Dashboard Permissions API

This API can be used to update/get the permissions for a dashboard.

Permissions with dashboardId=-1 are the default permissions for users with the Viewer and Editor roles. Permissions can be set for a user, a team or a role (Viewer or Editor). Permissions cannot be set for Admins - they always have access to everything.

The permission levels for the permission field:

  • 1 = View
  • 2 = Edit
  • 4 = Admin

If you are running Grafana Enterprise, for some endpoints you’ll need to have specific permissions. Refer to Role-based access control permissions for more information.

Get permissions for a dashboard

GET /api/dashboards/uid/:uid/permissions

Gets all existing permissions for the dashboard with the given uid.

Required permissions

See note in the introduction for an explanation.

ActionScope
dashboards.permissions:readdashboards:uid:
folders:uid:

Example request:

  1. GET /api/dashboards/uid/dHEquNzGz/permissions HTTP/1.1
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Example Response

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 551
  4. [
  5. {
  6. "id": 1,
  7. "dashboardId": -1,
  8. "created": "2017-06-20T02:00:00+02:00",
  9. "updated": "2017-06-20T02:00:00+02:00",
  10. "userId": 0,
  11. "userLogin": "",
  12. "userEmail": "",
  13. "teamId": 0,
  14. "team": "",
  15. "role": "Viewer",
  16. "permission": 1,
  17. "permissionName": "View",
  18. "uid": "dHEquNzGz",
  19. "title": "",
  20. "slug": "",
  21. "isFolder": false,
  22. "url": ""
  23. },
  24. {
  25. "id": 2,
  26. "dashboardId": -1,
  27. "created": "2017-06-20T02:00:00+02:00",
  28. "updated": "2017-06-20T02:00:00+02:00",
  29. "userId": 0,
  30. "userLogin": "",
  31. "userEmail": "",
  32. "teamId": 0,
  33. "team": "",
  34. "role": "Editor",
  35. "permission": 2,
  36. "permissionName": "Edit",
  37. "uid": "dHEquNzGz",
  38. "title": "",
  39. "slug": "",
  40. "isFolder": false,
  41. "url": ""
  42. }
  43. ]

Status Codes:

  • 200 - Ok
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Dashboard not found

Update permissions for a dashboard

POST /api/dashboards/uid/:uid/permissions

Updates permissions for a dashboard. This operation will remove existing permissions if they’re not included in the request.

Required permissions

See note in the introduction for an explanation.

ActionScope
dashboards.permissions:writedashboards:uid:
folders:uid:

Example request:

  1. POST /api/dashboards/uid/dHEquNzGz/permissions
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
  5. {
  6. "items": [
  7. {
  8. "role": "Viewer",
  9. "permission": 1
  10. },
  11. {
  12. "role": "Editor",
  13. "permission": 2
  14. },
  15. {
  16. "teamId": 1,
  17. "permission": 1
  18. },
  19. {
  20. "userId": 11,
  21. "permission": 4
  22. }
  23. ]
  24. }

JSON body schema:

  • items - The permission items to add/update. Items that are omitted from the list will be removed.

Example response:

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 35
  4. {"message":"Dashboard permissions updated"}

Status Codes:

  • 200 - Ok
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Dashboard not found

Get permissions for a dashboard by id

Warning: This API is deprecated since Grafana v9.0.0 and will be removed in a future release. Refer to the new dashboard permissions API.

GET /api/dashboards/id/:dashboardId/permissions

Gets all existing permissions for the dashboard with the given dashboardId.

Required permissions

See note in the introduction for an explanation.

ActionScope
dashboards.permissions:readdashboards:
folders:

Example request:

  1. GET /api/dashboards/id/1/permissions HTTP/1.1
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Example Response

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 551
  4. [
  5. {
  6. "id": 1,
  7. "dashboardId": -1,
  8. "created": "2017-06-20T02:00:00+02:00",
  9. "updated": "2017-06-20T02:00:00+02:00",
  10. "userId": 0,
  11. "userLogin": "",
  12. "userEmail": "",
  13. "teamId": 0,
  14. "team": "",
  15. "role": "Viewer",
  16. "permission": 1,
  17. "permissionName": "View",
  18. "uid": "",
  19. "title": "",
  20. "slug": "",
  21. "isFolder": false,
  22. "url": ""
  23. },
  24. {
  25. "id": 2,
  26. "dashboardId": -1,
  27. "created": "2017-06-20T02:00:00+02:00",
  28. "updated": "2017-06-20T02:00:00+02:00",
  29. "userId": 0,
  30. "userLogin": "",
  31. "userEmail": "",
  32. "teamId": 0,
  33. "team": "",
  34. "role": "Editor",
  35. "permission": 2,
  36. "permissionName": "Edit",
  37. "uid": "",
  38. "title": "",
  39. "slug": "",
  40. "isFolder": false,
  41. "url": ""
  42. }
  43. ]

Status Codes:

  • 200 - Ok
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Dashboard not found

Update permissions for a dashboard by id

Warning: This API is deprecated since Grafana v9.0.0 and will be removed in a future release. Refer to the new dashboard permissions API.

POST /api/dashboards/id/:dashboardId/permissions

Updates permissions for a dashboard. This operation will remove existing permissions if they’re not included in the request.

Required permissions

See note in the introduction for an explanation.

ActionScope
dashboards.permissions:writedashboards:
folders:

Example request:

  1. POST /api/dashboards/id/1/permissions
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
  5. {
  6. "items": [
  7. {
  8. "role": "Viewer",
  9. "permission": 1
  10. },
  11. {
  12. "role": "Editor",
  13. "permission": 2
  14. },
  15. {
  16. "teamId": 1,
  17. "permission": 1
  18. },
  19. {
  20. "userId": 11,
  21. "permission": 4
  22. }
  23. ]
  24. }

JSON body schema:

  • items - The permission items to add/update. Items that are omitted from the list will be removed.

Example response:

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 35
  4. {"message":"Dashboard permissions updated"}

Status Codes:

  • 200 - Ok
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Dashboard not found