Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Enterprise Open source

Authentication API

The Authentication HTTP API is used to manage API keys.

Note

Grafana recommends using service accounts instead of API keys. For more information, refer to Grafana service account API reference.

If you are running Grafana Enterprise, for some endpoints you would need to have relevant permissions. Refer to Role-based access control permissions for more information.

List API keys

Warning

This endpoint is deprecated.

GET /api/auth/keys

Required permissions

See note in the introduction for an explanation.

ActionScope
apikeys:readapikeys:*

Example Request:

http
GET /api/auth/keys HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Query Parameters:

  • includeExpired: boolean. enable listing of expired keys. Optional.

Example Response:

http
HTTP/1.1 200
Content-Type: application/json

[
  {
    "id": 3,
    "name": "API",
    "role": "Admin"
  },
  {
    "id": 1,
    "name": "TestAdmin",
    "role": "Admin",
    "expiration": "2019-06-26T10:52:03+03:00"
  }
]

Create API Key

Warning

This endpoint has been made obsolete in Grafana 11.3.0.

Endpoint is obsolete and has been moved to Grafana service account API. For more information, refer to Migrate to Grafana service account API.

POST /api/auth/keys

Example Response:

http
HTTP/1.1 410
Content-Type: application/json

{"message":"this endpoint has been removed, please use POST /api/serviceaccounts and POST /api/serviceaccounts/{id}/tokens instead"}

Delete API Key

Warning

DEPRECATED

DELETE /api/auth/keys/:id

Required permissions

See note in the introduction for an explanation.

ActionScope
apikeys:deleteapikeys:*

Example Request:

http
DELETE /api/auth/keys/3 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Example Response:

http
HTTP/1.1 200
Content-Type: application/json

{"message":"API key deleted"}