Just quickly noted how to configure Grafana Role Management / Role Mapping with Okta. And also how to configure Single Logout.

Role Management
Create a new Attribute, see example below

Add a new claim to your custom auth server you use for Grafana


Configure Grafana
Example config for grafana.ini
#################################### Okta ##########################
[auth.okta]
name = Okta
enabled = true
allow_sign_up = true
client_id = 0oaainxxxxxxxxxxxx
client_secret = 6HTvpvQxxxxxxxxxxxxwENFsW
scopes = openid profile email
auth_url = https://<org>.okta.com/oauth2/default/v1/authorize
token_url = https://<org>.okta.com/oauth2/default/v1/token
api_url = https://<org>.okta.com/oauth2/default/v1/userinfo
role_attribute_path = grafana_role
;allowed_domains =
;allowed_groups =
That’s it.
Single Logout
Found somewhere on the internet, tested it and documenting it here for future use.
Grafana
Specify the config value :
signout_redirect_url = https://<org>.okta.com/login/signout?fromURI=https://grafana.domain.net
Okta
The URL given in the fromURI field needs to be configured as a Trusted Origin.