Prometheus Setup

Prometheus Setup

Available since 1.26.0

Prometheus is a tool to monitor metrics and setup alerts in the case that some metric has responded negatively for an extended period.

The following types of gauges are currently available.


Setting this up with FusionAuth is easy. The only requirement to hookup FusionAuth is to direct Prometheus to the FusionAuth Prometheus endpoints. We used the following configuration for a FusionAuth instance running locally on the docker host. (You can reach docker host ip via host.docker.internal on mac and windows docker.)


The Prometheus endpoint is configured with the YAML file. You can learn more about the Prometheus configuration here. Prometheus does not provide functionality to authenticate using custom HTTP headers. As a workaround, we are using API key as password using “basic auth” authorization method.

In order to authenticate using basic auth please use string “apikey” as the username and a valid API key as the password. The API key must have GET permission for the /api/prometheus/metrics endpoint.

If you prefer to allow unauthenticated access to this endpoint from local scrapers, you may set fusionauth-app.local-metrics.enabled=true. See the configuration reference for more info.

All other configuration is standard Prometheus scrape_config.

Please refer to the Authentication document for more details about API keys.


  - job_name: FusionAuth
    scrape_interval: 5s
    scheme: https
    metrics_path: api/prometheus/metrics
      - targets: ['']
      username: "apikey"
      password: "Jw4cGzKpzxcEsqnqFKw3m7jUvgeS-jtUvn8B0TDBxgQ="

We then started Prometheus with

docker run -v $(pwd)/prometheus.yaml:/etc/prometheus/prometheus.yml -p 9090:9090 prom/prometheus
Prometheus Graph View