Datasource Permissions API

Datasource Permissions is only available in Grafana Enterprise. Read more about Grafana Enterprise.

This API can be used to enable, disable, list, add and remove permissions for a datasource.

Permissions can be set for a user or a team. Permissions cannot be set for Admins - they always have access to everything.

The permission levels for the permission field:

  • 1 = Query

Enable permissions for a datasource

POST /api/datasources/:id/enable-permissions

Enables permissions for the datasource with the given id. No one except Org Admins will be able to query the datasource until permissions have been added which permit certain users or teams to query the datasource.

Example request:

  1. POST /api/datasources/1/enable-permissions
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
  6. {}

Example response:

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 35
  5. {"message":"Datasource permissions enabled"}

Status Codes:

  • 200 - Ok
  • 400 - Permissions cannot be enabled, see response body for details
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Datasource not found

Disable permissions for a datasource

POST /api/datasources/:id/disable-permissions

Disables permissions for the datasource with the given id. All existing permissions will be removed and anyone will be able to query the datasource.

Example request:

  1. POST /api/datasources/1/disable-permissions
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
  6. {}

Example response:

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 35
  5. {"message":"Datasource permissions disabled"}

Status Codes:

  • 200 - Ok
  • 400 - Permissions cannot be disabled, see response body for details
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Datasource not found

Get permissions for a datasource

GET /api/datasources/:id/permissions

Gets all existing permissions for the datasource with the given id.

Example request:

  1. GET /api/datasources/1/permissions HTTP/1.1
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Example Response

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 551
  5. {
  6.   "datasourceId": 1,
  7.   "enabled": true,
  8.   "permissions":
  9.   [
  10.     {
  11.       "id": 1,
  12.       "datasourceId": 1,
  13.       "userId": 1,
  14.       "userLogin": "user",
  15.       "userEmail": "user@test.com",
  16.       "userAvatarUrl": "/avatar/46d229b033af06a191ff2267bca9ae56",
  17.       "permission": 1,
  18.       "permissionName": "Query",
  19.       "created": "2017-06-20T02:00:00+02:00",
  20.       "updated": "2017-06-20T02:00:00+02:00",
  21.     },
  22.     {
  23.       "id": 2,
  24.       "datasourceId": 1,
  25.       "teamId": 1,
  26.       "team": "A Team",
  27.       "teamAvatarUrl": "/avatar/46d229b033af06a191ff2267bca9ae56",
  28.       "permission": 1,
  29.       "permissionName": "Query",
  30.       "created": "2017-06-20T02:00:00+02:00",
  31.       "updated": "2017-06-20T02:00:00+02:00",
  32.     }
  33.   ]
  34. }

Status Codes:

  • 200 - Ok
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Datasource not found

Add permission for a datasource

POST /api/datasources/:id/permissions

Adds a user permission for the datasource with the given id.

Example request:

  1. POST /api/datasources/1/permissions
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
  6. {
  7.   "userId": 1,
  8.   "permission": 1
  9. }

Example response:

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 35
  5. {"message":"Datasource permission added"}

Adds a team permission for the datasource with the given id.

Example request:

  1. POST /api/datasources/1/permissions
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
  6. {
  7.   "teamId": 1,
  8.   "permission": 1
  9. }

Example response:

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 35
  5. {"message":"Datasource permission added"}

Status Codes:

  • 200 - Ok
  • 400 - Permission cannot be added, see response body for details
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Datasource not found

Remove permission for a datasource

DELETE /api/datasources/:id/permissions/:permissionId

Removes the permission with the given permissionId for the datasource with the given id.

Example request:

  1. DELETE /api/datasources/1/permissions/2
  2. Accept: application/json
  3. Content-Type: application/json
  4. Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk

Example response:

  1. HTTP/1.1 200 OK
  2. Content-Type: application/json; charset=UTF-8
  3. Content-Length: 35
  5. {"message":"Datasource permission removed"}

Status Codes:

  • 200 - Ok
  • 401 - Unauthorized
  • 403 - Access denied
  • 404 - Datasource not found or permission not found