Authentication with Loki
Loki does not come with any included authentication layer. Operators are expected to run an authenticating reverse proxy in front of your services, such as NGINX using basic auth or an OAuth2 proxy.
Note that when using Loki in multi-tenant mode, Loki requires the HTTP header
X-Scope-OrgID to be set to a string identifying the tenant; the responsibility
of populating this value should be handled by the authenticating reverse proxy.
Read the multi-tenancy documentation for more information.
For information on authenticating Promtail, please see the docs for how to configure Promtail.
Related Loki resources
Be the first to learn about exciting next-generation features in Grafana 8.0, be inspired by what community members are building, and attend expert-led sessions and workshops on Grafana, Prometheus, Loki logs, and more.
Logging with Loki: Essential configuration settings
This webinar focuses on Loki configuration, picking up where we left off at the end of the Intro to Loki webinar.