Despite these settings, Grafana still requires the use of a password to view Dashboards. Can someone please help me with the correct settings?
[auth.anonymous]
#
I had this issue, but the root cause in my case was a tiny mistake. I checked the grafana.log file and found that:
"2016/02/12 09:24:57 [middleware.go:62 initContextWithAnonymousUser()] [E] Anonymous access organization error: 'Anonymous Org.': Organization not found"
I changed the org_name in grafana.ini, and after restarting Grafana, things worked well as I intended.
I recommend you check your grafana.log file to see what's wrong with your configuration.
Here is what i did for my Caddy proxy which uses client-cert auth already. Beware, this still exposes your datasource to the public! Be sure to replace your@email.com with your email and the Caddy proxy ip in grafana.ini.
Caddyfile
grafana.****.***, gf.****.*** {
tls your@email.com {
clients /mnt/user/appdata/caddy/conf/ca.crt
}
proxy / http://10.0.1.39:3000 {
transparent
websocket
insecure_skip_verify
header_upstream X-WEBAUTH-USER "admin"
}
}
gf-pub.****.*** {
tls your@email.com
proxy / http://10.0.1.39:3000 {
transparent
websocket
insecure_skip_verify
header_upstream X-WEBAUTH-USER "public"
}
}
grafana.ini
[auth.proxy]
enabled = true
header_name = X-WEBAUTH-USER
header_property = username
enable_login_token = false
whitelist = 10.0.1.3 <-- Your Caddy IP
To setup login for anonymous users you need to make these small configuration changes in the default.ini/grafana.ini file (Grafana\conf).
If you want to hide the login page do this configuration:
[auth]
# Set to true to disable (hide) the login form, useful if you use OAuth
#disable_login_form = false
disable_login_form = true
Change disable_login_form
to true
.
Enable anonymous access:
[auth.anonymous]
# enable anonymous access
enabled = true
Specify the organization:
# specify organization name that should be used for unauthenticated users
org_name = YOUR_ORG_NAME_HERE
Restart Grafana and you should be able to see the Grafana dashboard. If not, just change your org role from Viewer
to Editor
:
# specify role for unauthenticated users
org_role = Editor
Thanks @Donald Mok for his answer; I just want to make it as clear as possible. In the Grafana interface you can create an organization. After that you can create some dashboards for this organization. So, there is a problem that you need to specify the organization for anonymous users. And it should be a real organization (for your Grafana). And anonymous users will be able to see only dashboards from this organization.
#################################### Anonymous Auth ##########################
[auth.anonymous]
# enable anonymous access
enabled = true
# specify organization name that should be used for unauthenticated users
org_name = ORGANIZATION
First of all, in grafana.ini
adjust the following values:
[auth.anonymous]
# enable anonymous access
enabled = true
# specify organization name that should be used for unauthenticated users
org_name = YOUR_ORG_NAME_HERE
# specify role for unauthenticated users
org_role = SOME_USER_NAME_HERE # e.g. Anonymous
Now, after restarting Grafana, log in and make sure there is another user than admin created. If not, create one. The values in the user creation dialogue are actually unimportant to achieve the task.
Finally, set the same organisation name under global orgs to match your grafana.ini
value. Also, make sure the user you created has the role you set in grafana.ini
(in my example the role would be "Anonymous").