Embedding panel that forwards OAuth credentials

I have an application in which I’d like to embed Grafana panel. This panel uses the application itself as datasource through the simpod-json-datasource, forwarding the OAuth token. Application won’t provide any data without this token.
When using plain old <iframe /> the browser does not send Authorization header. Do I need to let the app act like a reverse proxy, too, adding the header? I’ve tried to set the iframe contents fetching it in Javascript but I’ve hit CORS and some other comments here suggest that I need a proxy to filter these from Grafana.
Before going that path (already too convoluted), will it work? Will Grafana use the correct user just after seeing the Authorization header?
Alternatively I can setup Grafana to use auth proxy, but can this one forward the OAuth token at the same time?

1 Like

I’ve actually managed to get this working by disabling anonymous authentication and using the oauth_auto_login setting (I had a typo so it didn’t apply before).

EDIT: It doesn’t work 100% because the auth token is not refreshed; When escape the embedded panel and sign out, it logs me in again and works. But I need to make sure the token is refreshed.

EDIT2: Seems I am hitting this issue: https://github.com/grafana/grafana/issues/12131