Grafana is an Open Source dashboard for monitoring databases such as Prometheus, Graphite or Elasticsearch
Grafana offers social login through a generic OAuth 2 connector. Thankfully, it is close enough to OpenID Connect to work well with LemonLDAP::NG
You should start by following the generic OAuth2 documentation provided by Grafana: https://grafana.com/docs/grafana/latest/auth/generic-oauth/
Your configuration file will have to look something like this:
[auth.generic_oauth] enabled = true client_id = CHOOSE_A_CLIENT_ID client_secret = CHOOSE_A_CLIENT_SECRET scopes = openid email profile auth_url = https://auth.example.com/oauth2/authorize token_url = https://auth.example.com/oauth2/token api_url = https://auth.example.com/oauth2/userinfo allow_sign_up = true name = LemonLDAP::NG send_client_credentials_via_post = false email_attribute_name = email
Make sure you have already enabled OpenID Connect on your LemonLDAP::NG server
Then, add a Relaying Party with the following configuration
client_id
aboveclient_secret
aboveIf you want to transmit user attributes to Grafana, you also need to configure
profile
name username display_name upn
name
username
display_name
upn
email