Grafana SSO to External Application

Hello All,

We have an external NodeJS application running e.g http://localhost:4000
Grafana is running in http://grafana.staged-by-discourse.com

I have created a dashboard and embedding my NodeJS application using iFrame:
<iframe src=\"http://localhost:4000\" width=\"1800\" height=\"800\"></iframe>

Now, I want to introduce authentication to both Grafana and NodeJS application. For this I have configured google authenticator for logging in to Grafana which is working fine. Next, I want NodeJS application to authenticate the same Grafana login as SSO and once successful the dashboard should show the NodeJS application.

in a nut shell, I want to pass the google SSO from Grafana to my NodeJS application and validate it. I tried many article but everything was related to vice versa of my requirement.

Any help would be appreciated much!

Thanks in advance,
Va

No, you are not “passing” SSO. First your both apps (Grafana, Nodeaps) must be working with OIDC SSO correctly standalone. Then it should be working fine also in iframe. Iframed app will use SSO and SSO session is there so user will be logged automatically.

BUT iframed app is thirdparty app from the cookie perspective, so you may have a problem if used browser blocks thirdparty cookies: GitHub - jangaraj/grafana-iframe

Thanks for the reply! Also, I see the iframed application can be embedded with only HTTP.
Is there any other better approach to embed the external NodeJS application (HTTPS) into grafana with seamless authentication?

Who is claiming that?

From the Github URL above:

The loading of "https://domain.com/" in a frame is denied by "X-Frame-Options" directive set to "SAMEORIGIN" - again you can’t configure anything in the Grafana to solve.

not sure if I misunderstood! can I embed the https version of my nodejs app in grafana iframe? even if I resolve the sso issue

Please read that README carefully. There are 2 cases:

1.) I want to have some iframe in my Grafana (This is not your case!)
2.) I want to have Grafana in my app as an iframe and I would like to have seamless login experience (This is your case and I linked directly to this section)

Please read also other posts here - iframe is FAQ.

Sorry if I miscommunicated. 1st one is my case.
I’m trying to load my nodeJs application inside Grafana as a iframe.

Could you please let me know what would be the best approach for this

OK and what is a problem?

My guess: you are using HTTP, but OIDC protocol requires HTTPS. I don’t believe Google will sacrifice this basic security requirement (that’s not Grafana requirement, but requirement of used SSO protocol). Also localhost can be a problem and of course third party cookies limitation in the browser.

Did you get an answer? I am facing the same problem on my project, if you find the solution please share here.