Open weng5e opened 1 month ago
this looks like it was introduced in grafana v10.1.x, it is now checking the type of login being used, and puts up that warning if it is not a "real user."
i tried both a "legacy" api key and the new service account api key and they behave the same way.
right now i don't see a way to prevent this from happening other than opening an issue with Grafana core and a PR that would prevent that popup.
luckily the popup does go away, but this is not a good user experience.
i think api keys are really intended to be used against the /api
path only and not as a login method, even though it does work. i've noticed some odd side effects with this method too where plugins fail to load (one loads, the rest do not).
Thanks for the quick response @briangann! All of our plugins are working correctly even with service account :)
Our usage scenario is a "typical big enterprise" office TV. We have the below security requirements:
So, it seems like service account is our only option to use Grafana Kiosk. Is this understanding correct?
Given service account might be our only option here, it would be really nice if there is a way to hide the "Endpoint only available for users" warning.
I think that usage scenario is likely common, plus it doesn't rely on field searching for the login.
I'll talk to our team about this suppressing this popup for service accounts since functionally everything works.
@briangann thank you so much for the information! Looking forward for addtional updates.
This bug is not restricted to only the kiosk client. It is also impacting other non user scenarios, e.g. image capture in alerting and reporting.
Nothing to add, just observing, since we’re starting the journey to kiosk and API/service account is our chosen method too!
I really love the grafana-kiosk that is making it really easy to display Grafana on my office TV!
One small issue is that there is always a warning message of "Endpoint only available for users". How can I avoid showing it?
The command I use to run kiosk: .\grafana-kiosk.windows.amd64.exe -URL=https://XXXXXXXXX -login-method apikey --apikey XXXXXX" -kiosk-mode=tv
Grafana v10.4.7 (ac358f3e56)