im running v7.2.0 (and has occured on prior versions).
The issue im having is since i enabled permissions (vs wide open access) about 2 months ago, im (admin) now getting frequently logged out after short (ie 15-30min) periods of inactivity from grafana.
This can be pretty troublesome if i have a dashboard open, then make a change/update to a panel, only the find out ive been logged out , when i go to press save dashboard.
Prior to 2 months ago, i never had this issue at all, however at that point is also when i created a 2nd “guest read-only” account, and also changed the dashboard permissions from “everyone”/wideopen access to the guest account can ONLY read-only access one, single, dashboard.
(i had access wide open, meaning no user restrictions, and no login passwords needed, as this was just a internal grafana install that only i myself used, and i secured it at the network level. then 2 months ago, i needed to give one single VPN-only user access to one dashboard).
i do see this in the logs, very frequently and assume its related:
grafana-server: t=2020-10-14T12:06:27-0500 lvl=eror msg="Failed to look up user based on cookie" logger=context error="user token not found"
here are some relevant settings from my grafana.ini (note i do embed some of my panels on a internal PRTG server/map, that is why i have to run:
and cookie_samesite = disabled
[security] # Auto-login remember days ;login_remember_days = 7 ;cookie_username = grafana_user ;cookie_remember_name = grafana_remember [users] allow_sign_up = false allow_org_create = false ;auto_assign_org = true ;auto_assign_org_role = Viewer # enable anonymous access enabled = true [auth] cookie_samesite = disabled allow_embedding = true # specify organization name that should be used for unauthenticated users org_name = Main Org. #commented out ##org_role = Editor ##org_role = Viewer login_maximum_inactive_lifetime_duration = 30d login_maximum_lifetime_duration = 90d token_rotation_interval_minutes = 10 api_key_max_seconds_to_live = -1