Grafana Google OAuth issue

So, I’ve got a large grafana deployment, with a single org (orgid 1), using Google oauth. every now and then a new user seemingly for no reason logs in for the first time and isn’t added to the org (i see in logs orgID -1). Inviting them manually fixes it, but I’m trying to track down why this is happening.

what version of grafana are you on? Also what do you see in grafana logs

10.0.2, logs don’t show much, really just access getting denied to reading dashboards since they’re not in the org

orgId: -1
permissions: "action:dashboards:read scopes:"```


when we only have 1 org (of org id 1 )

what was different about that one user compared to the other users that logged in successfully?

nothing as far as i can tell beyond email/name of course. they’re all i the same Google oauth domain/etc

any difference maybe in the groups they might be in? Any other property that might differ?

Grafana groups/teams? There are none, its a totally flat setup, just users, all editors.

What is challenging is that it happens sometimes Is there anyway we can narrow it down ?

maybe extra sauce on the logging? on grafana side and the other side?