Replies: 2 comments 1 reply
-
Putting the name to the side, is any specific and relevant part of the OpenID Connect spec missing from the generic OAuth provider? It implements a bunch of OpenID Connect functionality already and I think this might be more a matter of documenting what the generic OAuth provider supports and doesn't support than introducing another provider. And making sure that we support the things that are important to our users. The naming is to me a technicality where neither OIDC nor OAuth (2.0) is sufficiently more wrong than the other to warrant a duplication or migration. Would "openid_connect" have been a better name to start with? Possibly, but we have generic_oauth already, and I'm not sure there's a strong enough argument to move away from that. |
Beta Was this translation helpful? Give feedback.
-
Hello, as you may have heard, we are transitioning away from using discussions to discuss feature requests. Due to the age and number of responses to this discussion, we are deciding to close it. If this is something you would like to see in Grafana, feel free to open an issue so the discussion can continue. Thank you! |
Beta Was this translation helpful? Give feedback.
-
Currently, Grafana supports SSO via various providers including Azure, GitHub, GitLab, Google, Grafana.com, Okta, LDAP and generic OAuth. Generic OAuth is commonly used when the providers are not listed. Operators could customize the attribute paths to match the provided JSON object or tokens.
However, OAuth is designed for authorization but not authentication. OIDC was introduced as a specification to provide the functionality of authentication. It defines a set of standard claims in the token and could also be visited via endpoints configured.
Providers such as Azure, Google, and Okta actually have conformed to the OIDC specification. I believe it would be better to introduce OIDC as a provider with Grafana's RBAC integration.
Looking forward to the discussion 😃
Beta Was this translation helpful? Give feedback.
All reactions