https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/Recent content in Configure security on Grafana LabsHugo -- gohugo.ioenhttps://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/planning-iam-strategy/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/planning-iam-strategy/<h1 id="plan-your-iam-integration-strategy">Plan your IAM integration strategy</h1> <p>This section describes the decisions you should make when using an Identity and Access Management (IAM) provider to manage access to Grafana. IAM ensures that users have secure access to sensitive data and <a href="../../../administration/data-source-management/">other resources</a>, simplifying user management and authentication.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-authentication/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-authentication/<h1 id="configure-authentication">Configure authentication</h1> <p>Grafana provides many ways to authenticate users. Some authentication integrations also enable syncing user permissions and org memberships.</p> <p>The following table shows all supported authentication providers and the features available for them. <a href="../configure-team-sync/">Team sync</a> and <a href="enhanced-ldap/#active-ldap-synchronization">active sync</a> are only available in Grafana Enterprise.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-database-encryption/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-database-encryption/<h1 id="configure-database-encryption">Configure database encryption</h1> <p>Grafana’s database contains secrets, which are used to query data sources, send alert notifications, and perform other functions within Grafana.</p> <p>Grafana encrypts these secrets before they are written to the database, by using a symmetric-key encryption algorithm called Advanced Encryption Standard (AES). These secrets are signed using a <a href="../../configure-grafana/#secret_key">secret key</a> that you can change when you configure a new Grafana instance.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/audit-grafana/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/audit-grafana/<h1 id="audit-a-grafana-instance">Audit a Grafana instance</h1> <p>Auditing allows you to track important changes to your Grafana instance. By default, audit logs are logged to file but the auditing feature also supports sending logs directly to Loki.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/export-logs/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/export-logs/<h1 id="export-logs-of-usage-insights">Export logs of usage insights</h1> <div class="admonition admonition-note"><blockquote><p class="title text-uppercase">Note</p><p>Available in <a href="../../../introduction/grafana-enterprise/">Grafana Enterprise</a> version 7.4 and later, and <a href="/docs/grafana-cloud/">Grafana Cloud Pro and Advanced</a>.</p></blockquote></div> <p>By exporting usage logs to Loki, you can directly query them and create dashboards of the information that matters to you most, such as dashboard errors, most active organizations, or your top-10 most-used queries. This configuration is done for you in Grafana Cloud, with provisioned dashboards. Read about them in the <a href="/docs/grafana-cloud/usage-insights/">Grafana Cloud documentation</a>.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/secret-scan/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/secret-scan/<h1 id="configure-grafana-secret-scanning-and-notifications">Configure Grafana secret scanning and notifications</h1> <p>With Grafana, you can use the GitHub Secret Scanning service to determine if your <a href="../../../administration/service-accounts/">service account tokens</a> have been leaked on GitHub.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-team-sync/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-team-sync/<h1 id="configure-team-sync">Configure Team Sync</h1> <p>Team sync lets you set up synchronization between your auth providers teams and teams in Grafana. This enables LDAP, OAuth, or SAML users who are members of certain teams or groups to automatically be added or removed as members of certain teams in Grafana.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-request-security/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-request-security/<h1 id="configure-request-security">Configure request security</h1> <p>Request security allows you to limit requests from the Grafana server by targeting requests generated by users, such as data source metric queries and alert notifications.</p>https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-security-hardening/Fri, 13 Mar 2026 14:43:40 -0400https://grafana.com/docs/grafana/v10.0/setup-grafana/configure-security/configure-security-hardening/<h1 id="configure-security-hardening">Configure security hardening</h1> <p>Security hardening enables you to apply additional security, which can help stop certain vulnerabilities from being exploited by a malicious attacker.</p> <div class="admonition admonition-note"><blockquote><p class="title text-uppercase">Note</p>