Embed Grafana dashboard in web application with security

Hi guys, is there any standard way to authenticate the iframes used in external websites, as most of us we are also not interested in anonymous access.

I have searched in the community and internet most them point to the following post

You can utilize standard SSO protocol- that’s designed for that. For example Open ID Connect (OIDC). Website and also Grafana will use OIDC for auth. Website will authenticate user first and then iframed Grafana will just use existing SSO session, so Grafana will get token seamlessly.

Of course everything has pros and cons. Problem can be when website doesn’t request auth before iframe, so iframed Grafana will be requesting auth first. But typical IDP (OIDC) server doesn’t allow login in the iframe.

hey, thanks for the response…
Do you mean Azure AD OAuth2 authentication or similar authentications for both external website and grafana…

Yes, it is Open ID Connect standard (which is based on OAuth2 standard), which is provided by Identity Provider (that can be Azure, Google, AWS Cognito, Keycloak, … - anything what support OIDC; used Identity Provider can have users also everywhere: LDAP, AD, DB, …).

Keep in mind: all this kind of iframed solutions may have be restricted in the future by the browser security (probably Safari is the most strict browser for this use case at the moment).

Apart from Oauth standards is there any way to pass the iframe securely, such as API Keys

If I understand correctly, I think an auth proxy would be the ticket.

API keys are for API. You want to embed whole UI, not just API.

Even when I use auth proxy, as shown in Auth Proxy | Grafana Labs. It is kind of enabling anonymous access , I could find a tutorial similar to that Run Grafana behind a reverse proxy | Grafana Labs . I am still concerned about the security.