This is documentation for the next version of Grafana. For the latest stable release, go to the latest version.
Configure basic authentication
Grafana provides a basic authentication system with password authentication enabled by default. This document details configuration options to manage and enhance basic authentication.
Disable basic authentication
To disable basic authentication, use the following configuration:
[auth.basic]
enabled = false
Password policy
By default, Grafana’s password policy requires a minimum of four characters for basic auth users. For a stronger password policy, enable the password_policy
configuration option.
With the password_policy
option enabled, new and updated passwords must meet the following criteria:
- At least 12 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one special character
[auth.basic]
password_policy = true
Note
Existing passwords that do not comply with the new password policy will not be affected until the user updates their password.
Disable login form
To hide the Grafana login form, use the following configuration setting:
[auth]
disable_login_form = true
This can be helpful in setups where authentication is handled entirely through external mechanisms or single sign-on (SSO).