How to authenticate and embedded Grafana charts into iframe?

Asked 1/8, 2019 at 19:7 Answered 4/5, 2021 at 10:48

javascript html iframe grafana grafana-api

I embedded charts from Grafana into iframe into my HTML page.

It kept asking me to enter un/pw in the iframe.

How do I bypass the login that?

Is there a way to bypass that in the code?

Is this a setting in Grafana?

I explore further, I found the API section, I created an API key, and now I have the key token.

eyJrIjoiMnpVSVA***********QiOjF9

How do I use the key above 👆🏼 to embedded graphs in my iframe?

Banian answered 1/8, 2019 at 19:7 Comment(1)

Please check: #45837014 – Maze 24/2, 2021 at 10:38

[auth.anonymous]
# enable anonymous access
enabled = true

# set to true if you host Grafana behind HTTPS. default is false.
cookie_secure = true

# set cookie SameSite attribute. defaults to `lax`. can be set to "lax", "strict" and "none"
cookie_samesite = none

# set to true if you want to allow browsers to render Grafana in a <frame>, <iframe>, <embed> or <object>. default is false.
allow_embedding = true

And then Restart grafana or PC.

Hospitalet answered 26/2, 2020 at 10:17 Comment(2)

Which file is this one? – Tunesmith 6/4, 2021 at 9:20

this is anonymous ,... how to do it with authentication! – Jarrod 28/3, 2022 at 9:51

You can't use API key for the GUI. If you don't want to allow anonymous authentication, then the best option will be auth proxy, where you can implement own custom business logic for authentication.

You will have full freedom with auth proxy setup how to pass auth info (JWT token, cookie, key) to the auth proxy and auth proxy will just add header(s) (e.g. X-WEBAUTH-USER), which will be used as a user identity in Grafana.

Gomar answered 6/8, 2019 at 18:56 Comment(3)

I can't use Ajax GET with header of basic auth ? – Banian 6/8, 2019 at 19:49

I can't imagine how can you use Ajax GET with basic auth to authenticate whole single page app (Grafana in this case). – Gomar 7/8, 2019 at 17:53

How exactly would the auth proxy help bypassing the login UI? To my understanding, all the auth proxy does is allow you to say who you are using the X-WEBAUTH-USER header when you make calls to the API. Which HTTP request would contain this header exactly, in order to bypass the login UI? – Fornicate 10/8, 2022 at 15:40

If you just want to show some charts from Grafana you don't need to work with the API key.

You just need to change some configuration settings in the grafana.ini file (/etc/grafana/grafana.ini).

Below is the configuration that you need:

[auth.anonymous]
# enable anonymous access 
enabled = true

# specify organization name that should be used for unauthenticated users
org_name = ORGANIZATION

# specify role for unauthenticated users
org_role = Viewer

[auth]
# Set to true to disable (hide) the login form, useful if you use OAuth
disable_login_form = true

[security]
# set to true if you want to allow browsers to render Grafana in a <frame>, <iframe>, <embed> or <object>. default is false.
allow_embedding = true

On the Server Admin page on the Grafana website go to Orgs and your main organization name should be the same as you set in the configuration above (org_name = ORGANIZATION).

Save all your settings and restart the grafana-server and you should be good to go!

Ninfaningal answered 4/5, 2021 at 10:48 Comment(0)

Recommended topics

Hot tags