# Grafana IRM Grafana IRM is an incident response management platform that helps teams coordinate on-call rotations and respond effectively to critical incidents. Through this integration, Apono enables your on-call staff to securely request and manage access to resources with just-in-time permissions, ensuring only the right people have access at the right time during critical events. With this integration, you can: * Enforce just-in-time access for on-call engineers * Reduce risk by removing access when on-call shifts end * Align incident response responsibilities with least-privilege access *** ### Prerequisite
ItemDescription
Grafana Portal URL

Public URL of your Grafana portal

Example: https://your-org.grafana.net

Grafana API key

Randomly generated string used as an alternative to a password when accessing Grafana’s HTTP API

The API token must contain the following roles:

  • IRM: Schedules Reader
  • IRM: User Settings Reader

Be sure to copy the key after it has been generated.

Grafana OnCall URL

Base URL of your Grafana IRM OnCall API endpoint

Follow these steps to obtain the URL:

  1. In Grafana, click Alerts & IRM > IRM > Settings > Admin & API tab.
  2. Under OnCall API URL, copy the URL. Example: https://incident-prod-us-east-3.grafana.net/oncall.
*** ### Integrate Grafana IRM

Grafana IRM tile

Follow these steps to complete the integration: 1. On the [**Catalog**](https://app.apono.io/catalog?search=grafana+irm) tab, click **Grafana IRM**. The **Add Integration** page appears. 2. Enter a unique, alphanumeric, user-friendly **Integration Name**. This name is used to identify the integration when constructing an access flow. 3. Enter your **Grafana Portal URL**. 4. Enter your **Grafana OnCall URL**. 5. Under **Secret Store**, on the **APONO** tab, enter your Grafana **Api Key**. 6. Click **Connect**. #### Usage Now that you have completed this integration, you can use Grafana IRM to define the grantee or approver in an access flow. You can configure access flows using Grafana IRM in the following ways.
UseExample
Define a grantee

Allow the current on-call engineer to request access to specific resources

Follow the guidance in these articles to use Grafana IRM to define a grantee:

Define an approver

Allow the current on-call engineer to approve access requests to specific resources

Follow the guidance in this article to use Grafana IRM to define a grantee:

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.apono.io/docs/additional-integrations/incident-response-integrations/grafana-irm.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.