I played about with this in Nginx and the way I came up with was to add a subdomain that didn’t include any of the auth proxy. This should be a MWE.
nginx.conf
http {
server {
listen 80;
server_name admin.example.com;
location /grafana/ {
proxy_pass http://grafana.staged-by-discourse.com/;
}
}
server {
listen 80;
server_name www.example.com;
location /grafana/ {
proxy_pass http://grafana.staged-by-discourse.com;
proxy_set_header X-WEBAUTH-USER test-user;
}
}
}
Grafana.ini
[server]
root_url = http://grafana.staged-by-discourse.com/grafana/
[auth.proxy]
enabled = true
auto_sign_up = false
Which means if I go to www.example.com/grafana/ I’m automatically logged in as my test user, whereas if I use admin.example.com/grafana then I’m shown the login screen.