What am I missing while trying to embed a dashboard? #18814
Replies: 31 comments 90 replies
-
Okay folks, the guest token things are now solved. Still there's an issue about using the embedded url. tried domain only, with /superset prefix, with /api/v1 prefix, nothing works. |
Beta Was this translation helpful? Give feedback.
-
To be sure that there are no issues with cross-domain-js stuff, I built a small Caddy Server File
Still it does this: (highlighted the embed reverseproxy to show the redirection is done correct) |
Beta Was this translation helpful? Give feedback.
-
Not sure whats wrong and I'm almost giving up. Got this backend route to get the guest token. All this token stuff is working correct: First Request gets Admin users JWT, second gets guest token containing the body plus some extra infos. @Get('token/local')
async getTokenLocal(): Promise<Record<any, any>> {
const { data: token } = await axios.post(
'http://superset:8088/api/v1/security/login',
{
username: 'admin',
password: 'admin',
provider: 'db',
refresh: false,
},
);
console.log('###');
console.log(token.access_token);
// return token;
try {
const { data } = await axios.post(
'http://superset:8088/api/v1/security/guest_token',
{
user: {
username: 'guest',
first_name: 'Peter',
last_name: 'Leser',
},
rls: [],
resources: [
{
type: 'dashboard',
id: '22d40c6d-eca6-42cb-bd1a-f3f748718add',
},
],
},
{
headers: {
// 'Content-Type': 'application/json',
Authorization: `Bearer ${token.access_token}`, // das ist ist das Token aus dem ersten Request
},
},
);
// console.log(data);
return data;
} catch (e) {
// console.error(e.message);
// console.error(e);
return e;
}
} but still: The correct dashboard gets identified and still throws 403 errors. I even added all users to the access list in Superset UI. |
Beta Was this translation helpful? Give feedback.
-
I'm currently struggling to implement this functionality myself. Which is why I haven't responded so far, but if you get this to work I would be very interested to know! When I look at your GET request, the URL used ends with "dashboard/10". However, based on my (limited) understanding I thought this should be something like "http://[superseturl]/embedded/22d40c6d-eca6-42cb-bd1a-f3f748718add". In the frontend embed dashboard section, what do you use as dashboard id? Do you use 10, or 22d40c6d-eca6-42cb-bd1a-f3f748718add? My understanding is that is should be 22d40c6d-eca6-42cb-bd1a-f3f748718add.
I'm also getting the same "Buffer" error as you, and when I import Buffer I get a different error. I've been struggling for many days on this. My problem is that I seem to get the connections working, but I just get an empty iFrame (after briefly showing the Superset logo) instead of the embedded dashboard. I hope that you don't have to give up and can get this working soon! |
Beta Was this translation helpful? Give feedback.
-
Maybe this is not the right forum to ask, but are there perhaps any freelance developers who would be interested in helping me implement this functionality? Or any suggestions where to find them? I've already spent too much time trying to implement this and it looks like I'm stuck. Ideally I would like to find someone who has some experience with this functionality, so that he/she (hopefully) doesn't stumble into the same roadblocks that I am. @campino2k : whatever progress I can make (if any) I'm happy to share any insights so that you can hopefully resolve the problems you're facing too. |
Beta Was this translation helpful? Give feedback.
-
One critical piece that was missing for me and that was not clearly spelled out in the Docs-- you need to enable embedding in the Superset Flask instance by setting an |
Beta Was this translation helpful? Give feedback.
-
Hello, my error was in allowed_domains. I remove my allowed domain and all fine |
Beta Was this translation helpful? Give feedback.
-
[SOLVED, see comment below] Hi, in my backend app I'm trying to to get a guest token to embed a dashboard, but I'm always getting a 308 status, redirect... The flow I've followed is as in this interesting article, users in Superset are set and all is working using Postman or cURL. My app is written in node.js, I use needle in the backend to perform HTTP requests. step 1) I'm able to correctly get an In the embedded sdk documentation I can read: Any idea about what I'm missing? |
Beta Was this translation helpful? Give feedback.
-
After I generally managed to setup embedding using a guest token: created an extra role "Guest" and assigned the required roles for the dashboards to embed, I still don't like the concept of "GUEST_ROLE_NAME". While everything else is bound to users and their roles, for embedding I'm fixed to just one role no matter "who" is requesting the embedded dashboard. I know that I can restrict the access further by using RLS, but what is the username in the guest token request good for, when it is not impersonated and gets all the roles that user has?? Instead a GUEST_ROLE is used. Do I miss something or is this simply a bug? I'm using superset based on helm chart 0.6.6 |
Beta Was this translation helpful? Give feedback.
-
lots of javascript being loaded, a small iframe being created, keep showing superset loading icon. May I know if relate to dashboard size settings? |
Beta Was this translation helpful? Give feedback.
-
Hello all, I've had my own fight with getting the embedding functionality to work and want to weigh in. Ultimately I got it "working" using the buffer fix provided in comments above, I mostly used this - https://github.com/AVEDIAN/Avedian-BI-Embed/blob/master/frontend/src/components/IFrameLoader.tsx but had to put the resolve in the post function, and have it actually resolve the token. I also had to disable Global Async Web Polling Breaks in embedsI have an embedded dashboard that works fine with global async disabled, but if I enable it with
With one API call per chart. The original GET api calls for charts work fine, in fact if you click This is also accompanied by the message |
Beta Was this translation helpful? Give feedback.
-
For those who run into the "buffer" issue and not using a full node.js framework here is a very ugly but working javascript-only approach:
|
Beta Was this translation helpful? Give feedback.
