Accessing Dashboard and widgets without logging in through sso.

Comments

3 comments

  • Avatar
    Moti Granovsky

    Hi Kiran,

    The normal flow of SSO (whether in Sisense itself or Sisense.js-embedded applications) is:

    1. Sisense looks for a cookie representing authentication by the user
    2. Only If no cookie exists, Sisense redirects the request to the SSO handler
    3. SSO handler looks for it's own cookie (or whichever other method of checking for existing session)
    4. Only if user is not authenticated at all, request is redirected to a login page

    Within that flow, once a user has authenticated and while the session is active and valid, he should never be redirected to the login page - even if he is redirected via the sso handler behind the scenes, which should have minimal to no impact on performance or latency.

    If this is happening on your environment, it might be due to an incorrect implementation of the SSO handler, and I suggest getting in touch with Sisense Support to review it.

    0
    Comment actions Permalink
  • Avatar
    Jace Warren (Edited )

    Sisense should provide an option similar to Power BI's embed token, https://docs.microsoft.com/en-us/power-bi/developer/embed-sample-for-customers#embed-content-within-your-application. It would be nice to generate a embed token via the API as opposed setting up an iframe just to get a cookie in my users browser.

    0
    Comment actions Permalink
  • Avatar
    Shawn Main

    This is absolutely needed!  The entire embedding API for SisenseJS needs to have similar embedding capabilities as PowerBI.  Credential token calls for embedding as an application (auth for the application) as well as authentication for the user (delegated auth by the app for user).  Relying only on the SSO redirect and a cookie is not a good way to handle embedding for enterprise applications; especially when your application already authenticates the user from the same authentication source.  This feature is a huge gap in SisenseJS.

    1
    Comment actions Permalink

Please sign in to leave a comment.