public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Auth: Pass user role to Grafana using auth proxy (#36729)

Browse Source 
* Pass role to Grafana using auth proxy

By default, the role will be applied to the default org of the user.
If the request uses the standard header "X-Grafana-Org-Id", the role will be applied to the specified org

Tested in both unit test and manually E2E

* Address comment: only allow the user role to be applied to the default org

Co-authored-by: Leonard Gram <leo@xlson.com>
This commit is contained in:
yuwaMSFT2
2021-07-22 06:49:58 -07:00
committed by GitHub
parent 93b4cc7035
commit ad1f792b8b
4 changed files with 93 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/sources/auth/auth-proxy.md
+1 -1
View File
@@ -30,7 +30,7 @@ sync_ttl = 60
# Example `whitelist = 192.168.1.1, 192.168.1.0/24, 2001::23, 2001::0/120`
whitelist =
# Optionally define more headers to sync other user attributes
# Example `headers = Name:X-WEBAUTH-NAME Email:X-WEBAUTH-EMAIL Groups:X-WEBAUTH-GROUPS`
# Example `headers = Name:X-WEBAUTH-NAME Role:X-WEBAUTH-ROLE Email:X-WEBAUTH-EMAIL Groups:X-WEBAUTH-GROUPS`
headers =
# Check out docs on this for more details on the below setting
enable_login_token = false