - GF_AUTH_GENERIC_OAUTH_AUTH_URL=https://<URL>/auth/realms/<REALMS>/protocol/openid-connect/auth
+ - GF_AUTH_GENERIC_OAUTH_TOKEN_URL=https://<URL>/auth/realms/<REALMS>/protocol/openid-connect/token
+ - GF_AUTH_GENERIC_OAUTH_API_URL=https://<URL>/auth/realms/<REALMS>/protocol/openid-connect/userinfo
+ - GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH=contains(roles[*], 'admin') && 'Admin' || contains(roles[*], 'editor') && 'Editor' || 'Viewer'
+