OAuth Chronograf - Unable to get the login page




I am trying to understand how the authorization works in chronograf. Currently, using Sandbox and running all the dockers on my local machine with Ubuntu.

Following this tutorial and trying setup the permissions using the github.

These are the detailed steps that followed.
1) git cloned sandbox
2) ./sandbox up
3) Created a ClientID and Client Secret from github.
4) Enter into chronograf docker through terminal: ./sandbox enter chronograf
5) # export AUTH_DURATION=1h
# export TOKEN_SECRET=Super5uperUdn3verGu355!
# export GH_CLIENT_ID= abcdefg…
# export GH_CLIENT_SECRET=12345698678…
6) Restart the containers: ./sandbox restart
7) In browser localhost:8888

After the restart, I don’t see any kind of login page and also i am not sure where to log out or login in again. Its just displaying the same GUI as before.

Not sure what else should be done and I also don’t understand where the permissions are set like admin access/ view access etc. Is there any user id and password create like Grafana ?

Also i can only see Influx admin under the Admin(crown icon) But the documentation its mentioned that i should be seeing chronograf as well.



@rawkode, @Anaisdg, @philb , Any comments on this ?


If you navigate to the Users section (listed below Databases and above Queries), what do you see listed there? That is where the permissions are set.


Hi @katy ,

Thank for the response. To reiterate the question, i am looking to create an user that can login and can only view dashboard in chronograf. I am running sandbox(docker) on my Ubuntu machine.

I have already tried creating user in the User tab. But i guess this tab is meant to create users to the influxDB not to chronogarf. Secondly i see only None/ALL - Permission and can’t find any logout button to login back and cross check any permission rights.


I think the credentials are not being persisted when you restart the container. You could try saving those export statements to ~/.bashrc, but even then I’m not sure if they will persist after a restart.


You should attach a persistent volume to docker if you want it survive a container restart.

You should be able to flag it with your docker start up command with a -e to specify those env args


Hi @katy @Esity ,

You guys are right, environment variable are not present or getting washed out every time i restarted. so i just added below script to the chronograf in .yml file

  RESOURCES_PATH: "/usr/share/chronograf/resources"
  TOKEN_SECRET: "Super5uperUdn3verGu355!"
  GH_CLIENT_ID: "123456abcXXX"

And then ./sandbox up.

Every thing seems to be working. I can see the login page and was able to login.