What Grafana version and what operating system are you using?
Redhat 7, Grafana 9.1.3
What are you trying to achieve?
We have a security layer in our Database, where we can create rules to access Timeseries per each user or each user group based on the Login.
It is mandatory that every user have it’s own credentials to access the data for auditing purpose and for security level.
The problem is, we have some dashboards every user should see, but if he is missing privileges, he shouldn’t see the data, so far so simple.
But I have no idea, how we can archieve this target, I think, the easiest way would be, to pass the user credentials from grafana login, to the Datasource (in our Case, postgres or json would also be an option), then login with this credentials and the complete sec-layer will be active.
But I don’t think it is possible to pass the credentials form login to the datsource, I’m right?
→ The JSON-Datasource have the option “Forward OAuth Identity” but (at the moment) we are authenticate via LDAP/Active-Directory, so no oauth so far.
on postgres you can only get the user from the connection, and as grafana is a service also the oracle/mssql user variable would have wrong infos - the info from Grafana server o the DB.
How should I verify that the current passed user is the user from the Grafana login? I can’t see a secure solution for this, if the Connection is not made with the credentials passed via grafana.
@Dashboard-editing:
We provide just the Database and the Grafana UI for our Users, they know there Data and know what they need to see, so they make there Dashboards by there own and only contact us if they need further technical support.
