GitHub user dosubot[bot] added a comment to the discussion: How to obtain
guest_token for embedded-sdk after disabling MFA and integrating Okta?
<!-- Greeting -->
Hey @rick-chou! I'm here to help you with any bugs or questions you have while
waiting for a human maintainer. Let me know how I can assist you!
<!-- Answer -->
To obtain a `guest_token` for the embedded SDK after disabling MFA and
integrating Okta, you need to have your backend request the guest token from
Superset's `POST /security/guest_token` endpoint. This token is then passed to
the frontend for use with the SDK. Here is a general approach:
1. Ensure your backend is set up to authenticate with Superset and can make
HTTP requests.
2. Implement a function in your backend to request the guest token from
Superset. Make sure to include the necessary request body as defined by the
`GuestTokenCreateSchema`:
```python
import requests
def fetch_guest_token():
url = "https://superset.example.com/api/v1/security/guest_token";
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer <your_access_token>"
}
payload = {
"user": {
"username": "guest_user"
},
"resources": [
{
"type": "dashboard",
"id": "your_dashboard_id"
}
],
"rls": []
}
response = requests.post(url, headers=headers, json=payload)
if response.status_code == 200:
return response.json().get("token")
else:
raise Exception("Failed to obtain guest token: " + response.text)
```
3. Use this function in your frontend to fetch the guest token:
```js
import { embedDashboard } from "@superset-ui/embedded-sdk";
async function fetchGuestTokenFromBackend() {
const response = await fetch('/your-backend-endpoint-to-fetch-guest-token');
const data = await response.json();
return data.token;
}
embedDashboard({
id: "abc123",
supersetDomain: "https://superset.example.com";,
mountPoint: document.getElementById("my-superset-container"),
fetchGuestToken: fetchGuestTokenFromBackend,
dashboardUiConfig: {
hideTitle: true,
filters: {
expanded: true,
},
urlParams: {
foo: 'value1',
bar: 'value2',
}
},
iframeSandboxExtras: ['allow-top-navigation',
'allow-popups-to-escape-sandbox'],
referrerPolicy: "same-origin"
});
```
This setup allows your frontend to obtain a guest token from your backend,
which in turn requests it from Superset. Ensure that the request payload
matches the schema expected by Superset's API, including user and resource
details
<sup>[[1]](https://github.com/apache/superset/blob/master/superset-embedded-sdk/README.md)</sup>.
<!-- Dosu Comment Footer -->
*To continue talking to [Dosu](https://dosu.dev), mention @dosu.*
---
<sup>Help Dosu learn! Give it feedback: [Great
Response](https://app.dosu.dev/response-feedback/a5d89576-e5fa-4701-aa99-a09d45654405?feedback_type=great_response)
| [Irrelevant
Answer](https://app.dosu.dev/response-feedback/a5d89576-e5fa-4701-aa99-a09d45654405?feedback_type=irrelevant_answer)
| [Incorrect
Sources](https://app.dosu.dev/response-feedback/a5d89576-e5fa-4701-aa99-a09d45654405?feedback_type=incorrect_sources)
| [Too
Verbose](https://app.dosu.dev/response-feedback/a5d89576-e5fa-4701-aa99-a09d45654405?feedback_type=too_verbose)
|
[Hallucination](https://app.dosu.dev/response-feedback/a5d89576-e5fa-4701-aa99-a09d45654405?feedback_type=hallucination)
| [Bug
Report](https://app.dosu.dev/response-feedback/a5d89576-e5fa-4701-aa99-a09d45654405?feedback_type=bug_report)
|
[Other](https://app.dosu.dev/response-feedback/a5d89576-e5fa-4701-aa99-a09d45654405?feedback_type=other)</sup>
GitHub link:
https://github.com/apache/superset/discussions/32893#discussioncomment-12649553
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
