diff --git a/authelia/config/configuration.yml b/authelia/config/configuration.yml
index 7f4fbc9..4c382fd 100644
--- a/authelia/config/configuration.yml
+++ b/authelia/config/configuration.yml
@@ -117,3 +117,15 @@ identity_providers:
           - email
           - groups
         userinfo_signed_response_alg: 'none'
+      - id: grafana
+        description: Grafana via Authelia
+        secret: '$argon2id$v=19$m=65536,t=3,p=4$IoJjIPmtn81rI0te8lV5Yw$tptaXFfI1NOsPctEzyAYiRblzFNsWgbS9Gh160OkoqQ'
+        public: false
+        authorization_policy: one_factor
+        redirect_uris:
+          - https://grafana.quangkhai.ch/login/generic_oauth
+        scopes:
+          - openid
+          - profile
+          - email
+        userinfo_signed_response_alg: 'none'        
diff --git a/prometheus/grafana/config.monitoring b/prometheus/grafana/config.monitoring
index 7dc9aea..cc86ec6 100644
--- a/prometheus/grafana/config.monitoring
+++ b/prometheus/grafana/config.monitoring
@@ -1,8 +1,17 @@
-GF_SECURITY_ADMIN_PASSWORD=foobar
-GF_USERS_ALLOW_SIGN_UP=false
-LETSENCRYPT_HOST=grafana.quangkhai.ch
-LETSENCRYPT_EMAIL=quangkhai@grafana.quangkhai.ch
-VIRTUAL_HOST=grafana.quangkhai.ch
-VIRTUAL_PORT=3000
-GF_SERVER_DOMAIN=grafana.quangkhai.ch
 GF_SERVER_ROOT_URL=https://grafana.quangkhai.ch
+GF_AUTH_ANONYMOUS_ENABLED=false
+GF_AUTH_DISABLE_LOGIN_FORM=true
+
+GF_AUTH_GENERIC_OAUTH_ENABLED=true
+GF_AUTH_GENERIC_OAUTH_NAME=Authelia
+GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP=false
+GF_AUTH_GENERIC_OAUTH_CLIENT_ID=grafana
+GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=<grafana-client-secret-raw>
+GF_AUTH_GENERIC_OAUTH_SCOPES=openid profile email
+
+GF_AUTH_GENERIC_OAUTH_AUTH_URL=https://auth.quangkhai.ch/api/oidc/authorization
+GF_AUTH_GENERIC_OAUTH_TOKEN_URL=https://auth.quangkhai.ch/api/oidc/token
+GF_AUTH_GENERIC_OAUTH_API_URL=https://auth.quangkhai.ch/api/oidc/userinfo
+
+GF_AUTH_GENERIC_OAUTH_EMAIL_ATTRIBUTE=email
+GF_AUTH_GENERIC_OAUTH_NAME_ATTRIBUTE=name
\ No newline at end of file