Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Enterprise Open source

Add a token to a service account in Grafana

A service account token is a randomly generated string that external system use to authenticate into Grafana, and include specific permissions to interact with the Grafana HTTP APIs. For more information about service accounts, refer to About service accounts in Grafana.

You can create a service account token using the Grafana UI or via the API. For more information about creating a service account token via the API, refer to HTTP API Create service account token.

Before you begin

  • Ensure you have added the serviceAccounts feature toggle to Grafana. For more information about adding the feature toggle, refer to Enable service accounts.
  • Ensure you have permission to create and edit service accounts. By default, the organization administrator role is required to create and edit service accounts. For more information about user permissions, refer to About users and permissions.

To add a token to a service account

  1. Sign in to Grafana, then hover your cursor over Configuration (the gear icon) in the sidebar.
  2. Click Service accounts.
  3. Click the service account to which you want to add a token.
  4. Click Add token.
  5. Enter a name for the token.
  6. (recommended) Enter an expiry date and expiry date for the token or leave it on no expiry date option.
    • The expiry date specifies how long you want the key to be valid.
    • If you are unsure of an expiration date, we recommend that you set the token to expire after a short time, such as a few hours or less. This limits the risk associated with a token that is valid for a long time.
  7. Click Generate service account token.