Github allowed organizations authentication #10111
Comments
bergquist
added a commit
that referenced
this issue
Dec 8, 2017
|
Closed by #10112 |
bergquist
added a commit
that referenced
this issue
Dec 11, 2017
* master: changelog: adds note about closing #10131 Explicitly specify default region in CloudWatch datasource (#9440) wait for all sub routines to finish changelog: adds ntoe about closing #10111 postgres: change $__timeGroup macro to include "AS time" column alias (#10119) fixes broken test Solves problem with Github authentication restriction by organization membership when the organization's access policy is set to "Access restricted". "Access restricted" policy should not stop user to authenticate.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Third-party application access policy of Github is "Access restricted" by default for a couple of years now.
I took config from defaults.ini config file and tried to setup grafana to allow authenticate users from specific organizations only. "Access restricted" policy does not allow third party applications to view organization specific information when authenticating. Instead, there is a different endpoint to get user's organizations membership: "https://api.github.com/users//orgs", but grafana's [auth.github] api_url is set to "https://api.github.com/user" and grafana tries to get a list of organizations by just appending "/orgs" to the end of api_url, which shows only organizations with "Access allowed" application access policy.
What was the expected result?
I expect grafana to take
organizations_urlfield from user data response from github and make another request to get organizations that the user is member of.What happened instead?
Grafana just concatenates "/orgs" to the
api_urlconfig and makes a request, which is useless in this case.The text was updated successfully, but these errors were encountered: