Notice
The examples and use cases described here are intended to show the different ways SURF Research Access Management can be used and connected to application. These examples and use cases are not always validated by SURF.
The official Grafana documentation for an OIDC (oAuth) login can be found here:
https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/generic-oauth/
The documentation is quite self-explanatory, but the most important configuration changes for SRAM (PRD) are:
auth_url = https://proxy.sram.surf.nl/saml2sp/OIDC/authorization
token_url = https://proxy.sram.surf.nl/OIDC/token
api_url = https://proxy.sram.surf.nl/OIDC/userinfo
The client_id and client_secret will be supplied by the SRAM team.
The redirect_uri that SRAM needs to properly configure the application is the so called callback URL:
https://[hostname]/login/generic_oauth
JMESPath expressions can be tested here https://jmespath.org/