How are user password encrypted in database exactly?


I’m actually trying to develop a small plugin that use Grafana session to see if a grafana user is authenticated and has rightfull access. Right now i want to allow them to login to my plugin outside Grafana (but based of grafana user accounts), so i need to know how the passwords are hashed to be able to log them.

I found that you guys use pbkdf2. Here is the post : Local authentication password encrypted or not?

My questions : how do i know the number of iteration, keylength and hash algorithm used ?

(If i get it right, the salt is located in the database, the password is input by the user, and the algorithm is SHA256 ? ) Absolutely no clue on the iteration and keylength though …

Please help !