Provide mechanism to send header information e.g. Authorization

[PatMis16]

Provide mechanism to send header information e.g. Authorization

[bergquist]

@PatMis16 what kind of headers? Where should the values come from?

[PatMis16]

Hi Carl

For example authentication headers or any type of custom header.

Regards, Patrick Am 07. Dezember 2016 um 08:38 schrieb Carl Bergquist notifications@github.com:

@PatMis16 what kind of headers? Where should the values come from? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

[dumaal]

I believe the least that needs to be done for simpleJS DS to be usable in a public access scenario (security wise) is to be able to set a KEY(string) when defining/editing the data source. This Key is to be sent as a header with every request any dashboards needs to make against the DS, ensuring data is returned only in relation to a key, and not publicly available for anyone to get. (basically having an API-KEY mechanism for accessing the data) Alternatively, this KEY can be encoded in DS's url, but it's less elegant.

[aosaginohi]

I would really like to see this also.

For example we really would like to link Grafana to the Instana API: https://documenter.getpostman.com/view/1527374/instana-api/2TqWQh

But all requests require a authorization header: --header 'authorization: apiToken {{apiToken}}'

So maybe there could be a extra under authentication where you fill in the header in my case "apiToken" and a token "{{apiToken}}" (then it should be compatible for others also). kind of like when you choice the basic auth option.

and maybe the plugin then automatically adds the "--header 'authorization:" part with the input.

not sure if this will be possible?

[kfdm]

I think adding arbitrary headers would be a little excessive, but the ability to use token authentication instead of user/pass would be useful.

At a quick glance, it seems like most data source plugins use the default 'Http Auth' with MySQL (MySQL connection Host/Database/User/Password) being the only exception to that in the default shipped data sources.

[AndRossi]

I would need this feature too. My data source is an API that requires a custom "AdminKey" header. If Grafana offers no ways to send headers in the request, I don't think I will be able to use that API :(

[kemaMartinsson]

A workaround that worked for me was to store the token in a cookie. Then the datasource read the cookie and added my custom header in the request. Not the best solution. But did it for me.

/Kenneth

[DracoBlue]

It is possible to set a „Basic Auth“ Authorization in the Datasource Settings.

On Json Backend Site you have access to username + password. Just use any of those for your api key or proxy the resulting „Authorization“ header if your client supports these.

[gauravk48]

I am also thinking of using the same mechanism, as there is no way currently to pass the Access Token to Datasource. Here is my post:

https://community.grafana.com/t/oauth2-authentication-with-a-custom-datasource-plug-in/880/8

I am asking for this feature to be provided as a configuration option when one uses oauth.

kemaMartinsson I am also thinking of using the cookie approach, but it seems a little bit of a hack. If I can add a fixed header which can be a pass through to all data sources then it can be considered a an easy to configure feature.

[Inlustra]

We're also looking for this, makes the plugin a non-starter 😔@gauravk48 How did you add the token to a cookie?

[gauravk48]

I changed my approach later a bit. I have a PR I will submit very soon for this add on feature using plugin routes. @Inlustra

[lopeg]

Also will be glad to see this feature implemented In my case, i have to GET data from azure data factory, where oauth2 is used so i have to get token from https://management.core.windows.net/ and use it in "Authorization", "Bearer $token" then against target datafactory rest api

thank you i advance

[michaela-elise]

Hi, sorry to open an old topic but we are using grafana and need all the API calls it makes to include our JWT.

This post looks like what we need.

Has this feature been implemented? If so, where in the docs can we find its use?

Basically our site gets and stores a JWT in webstorage. We want grafana to use this JWT for all its auth. The JWT exists after the user logs in, before going to any grafana pages.

If anyone has info or can help with this please send me a message.

[marefr]

If you use provisioning it's possible to provide custom http headers for your datasource, see documentation. There's still an open issue in Grafana so that you can add/edit custom headers through the UI.

[herme063]

In my case when the user access the display, the server side will take the user token, then updated the data source custom headers by setting jsonData and secureJsonFields.

[marefr]

then updated the data source custom headers by setting jsonData and secureJsonFields.

I don't understand what you mean by this. If you're writing a custom datasource plugin sounds you should use the route support: https://grafana.com/docs/plugins/developing/auth-for-datasources/#authentication-for-datasource-plugins

[SMRTT]

Same problem for me, i need to add 3 custom headers to authenticate with the api i want to use. Like i did with telegraf.

[inputs.http.headers] X-App-ID = "xxx" X-App-Secret = "xxx" Authorization = "Bearer xxx

[christianrondeau]

This has been requested and closed with #64 but with Grafana Cloud, I don't see how I can make this work. Providing a custom Authentication header value would solve the problem.

[gwdawson]

The Simple JSON Datasource is now deprecated, and as a result, we are closing all open issues in this repository. Our development focus has shifted, and we are no longer actively maintaining this plugin.

This deprecation means that this plugin won’t receive any feature updates or bug fixes except critical security fixes. After 6 months of the deprecation date (End of June 2024), no updates will be provided at all.

We recommend migrating to the Infinity datasource. Here are the migration steps you can follow. Thank you for your understanding.