bf832c93e7
Fix website build errors both for Grafana and content mounted in Grafana Cloud (#64794)
* Fix reference to Grafana CLI
- Make relref for relative permalink
- Use relative path for unambiguous resolution
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix alerting relref anchor format
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Avoid ambiguous relref lookups by forcing relative resolution
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove reference to non-existent shared page
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix links broken in Grafana Cloud using absolute relrefs
By resolving the relref absolutely, it refers to the same location
regardless of mounted directory.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove trailing slash for bundle independent resolution
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix typo
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* For now, avoid Hugo checking cross repository /docs/grafana-cloud link
The path is unlikely to change in the short term and this makes CI
completely green for now.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* No need to specify path for in page anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix prose
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
(cherry picked from commit ebb54aea8d)
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
7.8 KiB
aliases, canonical, description, keywords, title
| aliases | canonical | description | keywords | title | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
/docs/grafana/latest/developers/http_api/serviceaccount/ | Grafana service account HTTP API |
|
Service account HTTP API |
Service account API
If you are running Grafana Enterprise, for some endpoints you'll need to have specific permissions. Refer to [Role-based access control permissions]({{< relref "/docs/grafana/latest/administration/roles-and-permissions/access-control/custom-role-actions-scopes" >}}) for more information.
Search service accounts with Paging
GET /api/serviceaccounts/search?perpage=10&page=1&query=myserviceaccount
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:read | n/a |
Example Request:
GET /api/serviceaccounts/search?perpage=10&page=1&query=mygraf HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
Default value for the perpage parameter is 1000 and for the page parameter is 1. The totalCount field in the response can be used for pagination of the user list E.g. if totalCount is equal to 100 users and the perpage parameter is set to 10 then there are 10 pages of users. The query parameter is optional and it will return results where the query value is contained in one of the name. Query values with spaces need to be URL encoded e.g. query=Jane%20Doe.
Example Response:
HTTP/1.1 200
Content-Type: application/json
{
"totalCount": 2,
"serviceAccounts": [
{
"id": 1,
"name": "grafana",
"login": "sa-grafana",
"orgId": 1,
"isDisabled": false,
"role": "Viewer",
"tokens": 0,
"avatarUrl": "/avatar/85ec38023d90823d3e5b43ef35646af9",
"accessControl": {
"serviceaccounts:delete": true,
"serviceaccounts:read": true,
"serviceaccounts:write": true
}
},
{
"id": 2,
"name": "test",
"login": "sa-test",
"orgId": 1,
"isDisabled": false,
"role": "Viewer",
"tokens": 0,
"avatarUrl": "/avatar/8ea890a677d6a223c591a1beea6ea9d2",
"accessControl": {
"serviceaccounts:delete": true,
"serviceaccounts:read": true,
"serviceaccounts:write": true
}
}
],
"page": 1,
"perPage": 10
}
Create service account
POST /api/serviceaccounts
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:create | n/a |
Example Request:
POST /api/serviceaccounts HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"name": "grafana",
"role": "Viewer",
"isDisabled" : false
}
Example Response:
HTTP/1.1 201
Content-Type: application/json
{
"id": 1,
"name": "test",
"login": "sa-test",
"orgId": 1,
"isDisabled": false,
"createdAt": "2022-03-21T14:35:33Z",
"updatedAt": "2022-03-21T14:35:33Z",
"avatarUrl": "/avatar/8ea890a677d6a223c591a1beea6ea9d2",
"role": "Viewer",
"teams": []
}
Get a service account by ID
GET /api/serviceaccounts/:id
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:read | serviceaccounts🆔* |
Example Request:
GET /api/serviceaccounts/1 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
Example Response:
HTTP/1.1 200
Content-Type: application/json
{
"id": 1,
"name": "test",
"login": "sa-test",
"orgId": 1,
"isDisabled": false,
"createdAt": "2022-03-21T14:35:33Z",
"updatedAt": "2022-03-21T14:35:33Z",
"avatarUrl": "/avatar/8ea890a677d6a223c591a1beea6ea9d2",
"role": "Viewer",
"teams": []
}
Update service account
PATCH /api/serviceaccounts/:id
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:write | serviceaccounts🆔* |
Example Request:
PATCH /api/serviceaccounts/2 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"name": "test",
"role": "Editor"
}
Example Response:
HTTP/1.1 200
Content-Type: application/json
{
"id": 2,
"name": "test",
"login": "sa-grafana",
"orgId": 1,
"isDisabled": false,
"createdAt": "2022-03-21T14:35:44Z",
"updatedAt": "2022-03-21T14:35:44Z",
"avatarUrl": "/avatar/8ea890a677d6a223c591a1beea6ea9d2",
"role": "Editor",
"teams": []
}
Get service account tokens
GET /api/serviceaccounts/:id/tokens
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:read | serviceaccounts🆔* |
Example Request:
GET /api/serviceaccounts/2/tokens HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
Example Response:
HTTP/1.1 200
Content-Type: application/json
[
{
"id": 1,
"name": "grafana",
"role": "Viewer",
"created": "2022-03-23T10:31:02Z",
"expiration": null,
"secondsUntilExpiration": 0,
"hasExpired": false
}
]
Create service account tokens
POST /api/serviceaccounts/:id/tokens
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:write | serviceaccounts🆔* |
Example Request:
POST /api/serviceaccounts/2/tokens HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"name": "grafana",
"role": "Viewer"
}
Example Response:
HTTP/1.1 200
Content-Type: application/json
{
"id": 7,
"name": "grafana",
"key": "eyJrIjoiVjFxTHZ6dGdPSjg5Um92MjN1RlhjMkNqYkZUbm9jYkwiLCJuIjoiZ3JhZmFuYSIsImlkIjoxfQ=="
}
Delete service account tokens
DELETE /api/serviceaccounts/:id/tokens/:tokenId
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:write | serviceaccounts🆔* |
Example Request:
DELETE /api/serviceaccounts/2/tokens/1 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
Example Response:
HTTP/1.1 200
Content-Type: application/json
{
"message": "API key deleted"
}
Revert service account token to API key
DELETE /api/serviceaccounts/:serviceAccountId/revert/:keyId
This operation will delete the service account and create a legacy API Key for the given keyId.
Required permissions
See note in the [introduction]({{< ref "#service-account-api" >}}) for an explanation.
| Action | Scope |
|---|---|
| serviceaccounts:delete | serviceaccounts🆔* |
Example Request:
DELETE /api/serviceaccounts/1/revert/glsa_VVQjot0nijQ59lun6pMZRtsdBXxnFQ9M_77c34a79 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
Example Response:
HTTP/1.1 200
Content-Type: application/json
{
"message": "Reverted service account to API key"
}