You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am confused to the process that Grafana is using for expired tokens. From the Grafana API documentation, the field secondsToLive in the API key creation rest request allows you to set an expiration for new keys.
This example shows how I am implementing. After one minute, I would expect that the key would be expired, the key removed from the UI, and the key would then be able to be created again.
What I am actually seeing is that the key is expired, the key is removed from the UI, and another key with that name "testKey" can no longer be created.
Is this normal behavior with api key creation? I would think this would be breaking for public facing API. Is it perhaps something specific to the Grafana implementation of API keys?
Here is an example of the response from the server when a request is made for a key that has expired and is no longer in the UI.
{"message":"Failed to add API key"}
If I delete the key (through either the API or the UI) prior to its expiration, I can create the key again without issue.
When I attempt to view the keys currently present in the system, I receive an empty list.
curl -X GET -H "Content-Type: application/json" http://removed:forsecurity@localhost:3000/api/auth/keys
[]
If I delete the key through the API after expiration (cant do it through the UI as it no longer shows up there), I am able to create the key again.
If the keys do still exist in the database in an expired state, I would like the option of viewing them in the UI. I would also like for them to be reported in the API call to list keys with a field for expiration status.
Please let me know if you need any additional information from me. Hopefully this is not a duplicate issue.
The text was updated successfully, but these errors were encountered:
I have verified it, it's a bug: the expired keys should not be taken in account during the api key creation.
Also, the API call for listing the api keys should optionally return also the expired ones.
I am confused to the process that Grafana is using for expired tokens. From the Grafana API documentation, the field secondsToLive in the API key creation rest request allows you to set an expiration for new keys.
This example shows how I am implementing. After one minute, I would expect that the key would be expired, the key removed from the UI, and the key would then be able to be created again.
What I am actually seeing is that the key is expired, the key is removed from the UI, and another key with that name "testKey" can no longer be created.
Is this normal behavior with api key creation? I would think this would be breaking for public facing API. Is it perhaps something specific to the Grafana implementation of API keys?
Here is an example of the response from the server when a request is made for a key that has expired and is no longer in the UI.
If I delete the key (through either the API or the UI) prior to its expiration, I can create the key again without issue.
When I attempt to view the keys currently present in the system, I receive an empty list.
If I delete the key through the API after expiration (cant do it through the UI as it no longer shows up there), I am able to create the key again.
If the keys do still exist in the database in an expired state, I would like the option of viewing them in the UI. I would also like for them to be reported in the API call to list keys with a field for expiration status.
Please let me know if you need any additional information from me. Hopefully this is not a duplicate issue.
The text was updated successfully, but these errors were encountered: