apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36276 Commits
2158 Branches
608 Tags
1.9 GiB
Tag: Branch: Tree: 1c6ee69c2d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1c6ee69c2d'
${ noResults }
grafana/docs/sources/developers/http_api/team.md

479 lines
9.4 KiB
Raw Normal View History Unescape

Convert TOML front matter to YAML (#49690) Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
3 years ago
---
aliases:
- /docs/grafana/latest/developers/http_api/team/
- /docs/grafana/latest/http_api/team/
description: Grafana Team HTTP API
keywords:
- grafana
- http
- documentation
- api
- team
- teams
- group
Fix relrefs in devloper docs (#51942)
3 years ago
title: 'Team HTTP API'
Convert TOML front matter to YAML (#49690) Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
3 years ago
---
docs: team API. Closes #10832
7 years ago
# Team API
Security: Sync security changes on main (#45083) * * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search * Teams: Ensure that users searching for teams are only able see teams they have access to * Teams: Require teamGuardian admin privileges to list team members * Teams: Prevent org viewers from administering teams * Teams: Add org_id condition to team count query * Teams: clarify permission requirements in teams api docs * Teams: expand scenarios for team search tests * Teams: mock teamGuardian in tests Co-authored-by: Dan Cech <dcech@grafana.com> * remove duplicate WHERE statement * Fix for CVE-2022-21702 (cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e) * Lint and test fixes (cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981) * check content type properly (cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98) * basic csrf origin check (cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1) * compare origin to host (cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42) * simplify url parsing (cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d) * check csrf for GET requests, only compare origin (cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709) * parse content type properly (cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0) * mentioned get in the comment (cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345) * add content-type: application/json to test HTTP requests * fix pluginproxy test * Fix linter when comparing errors Co-authored-by: Kevin Minehart <kmineh0151@gmail.com> Co-authored-by: Dan Cech <dcech@grafana.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> Co-authored-by: Vardan Torosyan <vardants@gmail.com>
3 years ago
This API can be used to manage Teams and Team Memberships.
Access to these API endpoints is restricted as follows:
- All authenticated users are able to view details of teams they are a member of.
- Organization Admins are able to manage all teams and team members.
Team access changes for editors when editorsCanAdmin is enabled (#45405) * filter teams for editors to only show the teams that they are members of * frontend changes to only allow clicking on teams that the user can edit * update frontend test snapshots * extend docs * reword * remove the comment for now * Update backend tests * reword the warning, and add it back in * docs feedback Co-authored-by: gamab <gabi.mabs@gmail.com>
3 years ago
- If you enable `editors_can_admin` configuration flag, then Organization Editors can create teams and manage teams where they are Admin.
- If you enable `editors_can_admin` configuration flag, Editors can find out whether a team that they are not members of exists by trying to create a team with the same name.
docs: team API. Closes #10832
7 years ago
Fix relrefs in devloper docs (#51942)
3 years ago
> If you are running Grafana Enterprise, for some endpoints you'll need to have specific permissions. Refer to [Role-based access control permissions]({{< relref "../../administration/roles-and-permissions/access-control/custom-role-actions-scopes/" >}}) for more information.
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
docs: team API. Closes #10832
7 years ago
## Team Search With Paging
Update team.md (#33454)
4 years ago
`GET /api/teams/search?perpage=50&page=1&query=myteam`
docs: team API. Closes #10832
7 years ago
or
`GET /api/teams/search?name=myteam`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ---------- | -------- |
| teams:read | teams:\* |
**Example Request**:
docs: team API. Closes #10832
7 years ago
```http
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
GET /api/teams/search?perpage=10&page=1&query=mytestteam HTTP/1.1
docs: team API. Closes #10832
7 years ago
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
Update team.md (#33060) Missing start { in http response. Co-authored-by: achatterjee-grafana <aparajita.chatterjee@grafana.com>
4 years ago
{
docs: team API. Closes #10832
7 years ago
"totalCount": 1,
"teams": [
{
"id": 1,
"orgId": 1,
"name": "MyTestTeam",
"email": "",
"avatarUrl": "\/avatar\/3f49c15916554246daa714b9bd0ee398",
"memberCount": 1
}
],
"page": 1,
"perPage": 1000
}
```
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
### Using the query parameter
Default value for the `perpage` parameter is `1000` and for the `page` parameter is `1`.
The `totalCount` field in the response can be used for pagination of the teams list E.g. if `totalCount` is equal to 100 teams and the `perpage` parameter is set to 10 then there are 10 pages of teams.
The `query` parameter is optional and it will return results where the query value is contained in the `name` field. Query values with spaces need to be URL encoded e.g. `query=my%20team`.
### Using the name parameter
The `name` parameter returns a single team if the parameter matches the `name` field.
#### Status Codes:
docs: team API. Closes #10832
7 years ago
- **200** - Ok
- **401** - Unauthorized
- **403** - Permission denied
docs: status code changes for Team API
7 years ago
- **404** - Team not found (if searching by name)
docs: team API. Closes #10832
7 years ago
## Get Team By Id
`GET /api/teams/:id`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ---------- | -------- |
| teams:read | teams:\* |
docs: team API. Closes #10832
7 years ago
**Example Request**:
```http
GET /api/teams/1 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{
"id": 1,
"orgId": 1,
"name": "MyTestTeam",
"email": "",
"created": "2017-12-15T10:40:45+01:00",
"updated": "2017-12-15T10:40:45+01:00"
}
```
Status Codes:
- **200** - Ok
- **401** - Unauthorized
- **403** - Permission denied
- **404** - Team not found
## Add Team
Update team.md (#25277) document didn't metion teams can assign an orgId.
