The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
Why is this needed::
We use 2 authentication methods configured:
Azure AD OAuth
JWT
JWT is used for iframe embedding with URL login with auth_token in the query parameter
Azure AD OAuth is for general use where users would login directly to Grafana
What would you like to be added:
We have many users who would access Grafana using both authentications. This sometimes caused “flickering” in the browser when tried to access the dashboard via embedded iframe using JWT.
When this happened and the user session had expired, the browser/client continually attempted to rotate a short live token and got a 401 error. Deleting grafana_session from the cookie would stop the short live token refresh and fix the screen flickering issue.
Short live token refresh is designed for OAuth, not JWT.
The expectation is for both authentication methods to work independently. In this scenario, when using JWT, the short live token was still trying to refresh
Why is this needed:: We use 2 authentication methods configured:
JWT is used for iframe embedding with URL login with auth_token in the query parameter Azure AD OAuth is for general use where users would login directly to Grafana
What would you like to be added: We have many users who would access Grafana using both authentications. This sometimes caused “flickering” in the browser when tried to access the dashboard via embedded iframe using JWT.
When this happened and the user session had expired, the browser/client continually attempted to rotate a short live token and got a 401 error. Deleting grafana_session from the cookie would stop the short live token refresh and fix the screen flickering issue.
Short live token refresh is designed for OAuth, not JWT.
The expectation is for both authentication methods to work independently. In this scenario, when using JWT, the short live token was still trying to refresh