Button in Canvas: how to use Grafana authorization in requests to Node-RED?

ebabeshko · May 13, 2024, 2:27pm

I am using Canvas plugin with several buttons to send HTTP POST requests to Node-RED, as described in this topic.

What is the most proper / easiest way to protect these requests with Grafana authorization? I.e. so as Node-RED accepted these requests only when user is authorized in Grafana?

Grafana version is 10.2

ebabeshko · May 28, 2024, 6:52pm

Manual states:

Button elements support triggering basic, unauthenticated API calls

Anyway, may be somebody can share best practices on making such API calls more secure…

yosiasz · May 28, 2024, 9:38pm

what type of auth are you using? out of the box or custom?

ebabeshko · May 29, 2024, 5:02am

out of the box

yosiasz · May 29, 2024, 5:31am

out of the box is basic uname and upass so would avoid that but instead I would implement bearer token if NR allows that

@grant2 is the man for that

https://nodered.org/docs/api/admin/methods/post/auth/token/

ebabeshko · May 29, 2024, 9:09am

Thank you, will look through @grant2 's posts

Topic		Replies	Views
Button to send action to Node-Red Dashboards	7	1589	February 7, 2024
Is there a way to send a parametric POST request Dashboards api , plugins	2	4134	November 21, 2022
Data Source Plugin — Login with OAuth2 authorization_code grant type Grafana Plugin Development	2	1086	April 12, 2022
CANVAS - Impossible d'envoyer des posts API Dashboards	1	185	January 29, 2024
Canvas - Unable to send API Post Dashboards	3	342	May 10, 2024

Button in Canvas: how to use Grafana authorization in requests to Node-RED?

Related topics