Using oauth tokens within plugin

Hey everyone. Big thanks to Grafana team for developing this excellent monitoring software!

We are currently logging users in through Oauth - Microsoft Azure AD. We then have custom Grafana plugins that make calls to a API server, which require the user’s azure token. In order to do this, we are using the MSAL.js library to get the token (and ultimately re-authenticate via popups) for each panel. This is quite a nuisance to users.

Anyone know if it’s possible to get the oauth token which was obtained during initial login within the Grafana plugin javascript? If not, what would be the recommended pattern for this use case?

Not sure if this is correct for you, but this is how I did it in my OpenFlow plugin.

  • Configure Grafana to authenticate users using OAuth toward azure
  • enable “Forward OAuth Identity” on the plugin
  • Now you will find the users access token in the header
  • reuse that token toward your API server