website/docs: Forward authentication proxy and Grafana considerations (#1254)

* docs: Updated forward authentication proxy nginx buffer config, grafana oauth integration considerations * docs: Cover edge-case when default grafana org id is not 1
2021-08-14 23:05:23 +03:00
parent 769a3424dc
commit 95ceabe1ba
2 changed files with 18 additions and 3 deletions
--- a/website/docs/integrations/services/grafana/index.mdx
+++ b/website/docs/integrations/services/grafana/index.mdx
@ -95,3 +95,14 @@ contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana
 ```

 For more information on group/role mappings, see [Grafana's docs](https://grafana.com/docs/grafana/latest/auth/generic-oauth/#role-mapping).
+
+### Grafana Configuration Considerations
+
+Make sure in your configuration that `root_url` is set correctly, otherwise your redirect url might get processed incorrectly. For example, if your grafana instance is running on the default configuration and is accesible behind a reverse proxy at `https://grafana.company`, your redirect url will end up looking like this, `https://grafana.company:3000`.
+If you get `user does not belong to org` error when trying to log into grafana for the first time via OAuth, check if you have an organization with the ID of `1`, if not, then you have to add the following to your grafana config:
+
+```ini
+[users]
+auto_assign_org = true
+auto_assign_org_id = <id-of-your-default-organization>
+```