Open weversonmuciarone opened 6 days ago
dlpzx
commented
4 days ago Hi @weversonmuciarone , thanks for raising an issue. I have looked into the changes between 1.5.5 and 1.6.2 and nothing on the Quicksight embedding was modified on those releases.
Which particular data.all API is causing trouble: the owned dashboards embedding or the shared dashboards embedding? Feel free to reach out offline to look into this issue
weversonmuciarone
commented
4 days ago Thank you very much once again for your endless support.
I am not entirely sure yet to be honest, seems to me that the owned dashboard embeding since the token is not getting passed to the browser.
Since we can see the dashboard with no problem in dataall, the only thing I can see is that when you attempt to open in the browser I get a Missing Authentication token exception.
Hi.
An issue has been raised from users when they try to open the dashboards in a new tab feature.
This seem to have happened after we upgraded from v1.5.5 to v1.6.2 which is the current version of dataall we're using.
When we click in the open in a new tab we get an unauthorised access in any of our accounts being in Beta or prod.
We have checked IAM, CloudFront, API Gateway and cloudwatch for logs but can't seem to find the problem.
Upon investigating I understood that dataall issues an api call to cognito, which then issues another call to Azure (Our SAML IDP provider) to validate that the caller is part of the AD group and finally it issues an api call to quicksight to get the dashboard, quicksight then returns (or should return) a token to the browser, seems to me that this is not happening.
Does anybody knows anything else that we could possibly check to troubleshoot or anyone who had similar issue that could direct us to the possible issue?
I have attach few snips of the header / payload.
Thanks.