We are trying to integrate grafana in our UX. We have credentials to login in into our UX. Grafana is shown inside an iframe. The behavior we want to achieve is if someone logins with 'admin’role, it should map to ‘admin’ role of grafana, when he clicks on the grafana tab on our UX. Similary, if the role is ‘guest’, it should map to ‘viewer-only’ role in grafana. Was thinking of using JWT Bearer token based Oauth to fix this. The flow will be:
User logins and get the jwt token as cookie from our backend, which has the grafana-role also embedded inside it.
User clicks on the grafana tab within our UX, the above cookie hits the grafana server.
Grafana server interprets the cookie and maps to appropriate role in grafana. For e.g., admin gets the admin view, guest gets the viewer-only view, etc.
Is there an already available plugin for this?
Can someone point me to some documentation as to how to write a plugin??
Appreciate your help.
Were you able to solve this? We are also trying to embed Grafana in our application. The authentication will be done using the token, skipping the login page. So when user clicks on the link the authentication is done in the backend using flask and user is able to view the Grafana dashboards in an iframe without having to log in by explicitly providing the credentials.
for folks finding this thread later, we’re closing it because it’s a common question and all of the ins and outs are discussed in this post. The short answer to the specific question is that while it’s possible to pass roles to a grafana iframe from a parent app, there are a number of CSRF & web security reasons why that isn’t a good idea to implement, i.e. I couldn’t recommend it in good faith as a secure option.
The full details and other available options are here:
