New Dev Tutorial! Implementing SSO with JWT

Follow
Avatar
Oxana Noa Umansky
Hi everyone,
 
We are happy to announce that our first advanced technical tutorial is now live on our Developers website!
 
The first tutorial topic is Implementing SSO with JWT and you can find it here.
 
Please take a look, share it with the developers on your team and share your feedback with us in the comments section below.
 
Look out for our next tutorials coming soon!
 
Thank you
1

Comments

5 comments

Sort by Date Votes
  • Avatar
    Suresh ungarala (Edited )

    Hi,

    Implemented SSO with JWT and need to clarify few points.

     

    1) When User is created with viewer privileges(through JWT) , what is the Password(default or any) for newly created user?

    2) When doing ajax get for SSO, It throws "Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response."

    If  "Access-Control-Allow-Origin" header is removed from request, it throws "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access."

    Thanks .

    1
    Comment actions Permalink
  • Avatar
    Moti Granovsky

    Hi Suresh,

    1. Users created via SSO have no password, and thus cannot access Sisense directly (skipping the SSO) until a password is explicitly defined for them.
    2. I'm not exactly sure which "GET" request you are referring to - could you be more specific about the purpose and nature of this AJAX call?

    Thanks,

    0
    Comment actions Permalink
  • Avatar
    Malinda Jepsen

    Moti,

    The "hash" contains the password, so you can set it when you create the user. I hope that helps.

    Malinda

    0
    Comment actions Permalink
  • Avatar
    Moti Granovsky

    Malinda, that's correct when users are created via our REST API.

    For users created automatically via SSO (on a user's first log in) - which is what Suresh's question was about - they are created without a password (if you look at the MongoDB Users collection, these users don't have a "hash" field).

    The API can then be used to set a password for them (can also be done via the Admin panel UI), but there is no way I'm aware of of pre-defining a password for future users that get created by the SSO process, nor is there a default one - this is on purpose, as a default password set for many users would be a security flaw.

    0
    Comment actions Permalink
  • Avatar
    Szabolcs Sallai (Edited )

    Hi,

    I am experiencing a strange thing with regards to SSO JWT.

    My website references an embedded dashboard like:

    http://sisense-poc.mycorp.io:8081/app/main#/dashboards/5c66cbd72a66db0f1c4b6f11?embed=true&h=false


    My login server gets the following request:

    http://myloginserver.mycorp.io:3001/api/jwt/redirect?return_to=/app/main

    The dashboard part is missing after the # character.

    Shouldn’t it be return_to=/app/main#/dashboards/5c66cbd72a66db0f1c4b6f11?embed=true&h=false

     

    Am I doing something wrong?

    Thanks,

    Szabi

    2
    Comment actions Permalink

Post is closed for comments.

Didn't find what you were looking for?

New post