-
+1 on most of the problems listed in this issue. Gonna post an update here after figuring it out. |
Beta Was this translation helpful? Give feedback.
-
Hi @cwegener , I was getting "Buffer not defined" error and I tried the solution provided by @gaborlegrady. Now I don't see that error but I am seeing this new error "SupersetApiError: Forbidden". If I manual curl the request with latest guest token provided in header - http://localhost:8088/api/v1/dashboard/1 it says "Signature verification failed". [EDIT:] I also see this error in superset logs. Please help. |
Beta Was this translation helpful? Give feedback.
-
Hey, There is someone who know how I can fix that ? |
Beta Was this translation helpful? Give feedback.
-
Trying to write the React app using "@superset-ui/embedded-sdk": "^0.1.0-alpha.8". Get this error during compilation. Thanks in advance. You may need an appropriate loader to handle this file type.
|
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
@cwegener @aehanno Do you have any idea how we can pass native filter value through URL Parameter? |
Beta Was this translation helpful? Give feedback.
-
Get this error in SuperSet logs, embedding not working. I get the reponse back for \roles , but charts do not load 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.41" |
Beta Was this translation helpful? Give feedback.
-
When I enable debug on embedded SDK this's all I see, \roles is the last call. |
Beta Was this translation helpful? Give feedback.
-
Hi Folks,
I am passing all the required payloads and token (headers etc) and it is working perfect when I use the postman. But the same request with the same payload and token (guest_token) giving me 308 (redirect) instead of the guest token.
I have tried / checked all possibilities but still can't get pass this one. can anyone please help me and point me in the right direction. Thanks |
Beta Was this translation helpful? Give feedback.
-
I managed to resolve it. I could embed superset dashboards using Iframe in
my angular application. Deployed superset in the same sub domain of angular
front end to avoid cors issue and same site cookie issue. That did the
trick for me
…On Thu, 27 Jul 2023 at 10:58 PM, Denis Veretelnikov < ***@***.***> wrote:
@BaluCse2000 <https://github.com/BaluCse2000> Any updates?
—
Reply to this email directly, view it on GitHub
<#18814 (reply in thread)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AJ4KG4TLGN3YBIS2MMJ2VMTXSKQKVANCNFSM5OX6DFQQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
Don’t know why this happens even after following what is said in superset
documentation to set the right CORS config in superset config file but I
managed to resolve this by having a backend api to get security token from
super api and then calling the backend api from angular Ui front end. This
works for me
…On Sat, 20 May 2023 at 1:25 AM, imranjoget ***@***.***> wrote:
Hi Folks,
I am using the embed sdk to show the dashboard in my java application.
following is the sequence of the api calls.
1. http://localhost:8088/api/v1/security/login
2. http://localhost:8088/api/v1/security/csrf_token
3. http://localhost:8088/api/v1/security/guest_token
I am passing all the required payloads and token (headers etc) and it is
working perfect when I use the postman. But the same request with the same
payload and token (guest_token) giving me 308 (redirect) instead of the
guest token.
INFO 20 May 2023 03:44:01 org.joget.marketplace.EmbedApacheSuperset -
<!doctype html>_<html
lang=en>_<title>Redirecting...</title>_<h1>Redirecting...</h1>_<p>You
should be redirected automatically to the target URL: <a href="
http://localhost:8088/api/v1/security/guest_token/">
http://localhost:8088/api/v1/security/guest_token/</a>. If not, click the
link._
I have tried / checked all possibilities but still can't get pass this one.
can anyone please help me and point me in the right direction.
Thanks
—
Reply to this email directly, view it on GitHub
<#18814 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AJ4KG4VZFPEOHBCHDXE3ZY3XG7FZTANCNFSM5OX6DFQQ>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
for me, the log like this
this reason is the url I visit, do not match the server provided. It seems like Flask think |
Beta Was this translation helpful? Give feedback.
-
facing similar issues, where iframe is loading empty, while http://localhost:8088/embedded/51128cff-c846-4e2d-9870-c54e77095383?uiConfig=3 response is coming 200, and dashboard_id: 3 also coming correctly in logs, here is the code for embedding -
can someone please help here, tried debugging but couldn't find the root cause. |
Beta Was this translation helpful? Give feedback.
-
I feel all your pains 🤣 🤣 Wrote a guide on it, hopefully it helps someone 😄 Choose your prefered media 😝 https://huamichaelchen.substack.com/p/end-to-end-example-of-setting-up |
Beta Was this translation helpful? Give feedback.
-
I've successfully loaded an embedded dashboard into my React web app, but there's an unusual behavior: whenever I load the embedded dashboard, it seems to log me out from the main Superset dashboard. |
Beta Was this translation helpful? Give feedback.
-
Using iframe i am using superset dashboard and bypass the login for same but in network section if user open that url in same browser it will open the dashboard without login. |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
I want to share this gist as I have recently hurdled many of these issues. It includes all the configuration code for enabling embedded dashboards and CSV exports. It's rough around the edges but the code works, and there is no paywall, unlike the other comment. https://gist.github.com/jackgray/138c780a0a9e3a59ab51af98da322119 |
Beta Was this translation helpful? Give feedback.
-
So. I found the embedded SDK. Understood the part about the token. Found out that the doc told nothing about /api/v1/ prefix 🙈
Tried to find the bug by posting via insomnia. This is the result (using the standard dataset).
What I don't get is this:> The agent making the POST request must be authenticated with the can_grant_guest_token permission.(found it)Tried to hunt down in the repo but this seems to be only in the route definition, not even can use this role in admin backend.
Beta Was this translation helpful? Give feedback.
All reactions