I’m in the process of trying to integrate Grafana into a data platform. I have succeeded in getting its OAuth2 client to authenticate users via the data platform and am in the process of writing a data plug-in that will pull data from it.
The data platform requires that the user’s Bearer token be passed back in the Authorization header, and so I created the data plug-in instance in Grafana, ticking the “With Credentials” box. Unfortunately, when I see a back-end query, I see that the
Authorization header that was returned to Grafana during the log-in phase is not passed on in the request, and so the data platform bounces the request with a
401 Unauthorized message.
It is desirable that the data connector uses the same user account that the user logged into Grafana with so that the server can apply authorization rules to what that user can see. This cannot be done if all Grafana users log into the data platform back-end with the same user account.
How do I get at that Bearer token so that I can provide it to the back-end server?