...
In server-config.json, change "autheticationProtocol":”SAML”
In uiConfig.json, change "autheticationProtocol":”SAML
Open grafana default.ini file and enable following [auth.proxy] section, do not change other property
[auth.proxy]enabled = trueheader_name = X-WEBAUTH-USERheader_property = usernameauto_sign_up = trueldap_sync_ttl = 60whitelist =headers =
...
6. Add your SAML or SSO provider detail in server.config.json under “singleSignOnConfig” section
| 1 | Key | Description |
| 2 | entityId: | Identifier (Entity ID) for your SMAL configuration |
| 3 | appId: | copy app id from App Federation Metadata Url |
| 4 | metadataUrl: | App Federation Metadata Url |
| 5 | metdataFilePath : | Download SAML Signing Certificate from sso provider site and store it in INSIGHTS_HOME |
| 6 | keyStoreFilePath: | path of certificae like saml-keystore.jks, Download this certificate from your sso provider URL |
| 7 | keyAlias: | saml-keystore.jks username |
| 8 | keyPass: | saml-keystore.jks password |
| 9 | keyStorePass : | saml-keystore.jks password |
| 10 | appBaseUrl : | Application service Host URL, Example https://<HostOrDomainName>/PlatformService |
| 11 | relayStateUrl : | SSO login UI page URL, Example https://<HostOrDomainName>/app/#/ssologin |
| 12 | defaultTargetUrl : | Application user authenticate url, Example https://<HostOrDomainName>/user/authenticate |
| 13 | postLogoutURL : | SAML or SSO provider logout URL, Example value https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0 |
| 14 | tokenSigningKey: | This is use as secrete key to sign JWT token,It should be 128 character ,Example value:"insights_IDP_CogDevops_SSO_Token_string" |
7. We need to download SAML Signing Certificate from sso provider site and import it in your application ssl certificate file using following command
...