Hello, i wanted to do consult about the best and secured way to share a dashboard between tenants.
So - I have a data source (which is eventually a DB) - divided into tenants, each tenant has it’s own table.
I want to show a grafana dashboard in my application, instead of creating those graphs by myself.
What i was thinking is:
Have an internal grafana instance
Create a dashboard on the DB, and create a full dashboard, saving it to a json.
Each time a tenant wants to show his dashboard, i’ll take the JSON, import the dashboard (through API?) with the correct table name, then i’ll create a snapshot.
Funny, I was looking to the similar scenario.
What works for us :
ensure the security via a secure auth (JWT for us)
pass the JWT token in embedding IFrame and establish user Identity in grafana
in grafana use the ${__user.id} variable to query user specific information
What doesn’t work, and if @ariel14 have pointers, that would be greatly appreciated :
embed in an Iframe or some other way the whole dashboard not just the panel
Make the ${__user.id} read-only in the datastore. If a user can change the dashaboard, not to be able to change the query to remove the filter based on userID.
#2 is a limitation when we will want later to allow users to author the dasbhoards
sometime embedding the dashboard can help a better experience, especially for products intended for not engineers. Each transition outside of the main product is a point of friction
for a given user you can invite in organization and can assigned the appropriate role [viewer/ editor / admin]
I’m at level of prototype, so I did that manually in the config UI, but I’m sure there is an API
once an use logs in, a JWT user is created, for that user I can use this API to add to current organization, where the concept of organization in Grafana is what in other environments is called tenant
