thanissi
commented
3 months ago Hi @iwysiu is it possible for someone to review this request? If need more info please let me know. thank you
Open thanissi opened 3 months ago
thanissi
commented
3 months ago Hi @iwysiu is it possible for someone to review this request? If need more info please let me know. thank you
Why is this needed:: We use 2 authentication methods configured:
JWT is used for iframe embedding with URL login with auth_token in the query parameter Azure AD OAuth is for general use where users would login directly to Grafana
What would you like to be added: We have many users who would access Grafana using both authentications. This sometimes caused “flickering” in the browser when tried to access the dashboard via embedded iframe using JWT.
When this happened and the user session had expired, the browser/client continually attempted to rotate a short live token and got a 401 error. Deleting grafana_session from the cookie would stop the short live token refresh and fix the screen flickering issue.
Short live token refresh is designed for OAuth, not JWT.
The expectation is for both authentication methods to work independently. In this scenario, when using JWT, the short live token was still trying to refresh