New Dev Tutorial! Implementing SSO with JWT

Pinned

Comments

4 comments

  • Avatar
    Suresh (Edited )

    Hi,

    Implemented SSO with JWT and need to clarify few points.

     

    1) When User is created with viewer privileges(through JWT) , what is the Password(default or any) for newly created user?

    2) When doing ajax get for SSO, It throws "Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response."

    If  "Access-Control-Allow-Origin" header is removed from request, it throws "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access."

    Thanks .

  • Avatar
    Moti Granovsky

    Hi Suresh,

    1. Users created via SSO have no password, and thus cannot access Sisense directly (skipping the SSO) until a password is explicitly defined for them.
    2. I'm not exactly sure which "GET" request you are referring to - could you be more specific about the purpose and nature of this AJAX call?

    Thanks,

  • Avatar
    Malinda Jepsen

    Moti,

    The "hash" contains the password, so you can set it when you create the user. I hope that helps.

    Malinda

  • Avatar
    Moti Granovsky

    Malinda, that's correct when users are created via our REST API.

    For users created automatically via SSO (on a user's first log in) - which is what Suresh's question was about - they are created without a password (if you look at the MongoDB Users collection, these users don't have a "hash" field).

    The API can then be used to set a password for them (can also be done via the Admin panel UI), but there is no way I'm aware of of pre-defining a password for future users that get created by the SSO process, nor is there a default one - this is on purpose, as a default password set for many users would be a security flaw.

Please sign in to leave a comment.