“Read Only” Display Login¶
The ZMON front end requires users to login. However a very common way of deploying dashboards is on TV screens running across office spaces to e.g. render Grafana or ZMON dashboards. For this ZMON provides you with a way to login a read only authenticated user via one-time tokens.
Those tokens can be created by any real user by login in first and switching to TV mode or via the ZMON CLI.
How does it work¶
First time a valid one time token is used to login we associate a random UUID with it and the device IP. Both are registered within ZMON to create a persisted session, thus this will continue to work after the frontend gets deployed.
Tokens can’t be reused. Once used, it can no longer be used and you need to create a new one. You’ll need a different token per additional device or location. One time token sessions will last up to 365 days.
Using the ZMON CLI¶
You can also generate one time tokens using the command line tool. The tool also allows you to list which tokens you already generated.
Getting a token¶
zmon onetime-token get Retrieving new one-time token ... https://zmon.example.org/tv/AocciOWf/ OK
Login with token¶
Use the URL in the target browser to login directly. This will create a read-only session.
https://<your zmon url>/tv/<your token>
Please make sure you access the generated URL in order to login. Appending the <token> to any other ZMON device or location won’t work.
Listing existing tokens¶
zmon onetime-token list - bound_at: 2008-05-08 12:16:21.696000 bound_expires: 1234567800000 bound_ip: '' created: 2008-05-08 12:16:20.533000 token: 1234abCD