Open source


otelcol.auth.basic exposes a handler that can be used by other otelcol components to authenticate requests using basic authentication.

This extension supports both server and client authentication.

NOTE: otelcol.auth.basic is a wrapper over the upstream OpenTelemetry Collector basicauth extension. Bug reports or feature requests will be redirected to the upstream repository, if necessary.

Multiple otelcol.auth.basic components can be specified by giving them different labels.


otelcol.auth.basic "LABEL" {
  username = "USERNAME"
  password = "PASSWORD"


otelcol.auth.basic supports the following arguments:

usernamestringUsername to use for basic authentication requests.yes
passwordsecretPassword to use for basic authentication requests.yes


The following blocks are supported inside the definition of otelcol.auth.basic:

debug_metricsdebug_metricsConfigures the metrics that this component generates to monitor its

debug_metrics block

The debug_metrics block configures the metrics that this component generates to monitor its state.

The following arguments are supported:

disable_high_cardinality_metricsbooleanWhether to disable certain high cardinality metrics.trueno
levelstringControls the level of detail for metrics emitted by the wrapped collector."detailed"no

disable_high_cardinality_metrics is the Grafana Alloy equivalent to the telemetry.disableHighCardinalityMetrics feature gate in the OpenTelemetry Collector. It removes attributes that could cause high cardinality metrics. For example, attributes with IP addresses and port numbers in metrics about HTTP and gRPC connections are removed.


If configured, disable_high_cardinality_metrics only applies to otelcol.exporter.* and otelcol.receiver.* components.

level is the Alloy equivalent to the telemetry.metrics.level feature gate in the OpenTelemetry Collector. Possible values are "none", "basic", "normal" and "detailed".

Exported fields

The following fields are exported and can be referenced by other components:

handlercapsule(otelcol.Handler)A value that other components can use to authenticate requests.

Component health

otelcol.auth.basic is only reported as unhealthy if given an invalid configuration.

Debug information

otelcol.auth.basic does not expose any component-specific debug information.


This example configures otelcol.exporter.otlp to use basic authentication:

otelcol.exporter.otlp "example" {
  client {
    endpoint = "my-otlp-grpc-server:4317"
    auth     = otelcol.auth.basic.creds.handler

otelcol.auth.basic "creds" {
  username = "demo"
  password = env("API_KEY")