Oauth2 userinfo API

I managed to get that working on stock Nextcloud 19 with Grafana 7. I used the following in the Grafana OAuth config:

[auth.generic_oauth]
enabled = true
name = Nextcloud
allow_sign_up = true
client_id = <your id>
client_secret = <your secret>
scopes = user:email,read:org
auth_url = https://SERVER/index.php/apps/oauth2/authorize
token_url = https:/SERVER/index.php/apps/oauth2/api/v1/token
api_url = https:/SERVER/ocs/v2.php/cloud/user?format=json&x=
email_attribute_path = ocs.data.email
role_attribute_path = contains(ocs.data.groups[*], 'admin') && 'Admin' || contains(ocs.data.groups[*], 'Grafana') && 'Editor' || 'Viewer'
allowed_organizations =

This assumes members of the groups “admin” or “Grafana” are allowed to edit Grafana dashboards.

1 Like