The Issue

When trying to log into Grafana Web UI using an OIDC provider, in my case, Dex. The login would fail due to the error “User already exists”, after some time. This happened for any users given access via the OIDC.

The Cause

This looks to happen due to a CVE fix implemented in Grafana as documented in the two comments below:

• Authentication: After upgrading to Grafana 10 getting error User already exists with generic oAuth · Issue #70203 · grafana/grafana · GitHub
• https://github.com/grafana/grafana/issues/70203#issuecomment-1609865093

The Fix

To resolve this issue, for Grafana 10.0.x and 9.5.6, the env variable GF_AUTH_OAUTH_ALLOW_INSECURE_EMAIL_LOOKUP can be set or the config key oauth_allow_insecure_email_lookup can be set under the auth section.

[auth]
oauth_allow_insecure_email_lookup=true

Source + Source 2

Hope this helps anyone stuck out there!

Regards

Follow @Saintdle

Dean Lewis

The post Grafana – unable to login “User already exists” appeared first on vEducate.co.uk.

来源 https://blogs.vmware.com/affiliates/grafana-unable-to-login-user-already-exists-2