Embedding Dashboard - Githubissues

krishanthvs commented 2 weeks ago

Bug description

I have created the dashboard. The share option gives the perm link. When i am sharing this to the user who does not have superset access its asking for authentication. How to bypass this. And give the dashboard link without the edit button

Screenshots/recordings

No response

Superset version

master / latest-dev

Python version

3.11

Node version

16

Browser

Chrome

Additional context

No response

Checklist

[X] I have searched Superset docs and Slack and didn't find a solution to my problem.
[X] I have searched the GitHub issue tracker and didn't find a similar bug report.
[X] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section.

dosubot[bot] commented 2 weeks ago

To share a Superset dashboard without requiring authentication and without the edit button, you can follow these steps:

Make the Dashboard Public:
- In your superset_config.py, set AUTH_ROLE_PUBLIC = 'Public'.
- Ensure the Public role has the necessary permissions to view the dashboard.
Use the Embedded SDK:
- Install the Superset Embedded SDK and use the embedDashboard function to embed the dashboard in your application.

Here's an example of how to use the SDK:

import { embedDashboard } from "@superset-ui/embedded-sdk";

embedDashboard({
  id: "your-dashboard-id",
  supersetDomain: "https://superset.example.com",
  mountPoint: document.getElementById("your-mount-point"),
  fetchGuestToken: () => fetchGuestTokenFromBackend(),
  dashboardUiConfig: {
    hideTitle: true,
    urlParams: {
      standalone: 1, // Hides the edit button
    }
  },
  iframeSandboxExtras: ['allow-top-navigation', 'allow-popups-to-escape-sandbox']
});

This setup allows users to access the dashboard without authentication and hides the edit button ^[1]^[2].

To continue talking to Dosu, mention @dosu.

krishanthvs commented 1 week ago

@dosu can you please link this to someone who has expertise on the same

dosubot[bot] commented 1 week ago

This is a tough nut to crack, could really use your help on this, @rusackas.

To continue talking to Dosu, mention @dosu.

krishanthvs commented 1 week ago

@rusackas can you please help me on this

apoteet commented 6 days ago

The bot is correct about the steps you need to do. This article provides some more detail on how to implement fetchGuestToken. Start from Approach 1 - Using Superset Embedded SDK

krishanthvs commented 6 days ago

@apoteet cannot this be done with applying the required permissions to the public role

apoteet commented 5 days ago

Correct. For embedded dashboards to work, you need to fetch a guest token and provide it to the dashboard. This guest token has the public role, so it needs all the permissions needed to view dashboards. If you're worried about the public internet getting access to your superset, you should deploy superset and your app behind a firewall

apache / superset

Embedding Dashboard #30544