If you ever tried to integrate OKTA with Grafana, you might have ended up a bit frustrated after following all the instructions in the official Grafana documentation.
Error: The ‘redirect_uri’ parameter must be a Login redirect URI in the client app settings
Why is this happening?
If you inspect the payload of the callback request made when trying to sign in with Okta, you’ll se that the redirect_uri doesn’t match the one set in Okta, as per the instructions in the official documentation:
The login redirect uri set in Okta was: https://grafana.example.com/login/okta, which doesn’t match our redirect_uri parameter
How do we fix it?
The solution is quite simple. In the
[server] section of your Grafana configuration file, add the following parameters:
domain = grafana.example.com
root_url = https://%(domain)s/
root_url is the full URL used to access Grafana from a web browser. This is important if you use OAuth authentication for the callback URL to be correct.
Note you need to replace grafana.example.com with the domain you use to access Grafana through your web browser in both your Okta app and Grafana configuration file.
Nice and simple!