OnCall API Tokens: Permissions and TTL. #3812
Comments
|
The current version of Grafana OnCall, at the time this issue was opened, is v1.3.99. If your issue pertains to an older version of Grafana OnCall, please be sure to list it in the PR description. Thank you 😄! |
|
Currently the hope is to eventually replace OnCall API keys with Grafana Service Account tokens which already support TTL and fine grained permissions. |
|
This would be really really nice. Having to give everyone 'admin' perms - just to see their own schedule or anything is really bad :( |
|
closing as duplicate of https://github.com/grafana/oncall-private/issues/2839 |
|
I cannot see the linked issue (unsurprising given the name of the repository that it is in), and I suspect this is true for the majority of the people that have indicated interest in this. Is there any public location where we can see the progress of this? |
|
Hi, we have been working on enabling service account tokens support in our public API, and this is now released. You can take a look at the docs describing how to use service account based auth, as well as check the required perms for each API endpoint in their respective descriptions. |
What would you like to see!
Hello!
One of our teams is interested in developing a scraper to collect and analyze data on incidents relevant to them. To implement this, they need access to Grafana OnCall API, which requires an API Token. As maintainers, our concern lies in issuing a token that provides unrestricted access to the entire organization's management systems. We are seeking a solution that offers tailored access, aligning with their specific requirements. This could involve defining permissions at various levels, such as reader, editor, or admin, and implementing an expiration date for the token to enhance security and control.
Product Area
Auth
Anything else to add?
We are using:
Grafana OSS v9.5.7
Grafana OnCall OSS plugin and backend 1.3.81
The text was updated successfully, but these errors were encountered: