POST /api/admin/provisioning/access-control/reload returns "Not found" in Grafana

164 views Asked by At

I want to create a grafana user without using Admin credentials. I was trying to create a user using API in grafana using the code below:

curl -XPOST -H "Content-Type: application/json" -d '{
  "name":"User",
  "email":"[email protected]",
  "login":"user",
  "password":"userpassword"
}' https://user:password@<host>/api/admin/users

After this, I got an error which made me think I do not have sufficient permissions as a grafana user to do this and could create the user using Grafana Admin credentials.

{
"accessErrorId":"ACE7538001967",
"message":"You'll need additional permissions to perform this action. Permissions needed: users:create",
"title":"Access denied"
}

So, I tried implementing RBAC. The way I did this is to: Edited etc/grafana/provisioning/access-control/sample.yaml file with contents:

# ---
# # config file version
 apiVersion: 2

 # <list> list of roles to insert/update/delete
 roles:
   # <string, required> name of the role you want to create or update. Required.
   - name: 'custom:users:writer'
     # <string> uid of the role. Has to be unique for all orgs.
     uid: customuserswriter1
     # <string> description of the role, informative purpose only.
     description: 'Create, read, write users'
     # <int> version of the role, Grafana will update the role when increased.
     version: 2
     # <int> org id. Defaults to Grafana's default if not specified.
     orgId: 1
     # <list> list of the permissions granted by this role.
     permissions:
       # <string, required> action allowed.
       - action: 'users:read'
         #<string> scope it applies to.
         scope: 'global.users:*'
       - action: 'users:write'
         scope: 'global.users:*'
       - action: 'users:create'

And then according to this doc: https://grafana.com/docs/grafana/v9.5/administration/roles-and-permissions/access-control/rbac-grafana-provisioning/#provisioning-rbac-with-grafana

I hit the API using curl as an Admin user to reload provisioning configurations:

curl -X POST https://admin:admin@<host>/api/admin/provisioning/access-control/reload -H "Accept: application/json" -H "Content-Type: application/json"

But I got this response: {"message":"Not found"}

Other API calls work for example,

curl -X POST https://<admin>:<admin-pwd>@<my-host>/api/admin/provisioning/notifications/reload 
-H "Accept: application/json" 
-H "Content-Type: application/json"

{"message":"Notifications config reloaded"}

What should I have done differently? Any help would be appreciated. Tried asking this on Grafana forum as well as on their Github account.

https://community.grafana.com/t/unable-to-create-user-via-api/105747/10

https://github.com/grafana/grafana/issues/76750

Grafana docs are definitely not that straightforward. Thanks a lot, in advance!

I was expecting this API response to be something like 200 OK.

curl -X POST https://<admin>:<admin-pwd>@<my-host>/api/admin/provisioning/access-control/reload 
-H "Accept: application/json" 
-H "Content-Type: application/json"
0

There are 0 answers