Documentationbreadcrumb arrow Pluginsbreadcrumb arrow Infinity data sourcebreadcrumb arrow Configure
Open source Enterprise Grafana Cloud

Configure the Infinity data source

To configure the Infinity data source, you need to create an instance of the data source and optionally configure authentication, network settings, and other options.

This page explains how to:

Before you begin

Before you configure the Infinity data source, you need:

  • Grafana version 10.0 or later
  • Organization admin permissions in Grafana, or equivalent RBAC permissions to manage data sources
  • Network access from Grafana to your target API endpoints
  • Appropriate credentials for authenticated endpoints (API keys, OAuth credentials, etc.)

Add the data source

To add the Infinity data source to Grafana:

  1. In Grafana, navigate to Connections > Data sources.
  2. Click Add new data source.
  3. Search for Infinity.
  4. Click the Infinity data source to configure it.
  5. Enter a Name for the data source.
  6. Configure the settings as described in the following sections.
  7. Click Save & test to verify the connection.

The Infinity data source can work out of the box without any additional configuration. If you need the URL to be authenticated or pass additional headers/query/tls/timeout settings, configure the corresponding section.

Note

Configuration applies to all queries using this data source instance. If you need different configuration for different queries, create separate instances of the data source.

Configuration options

The following sections describe the available configuration options for the Infinity data source.

Connection

SettingDescription
Base URLOptional. The base URL for all queries. If configured, this URL is prefixed to all query URLs. For example, if you set https://example.com/api as the base URL and /users as the query URL, the final URL will be https://example.com/api/users.
Allowed hostsA list of hosts that the data source is allowed to connect to. Required when authentication, custom headers, or TLS certificates are configured. If no allowed hosts are specified and none of these features are in use, all hosts are allowed by default.

For more information about URL configuration, refer to URL reference.

Authentication

The Infinity data source supports the following authentication methods:

No authentication

If your APIs don’t require any authentication, select the No Authentication method.

Basic authentication

Basic authentication sends a username and password with your request. In the request headers, the Authorization header uses the Basic <BASE64_ENCODED_USERNAME_AND_PASSWORD> format.

SettingDescription
UserThe username for authentication.
PasswordThe password for authentication.

Bearer token

Bearer token authentication enables requests to authenticate using an access key, such as a JSON Web Token (JWT) or personal access token. In the request headers, the Authorization header uses the Bearer <API_KEY> format.

SettingDescription
TokenThe bearer token value.

Tip

If you need a custom prefix instead of Bearer, use API key authentication with the key set to Authorization.

API key

With API key authentication, you can send a key-value pair to the API via request headers or query parameters.

SettingDescription
KeyThe key of the API token. This becomes the key of the header or query parameter.
ValueThe value of the API token.
InWhere to send the API key: header or query. Most APIs accept API keys via headers.

Tip

It’s easy to confuse API key authentication with Bearer token authentication. Ensure you are using the correct authentication mechanism for your API.

Digest authentication

Digest authentication enables requests to authenticate using the RFC7616 HTTP Digest Access Authentication protocol.

SettingDescription
UserThe username for digest authentication.
PasswordThe password for digest authentication.

OAuth passthrough

If your Grafana user is already authenticated via OAuth, this authentication method forwards the OAuth tokens to the API.

OAuth 2.0 client credentials

OAuth 2.0 client credentials authentication requires the following settings:

SettingDescription
Client IDThe application’s ID.
Client SecretThe application’s secret.
Token URLThe resource server’s token endpoint URL. This is a constant specific to each server.
ScopesOptional. Specifies requested permissions.
Endpoint paramsOptional. Additional parameters for requests to the token endpoint.

For advanced token customization, refer to OAuth2 Custom Tokens. Key customization options include:

  • Custom header names (for example, X-API-Key instead of Authorization)
  • Custom token value formats (for example, Token ${__oauth2.access_token} instead of Bearer ${__oauth2.access_token})
  • Access to multiple token properties (access token, refresh token, token type)

OAuth 2.0 JWT

OAuth 2.0 JWT authentication requires the following settings:

SettingDescription
EmailThe OAuth client identifier used when communicating with the configured OAuth provider.
Private KeyThe contents of an RSA private key or a PEM file that contains a private key.
Private Key IdentifierOptional. A hint indicating which key to use.
Token URLThe endpoint required to complete the 2-legged JWT flow.
SubjectOptional. The user to impersonate.
ScopesOptional. A comma-separated list of requested permission scopes.