5 years ago
The Team `name` needs to be unique. `name` is required and `email`,`orgId` is optional.
docs: team API. Closes #10832
7 years ago
`POST /api/teams`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ------------ | ----- |
| teams:create | N/A |
docs: team API. Closes #10832
7 years ago
**Example Request**:
```http
POST /api/teams HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"name": "MyTestTeam",
Update team.md (#25277) document didn't metion teams can assign an orgId.
5 years ago
"email": "email@test.com",
"orgId": 2
docs: team API. Closes #10832
7 years ago
}
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{"message":"Team created","teamId":2}
```
Status Codes:
- **200** - Ok
- **401** - Unauthorized
- **403** - Permission denied
- **409** - Team name is taken
## Update Team
There are two fields that can be updated for a team: `name` and `email`.
`PUT /api/teams/:id`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ----------- | -------- |
| teams:write | teams:\* |
docs: team API. Closes #10832
7 years ago
**Example Request**:
```http
PUT /api/teams/2 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"name": "MyTestTeam",
"email": "email@test.com"
}
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{"message":"Team updated"}
```
docs: status code changes for Team API
7 years ago
Status Codes:
- **200** - Ok
- **401** - Unauthorized
- **403** - Permission denied
- **404** - Team not found
- **409** - Team name is taken
docs: team API. Closes #10832
7 years ago
## Delete Team By Id
`DELETE /api/teams/:id`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ------------ | -------- |
| teams:delete | teams:\* |
docs: team API. Closes #10832
7 years ago
**Example Request**:
```http
DELETE /api/teams/2 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{"message":"Team deleted"}
```
Status Codes:
- **200** - Ok
- **401** - Unauthorized
- **403** - Permission denied
- **404** - Failed to delete Team. ID not found
## Get Team Members
`GET /api/teams/:teamId/members`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ---------------------- | -------- |
| teams.permissions:read | teams:\* |
docs: team API. Closes #10832
7 years ago
**Example Request**:
```http
GET /api/teams/1/members HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
[
{
"orgId": 1,
"teamId": 1,
"userId": 3,
"email": "user1@email.com",
"login": "user1",
"avatarUrl": "\/avatar\/1b3c32f6386b0185c40d359cdc733a79"
},
{
"orgId": 1,
"teamId": 1,
"userId": 2,
"email": "user2@email.com",
"login": "user2",
"avatarUrl": "\/avatar\/cad3c68da76e45d10269e8ef02f8e73e"
}
]
```
Status Codes:
- **200** - Ok
- **401** - Unauthorized
- **403** - Permission denied
## Add Team Member
`POST /api/teams/:teamId/members`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ----------------------- | -------- |
| teams.permissions:write | teams:\* |
docs: team API. Closes #10832
7 years ago
**Example Request**:
```http
POST /api/teams/1/members HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"userId": 2
}
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{"message":"Member added to Team"}
```
Status Codes:
- **200** - Ok
- **400** - User is already added to this team
- **401** - Unauthorized
- **403** - Permission denied
docs: status code changes for Team API
7 years ago
- **404** - Team not found
docs: team API. Closes #10832
7 years ago
## Remove Member From Team
`DELETE /api/teams/:teamId/members/:userId`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ----------------------- | -------- |
| teams.permissions:write | teams:\* |
docs: team API. Closes #10832
7 years ago
**Example Request**:
```http
DELETE /api/teams/2/members/3 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{"message":"Team Member removed"}
```
Status Codes:
- **200** - Ok
- **401** - Unauthorized
- **403** - Permission denied
docs: status code changes for Team API
7 years ago
- **404** - Team not found/Team member not found
docs: team http api update
7 years ago
## Get Team Preferences
`GET /api/teams/:teamId/preferences`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ---------- | -------- |
| teams:read | teams:\* |
docs: team http api update
7 years ago
**Example Request**:
```http
GET /api/teams/2/preferences HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{
"theme": "",
"homeDashboardId": 0,
"timezone": ""
}
```
## Update Team Preferences
`PUT /api/teams/:teamId/preferences`
Docs: RBAC GA (#49062)
3 years ago
**Required permissions**
Documentation for teams with FGAC (#45321) * docs for teams with FGAC * Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
3 years ago
See note in the [introduction]({{< ref "#team-api" >}}) for an explanation.
| Action | Scope |
| ----------- | -------- |
| teams:write | teams:\* |
docs: team http api update
7 years ago
**Example Request**:
```http
PUT /api/teams/2/preferences HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
{
"theme": "dark",
"homeDashboardId": 39,
"timezone": "utc"
}
```
JSON Body Schema:
PackageJson: Prettify markdown/mdx on commit with lint-staged (#37616) * Format md,mdx files with prettier on lint-staged * Manually run prettier on docs/sources
4 years ago
- **theme** - One of: `light`, `dark`, or an empty string for the default theme
- **homeDashboardId** - The numerical `:id` of a dashboard, default: `0`
- **timezone** - One of: `utc`, `browser`, or an empty string for the default
docs: team http api update
7 years ago
Omitting a key will cause the current value to be replaced with the system default value.
**Example Response**:
```http
HTTP/1.1 200
Content-Type: text/plain; charset=utf-8
{
"message":"Preferences updated"
}
```