Authentication with Grafana Loki
Grafana Loki does not come with any included authentication layer. Operators are expected to run an authenticating reverse proxy in front of your services, such as NGINX using basic auth or an OAuth2 proxy.
Note that when using Loki in multi-tenant mode, Loki requires the HTTP header
X-Scope-OrgID
to be set to a string identifying the tenant; the responsibility
of populating this value should be handled by the authenticating reverse proxy.
Read the multi-tenancy documentation for more information.
For information on authenticating Promtail, please see the docs for how to configure Promtail.
Related Loki resources
Getting started with logging and Grafana Loki (APAC timezone)
Join this webinar to learn why correlating metrics and logs is critical across the development lifecycle, and how Loki helps reduce logging costs and operations overhead.
Logging with Loki: Essential configuration settings
This webinar focuses on Grafana Loki configuration including agents Promtail and Docker; the Loki server; and Loki storage for popular backends.
Observability with logs & Grafana
Discover how you can utilize, manage, and visualize log events with Grafana and Grafana’s logging application Loki.