OAuth 2.0 JWT authentication also supports token customization. Refer to OAuth2 Custom Tokens for details.

Azure authentication

To authenticate your API endpoints via Microsoft Azure authentication, refer to Azure authentication.

Azure Blob storage

To retrieve content from Azure Blob storage, configure the following settings:

SettingDescription
Azure CloudOptional. The Azure cloud environment. Options include Azure Cloud, Azure US Government, or Azure China.
Storage account nameRequired. The name of your Azure storage account.
Storage account keyRequired. The primary or secondary key for your storage account.

AWS authentication

To authenticate your API endpoints via Amazon AWS authentication, refer to AWS authentication.

TLS settings

Configure TLS settings if your API requires client certificates or custom CA certificates.

SettingDescription
Skip TLS verificationSkip TLS certificate verification. Not recommended for production.
TLS client authenticationEnable TLS client authentication.
With CA certUse a custom CA certificate.
Server nameThe server name that matches the certificate (required for TLS with CA cert).
CA certThe CA certificate content.
Client certThe client certificate content.
Client keyThe client key content.

HTTP headers

You can add custom HTTP headers to all requests made by the data source.

SettingDescription
Header nameThe name of the custom header.
Header valueThe value of the custom header.

Query parameters

You can add query parameters that are sent with every request made by the data source. This works similarly to custom HTTP headers, but the parameters are appended to the URL as query strings.

SettingDescription
Parameter nameThe name of the query parameter.
Parameter valueThe value of the query parameter.

Additional settings

Configure additional options for request handling and HTTP methods.

Timeout

SettingDescription
TimeoutThe timeout in seconds for API requests. Default is 60 seconds.

Dangerous HTTP methods

By default, the Infinity data source only allows GET and POST HTTP methods to reduce the risk of destructive payloads. You can enable other methods such as PATCH, PUT, and DELETE for unconventional use cases.

SettingDescription
Allow dangerous HTTP methodsEnable PATCH, PUT, and DELETE methods.

Warning

Infinity doesn’t validate any permissions against the underlying API. Enable this setting with caution as this can potentially perform destructive actions in the underlying API.

Network settings

Configure how the Infinity data source connects to external APIs.

Note

The Infinity data source sends all API requests from the Grafana server, not from the user’s browser. This means network configuration (proxies, firewalls, etc.) must allow outbound connections from your Grafana server to the target APIs.

Proxy settings

You can configure proxy settings for routing requests through a proxy server.

SettingDescription
Proxy from environment variableDefault. Uses the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables.
No proxyRequests skip the proxy and go directly to the underlying API.
Proxy URLConfigure a specific proxy URL for this data source.
Proxy user nameOptional. Username for proxy authentication.
Proxy passwordOptional. Password for proxy authentication.

Warning

Setting up username and password for proxy authentication should only be used with legacy sites. RFC 2396 warns that passing authentication information in clear text is not recommended due to security risks.

Private data source connect (PDC)

Use private data source connect (PDC) to connect to and query data within a secure network without opening that network to inbound traffic from Grafana Cloud. Refer to Private data source connect for more information on how PDC works and Configure Grafana private data source connect (PDC) for steps on setting up a PDC connection.

If you use PDC with AWS Authentication, the PDC agent must allow internet egress to sts.<region>.amazonaws.com:443.

SettingDescription
Private data source connectSelect a PDC connection from the drop-down or create a new connection.

Health check

The settings for the Infinity data source on the configuration page don’t automatically validate the URL. To ensure that your settings, including authentication and API keys, are valid, you need to enable the custom health check in the Health check section of the configuration page.

Note

The custom health check supports only HTTP GET methods. It verifies the response status code, specifically looking for an HTTP 200 status, but doesn’t check the content of the response.

If you receive a Health check failed message after you click Save & Test, check the URL to ensure it’s valid and you entered it correctly.

Provision the data source

You can define and configure the data source in YAML files as part of Grafana’s provisioning system. For more information about provisioning, and for available configuration options, refer to Provisioning Grafana.

