New Dev Tutorial! Implementing SSO with JWT
Pinned
-
Hi,
Implemented SSO with JWT and need to clarify few points.
1) When User is created with viewer privileges(through JWT) , what is the Password(default or any) for newly created user?
2) When doing ajax get for SSO, It throws "Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response."
If "Access-Control-Allow-Origin" header is removed from request, it throws "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access."
Thanks .
-
Hi Suresh,
- Users created via SSO have no password, and thus cannot access Sisense directly (skipping the SSO) until a password is explicitly defined for them.
- I'm not exactly sure which "GET" request you are referring to - could you be more specific about the purpose and nature of this AJAX call?
Thanks,
-
Malinda, that's correct when users are created via our REST API.
For users created automatically via SSO (on a user's first log in) - which is what Suresh's question was about - they are created without a password (if you look at the MongoDB Users collection, these users don't have a "hash" field).
The API can then be used to set a password for them (can also be done via the Admin panel UI), but there is no way I'm aware of of pre-defining a password for future users that get created by the SSO process, nor is there a default one - this is on purpose, as a default password set for many users would be a security flaw.
Please sign in to leave a comment.
Comments
4 comments