How to set up Grafana so that no password is necessary to view dashboards

Asked 13/10, 2015 at 20:16 Answered 25/11, 2023 at 20:44

Despite these settings, Grafana still requires the use of a password to view Dashboards. Can someone please help me with the correct settings?

[auth.anonymous]
# enable anonymous access
enabled = true

[auth.basic]
enabled = false

Fanelli answered 13/10, 2015 at 20:16 Comment(2)

this change work but the user can navigate and view all the dashboards, I just want them to view via link, any extra setting required? embed option works but from the port 3000 they can view all – Interlinear 1/10, 2018 at 5:6

See grafana.com/docs/auth/overview/#anonymous-authentication – Dynode 20/6, 2019 at 21:4

Thanks @Donald Mok for his answer; I just want to make it as clear as possible. In the Grafana interface you can create an organization. After that you can create some dashboards for this organization. So, there is a problem that you need to specify the organization for anonymous users. And it should be a real organization (for your Grafana). And anonymous users will be able to see only dashboards from this organization.

#################################### Anonymous Auth ##########################
[auth.anonymous]
# enable anonymous access
enabled = true

# specify organization name that should be used for unauthenticated users
org_name = ORGANIZATION

Delacourt answered 15/3, 2016 at 14:35 Comment(7)

Is it possible for an anonymous user to see dashboards from multiple organizations? – Tjirebon 24/2, 2017 at 20:58

This literally saved me :D – Mccrae 30/3, 2019 at 21:51

Keep in mind anonymous users in Grafana can access still some menu's today. Including Explore. – Catnap 15/1, 2021 at 21:56

none of the answers work for me, i am still presented with login form, or if disable_login_form=true with *welcome to Grafana" message and no way past it. Grafana ver 7.3.0. My goal is yo never see login form period. – Audsley 15/6, 2022 at 14:14

This still works and is documented here: grafana.com/docs/grafana/latest/setup-grafana/… – Consalve 23/11, 2022 at 16:9

To anyone else: remove the ; comment indicator at the beginning of the lines I spent an embarrassingly long time trying to fix this – Bridgehead 31/12, 2022 at 1:40

I'd like to add that this configuration could be overridden with environment variables to avoid editing config files (very useful with Docker) as explained here grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/… – Disposed 13/3, 2023 at 16:15

To setup login for anonymous users you need to make these small configuration changes in the default.ini/grafana.ini file (Grafana\conf).

If you want to hide the login page do this configuration:

[auth]
# Set to true to disable (hide) the login form, useful if you use OAuth
#disable_login_form = false 
disable_login_form = true

Change disable_login_form to true.

Enable anonymous access:

[auth.anonymous]
# enable anonymous access 
enabled = true

Specify the organization:

# specify organization name that should be used for unauthenticated users
org_name = YOUR_ORG_NAME_HERE

Restart Grafana and you should be able to see the Grafana dashboard. If not, just change your org role from Viewer to Editor:
```
# specify role for unauthenticated users
org_role = Editor
```

Aldric answered 4/7, 2018 at 12:34 Comment(2)

This is not working anymore – Custumal 27/7, 2022 at 16:43

@Custumal , it been almost 4 year, i am not sure about this – Aldric 28/7, 2022 at 9:45

I had this issue, but the root cause in my case was a tiny mistake. I checked the grafana.log file and found that:

"2016/02/12 09:24:57 [middleware.go:62 initContextWithAnonymousUser()] [E] Anonymous access organization error: 'Anonymous Org.': Organization not found"

I changed the org_name in grafana.ini, and after restarting Grafana, things worked well as I intended.

I recommend you check your grafana.log file to see what's wrong with your configuration.

Restful answered 12/2, 2016 at 1:24 Comment(0)

First your configuration should look like this:

[auth.anonymous]
# enable anonymous access 
enabled = true

# specify organization name that should be used for unauthenticated users
org_name = ORGANIZATION

# specify role for unauthenticated users
org_role = Viewer

[auth]
# Set to true to disable (hide) the login form, useful if you use OAuth
disable_login_form = true

Then you need to make an organization on the Server Admin page on the Grafana website with the exact same name as you specified here: org_name = ORGANIZATION

If you then make a dasbhoard with some panels you can share the dashboard or a specific panel with <iframe>, you can find more info here

Jarry answered 3/5, 2021 at 15:59 Comment(1)

^ This was my issue. The config was ok but the org_name didn’t point to an existing organization. Creating it in the dashboard (or renaming the default one) did it. – Paddy 9/3, 2022 at 16:9

First of all, in grafana.ini adjust the following values:

[auth.anonymous]
# enable anonymous access
enabled = true

# specify organization name that should be used for unauthenticated users
org_name = YOUR_ORG_NAME_HERE

# specify role for unauthenticated users
org_role = SOME_USER_NAME_HERE # e.g. Anonymous

Now, after restarting Grafana, log in and make sure there is another user than admin created. If not, create one. The values in the user creation dialogue are actually unimportant to achieve the task.

Finally, set the same organisation name under global orgs to match your grafana.ini value. Also, make sure the user you created has the role you set in grafana.ini (in my example the role would be "Anonymous").

Stranger answered 11/8, 2017 at 20:28 Comment(0)

Here is what i did for my Caddy proxy which uses client-cert auth already. Beware, this still exposes your datasource to the public! Be sure to replace [email protected] with your email and the Caddy proxy ip in grafana.ini.

Caddyfile

grafana.****.***, gf.****.*** {
    tls [email protected] {
        clients /mnt/user/appdata/caddy/conf/ca.crt
    }

    proxy / http://10.0.1.39:3000 {
        transparent
        websocket
        insecure_skip_verify
        header_upstream X-WEBAUTH-USER "admin"
    }
}

gf-pub.****.*** {
    tls [email protected]

    proxy / http://10.0.1.39:3000 {
        transparent
        websocket
        insecure_skip_verify
        header_upstream X-WEBAUTH-USER "public"
    }
}

grafana.ini

[auth.proxy]
enabled = true
header_name = X-WEBAUTH-USER
header_property = username
enable_login_token = false
whitelist = 10.0.1.3 <-- Your Caddy IP

Edington answered 13/4, 2020 at 11:35 Comment(0)

Elaborating on Jimilian's answer for the special case that it is a completely fresh and empty Grafana which you would like to configure to work without any user management (e.g. local installation for a single user): in this case, the organization needs to be Main org. (including the trailing dot). This is also the default, so you will also be fine just omitting the org_name setting from your config file in that case.

Of course, in that case your anonymous user needs additional permissions. A complete configuration for this case might look like this:

[auth.anonymous]
enabled = true
org_role = Admin

[auth.basic]
enabled = false

[auth]
disable_login_form = true

Doubleteam answered 25/11, 2023 at 20:44 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags