New Dev Tutorial! Implementing SSO with JWT

Comments

5 comments

  • Avatar
    Suresh ungarala (Edited )

    Hi,

    Implemented SSO with JWT and need to clarify few points.

     

    1) When User is created with viewer privileges(through JWT) , what is the Password(default or any) for newly created user?

    2) When doing ajax get for SSO, It throws "Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response."

    If  "Access-Control-Allow-Origin" header is removed from request, it throws "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access."

    Thanks .

    1
    Comment actions Permalink
  • Avatar
    Moti Granovsky

    Hi Suresh,

    1. Users created via SSO have no password, and thus cannot access Sisense directly (skipping the SSO) until a password is explicitly defined for them.
    2. I'm not exactly sure which "GET" request you are referring to - could you be more specific about the purpose and nature of this AJAX call?

    Thanks,

    0
    Comment actions Permalink
  • Avatar
    Malinda Jepsen

    Moti,

    The "hash" contains the password, so you can set it when you create the user. I hope that helps.

    Malinda

    0
    Comment actions Permalink
  • Avatar
    Moti Granovsky

    Malinda, that's correct when users are created via our REST API.

    For users created automatically via SSO (on a user's first log in) - which is what Suresh's question was about - they are created without a password (if you look at the MongoDB Users collection, these users don't have a "hash" field).

    The API can then be used to set a password for them (can also be done via the Admin panel UI), but there is no way I'm aware of of pre-defining a password for future users that get created by the SSO process, nor is there a default one - this is on purpose, as a default password set for many users would be a security flaw.

    0
    Comment actions Permalink
  • Avatar
    Szabolcs Sallai (Edited )

    Hi,

    I am experiencing a strange thing with regards to SSO JWT.

    My website references an embedded dashboard like:

    http://sisense-poc.mycorp.io:8081/app/main#/dashboards/5c66cbd72a66db0f1c4b6f11?embed=true&h=false


    My login server gets the following request:

    http://myloginserver.mycorp.io:3001/api/jwt/redirect?return_to=/app/main

    The dashboard part is missing after the # character.

    Shouldn’t it be return_to=/app/main#/dashboards/5c66cbd72a66db0f1c4b6f11?embed=true&h=false

     

    Am I doing something wrong?

    Thanks,

    Szabi

    1
    Comment actions Permalink

Post is closed for comments.