A question regarding authentication for a custom plugin…hopefully this explanation of our situation makes sense:
- We are using Grafana’s own authentication and authorization engine for managing users and credentials
- We are developing a custom panel plugin to display a particular user interface
- That custom panel relies on a back-end API endpoint that’s separate from the Grafana back-end (but could be hosted on the same server, if that makes a difference)
- We would like to use the Grafana user credentials in order to manage access to that back-end service. That is, we’d like the back-end service to be able to check whether the request is coming from a properly authenticated user
I appreciate the above is somewhat open-ended, but would appreciate any thoughts on the best way to make that happen.
Is it possible for our back-end API to for example verify authentication based on the user’s session cookie? @daniellee, should we be looking at something like what you describe in SimpleJson datasource plugin - send user/pass in request?
Or should we be looking at a completely different way to implement this? We did for example consider OAuth, but the stumbling block there is that we’d really rather just use Grafana’s existing UI to manage a single database with users (+ teams and roles), rather than have a separate UI for managing the OAuth users. AuthProxy also doesn’t seem to be a great solution for the same reason.
Thanks in advance for any pointers!