Basic provisioning

YAML 
apiVersion: 1

datasources:
  - name: Infinity
    type: yesoreyeram-infinity-datasource

Provisioning with authentication

The following example shows provisioning with basic authentication:

YAML 
apiVersion: 1

datasources:
  - name: Infinity
    type: yesoreyeram-infinity-datasource
    basicAuth: true
    basicAuthUser: your_username
    jsonData:
      auth_method: basicAuth
      allowedHosts:
        - https://api.example.com
    secureJsonData:
      basicAuthPassword: your_password

Provisioning with custom headers

YAML 
apiVersion: 1

datasources:
  - name: Infinity
    type: yesoreyeram-infinity-datasource
    jsonData:
      httpHeaderName1: X-Custom-Header
      httpHeaderName2: X-API-Token
    secureJsonData:
      httpHeaderValue1: custom-value
      httpHeaderValue2: your-api-token

Advanced provisioning

The following example shows advanced provisioning with TLS and additional options:

YAML 
apiVersion: 1

datasources:
  - name: Infinity
    type: yesoreyeram-infinity-datasource
    basicAuth: true
    basicAuthUser: your_username
    jsonData:
      auth_method: basicAuth
      allowedHosts:
        - https://api.example.com
      oauthPassThru: false
      tlsSkipVerify: false
      tlsAuth: true
      tlsAuthWithCACert: true
      serverName: api.example.com
      timeoutInSeconds: 60
      allowDangerousHTTPMethods: false
    secureJsonData:
      basicAuthPassword: your_password
      tlsCACert: |
        -----BEGIN CERTIFICATE-----
        ...
        -----END CERTIFICATE-----
      tlsClientCert: |
        -----BEGIN CERTIFICATE-----
        ...
        -----END CERTIFICATE-----
      tlsClientKey: |
        -----BEGIN RSA PRIVATE KEY-----
        ...
        -----END RSA PRIVATE KEY-----

Tip

Once you have manually configured the data source and verified it is working, you can generate a provisioning YAML file from the data source configuration page. Look for the Provisioning Script button at the bottom of the config page in the More section.

Provision the data source with Terraform

You can provision the Infinity data source using the Grafana Terraform provider. Use the grafana_data_source resource to create and manage data source instances.

Basic Terraform provisioning

hcl 
resource "grafana_data_source" "infinity" {
  type = "yesoreyeram-infinity-datasource"
  name = "Infinity"
}

Terraform provisioning with authentication

The following example shows provisioning with basic authentication:

hcl 
resource "grafana_data_source" "infinity" {
  type                = "yesoreyeram-infinity-datasource"
  name                = "Infinity"
  basic_auth_enabled  = true
  basic_auth_username = "your_username"

  json_data_encoded = jsonencode({
    auth_method  = "basicAuth"
    allowedHosts = ["https://api.example.com"]
  })

  secure_json_data_encoded = jsonencode({
    basicAuthPassword = "your_password"
  })
}

The following example shows provisioning with bearer token authentication:

hcl 
resource "grafana_data_source" "infinity" {
  type = "yesoreyeram-infinity-datasource"
  name = "Infinity"

  json_data_encoded = jsonencode({
    auth_method  = "bearerToken"
    allowedHosts = ["https://api.example.com"]
  })

  secure_json_data_encoded = jsonencode({
    bearerToken = "your_token"
  })
}

Terraform provisioning with custom headers

hcl 
resource "grafana_data_source" "infinity" {
  type = "yesoreyeram-infinity-datasource"
  name = "Infinity"

  json_data_encoded = jsonencode({
    httpHeaderName1 = "X-Custom-Header"
    httpHeaderName2 = "X-API-Token"
  })

  secure_json_data_encoded = jsonencode({
    httpHeaderValue1 = "custom-value"
    httpHeaderValue2 = "your-api-token"
  })
}

For more information about the Grafana Terraform provider, refer to the provider documentation.

Administrator configuration

Grafana administrators can configure plugin-wide settings using environment variables.

Pagination limits

By default, pagination queries are limited to 5 pages maximum. To increase this limit, set the GF_PLUGIN_PAGINATION_MAX_PAGES environment variable:

shell 
GF_PLUGIN_PAGINATION_MAX_PAGES=10

For Docker deployments:

shell 
docker run -p 3000:3000 \
  -e "GF_INSTALL_PLUGINS=yesoreyeram-infinity-datasource" \
  -e "GF_PLUGIN_PAGINATION_MAX_PAGES=10" \
  grafana/grafana:latest

Note

Higher pagination limits increase the number of API requests made per query, which can affect performance and API rate limits.