Authentication API - Amazon Managed Grafana

Authentication API

Use the Authentication API to work with authentication keys in an Amazon Managed Grafana workspace.

Note

To use a Grafana API with your Amazon Managed Grafana workspace, you must have a valid Grafana API key. You include this key in the Authorization field in the API request. For information about how to create a Grafana API key, see Using Grafana HTTP APIs.

Get API keys

GET /api/auth/keys

Example request

GET /api/auth/keys HTTP/1.1 Accept: application/json Content-Type: application/json Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Query parameter:

  • includeExpired— (Optional) Boolean parameter that specifies whether to include expired keys in the returned results. The default is false.

Example response

HTTP/1.1 200 Content-Type: application/json [ {"id": 3,"name": "API","role": "Admin"}, {"id": 1,"name": "TestAdmin","role": "Admin","expiration": "2019-06-26T10:52:03+03:00"} ]

Create API key

POST /api/auth/keys

Example request

POST /api/auth/keys HTTP/1.1 Accept: application/json Content-Type: application/json Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk { "name": "mykey", "role": "Admin", "secondsToLive": 86400 }

JSON body schema:

  • name— The name for the key.

  • role— Sets the access level (Grafana role) for the key. Valid values are Admin, Editor, or Viewer.

  • secondsToLive— Sets the amount of time before the key expires. It must be 2592000 (30 days) or less.

Example response

{"name":"mykey","key":"eyJrIjoiWHZiSWd3NzdCYUZnNUtibE9obUpESmE3bzJYNDRIc0UiLCJuIjoibXlrZXkiLCJpZCI6MX1=","id":1}

Error statuses:

  • 400secondsToLive is greater than 2592000

  • 500— The key couldn't be stored in the database.

Delete API key

DELETE /api/auth/keys/:id

Example request

DELETE /api/auth/keys/3 HTTP/1.1 Accept: application/json Content-Type: application/json Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Example response

HTTP/1.1 200 Content-Type: application/json {"message":"API key deleted"}