API tokens per user or SSO to get access to thirdparty API. Use Grafana as entry point

I would like to use grafana as an entry point and then access my API.
I saw that you have application tokens which you generate per “role”.
Is there anything to create a token per user?

The logic I wanted to achieve is the following;

  • user logins into grafana (whatever is used basic, LDAP, oAuth)
  • then he triggers our API and gets authenticated automatically. (by token from step 1 or anything you can suggest)

As an alternative, I’m thinking about SSO, but I’m not very familiar with it.

Would it work without asking the user to log in 2 times if we disable basic auth and then use SSO on grafana and our API side?

Thank you in advance.


No, that’s not currently supported.

What kind of communication is happening from Grafana to your API, is it a datasource?


Hello @mefraimsson

Our requirement is also pretty much same. Actually we have our own web app parallel to grafana and instead two separate login pages one for our web app and other for grafana, we want to use grafana authentication mechanism as our web app login. For this we are thinking to use grafana_user and grafana_session cookies that are being set after user logged in to grafana. But problem is we are unable to find any grafana api to validate that grafana_session cookie.

Can you please help on this ?

Or if there might be some other way so we can connect our application authentication with grafana auth.


Please don’t try and use that for your use case. Grafana is no oauth provider so think the easiest would be to let your app be an oauth provider that you can configure to use for authenticating in Grafana.

1 Like