OIDC: oidc not working on grafana accessible via multiple domain names #39098
Replies: 3 comments
-
Hi there, any progress on this issue so far ? |
Beta Was this translation helpful? Give feedback.
-
Only one domain is currently supported and we have no current plan to support more. Would suggests looking into using a proxy to be able to use two domains, not sure possible but this post indicate it should be possible. |
Beta Was this translation helpful? Give feedback.
-
Hello, as you may have heard, we are transitioning away from using discussions to discuss feature requests. Due to the age and number of responses to this discussion, we are deciding to close it. If this is something you would like to see in Grafana, feel free to open an issue so the discussion can continue. Thank you! |
Beta Was this translation helpful? Give feedback.
-
What happened:
When grafana is accessible via multiple domain names (e.g. publically and internally without split horizon DNS) and having configured OIDC as an authentication source, OIDC authentication does not work if you set GF_SERVER_ENFORCE_DOMAIN=false (default). Enabeling GF_SERVER_ENFORCE_DOMAIN=true, breaks the multi path access (e.g. public and internal via different hostnames) and thus makes this deployment option impossible.
The error is not related to the OIDC setting, as the oidc app has been configured with multiple allowed redirect urls (public and privat)
What you expected to happen:
Make OIDC work with Grafana indipendent of the hostname used to access grafana. (Basically make it work for all domain names configured in DNS with GF_SERVER_ENFORCE_DOMAIN=false)
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
Environment:
Beta Was this translation helpful? Give feedback.
All reactions