GitHub user dosubot[bot] added a comment to the discussion: Unable to embed dashboard for Superset 5.0.0. Csrf token issue maybe
<!-- Answer --> The error you're seeing—`Class 'werkzeug.local.LocalProxy' is not mapped`—is a regression in Superset 5.0.0 caused by stricter session/user handling and increased use of LocalProxy objects for things like the security manager and user context. If a LocalProxy (instead of a concrete user object) is assigned to an ORM relationship or session, SQLAlchemy can't map it, which triggers this error. This is more likely to happen in embedding and guest token flows in 5.x than in 4.x due to internal changes [details](https://github.com/apache/superset/issues/32869). To embed dashboards with guest tokens in 5.0.0, make sure you have all the required config flags and permissions set. In your `superset_config.py` (or `superset_config_docker.py` if using Docker), you should have: ```python FEATURE_FLAGS = { "EMBEDDED_SUPERSET": True, "EMBEDDABLE_CHARTS": True, } ENABLE_GUEST_TOKEN = True TALISMAN_ENABLED = False ENABLE_CORS = True WTF_CSRF_ENABLED = False ``` You also need to set `GUEST_TOKEN_JWT_AUDIENCE` to match what your SDK expects [reference](https://github.com/apache/superset/pull/33673). Make sure the role used for embedding (often "Gamma" or a custom guest role) has all necessary permissions, including `can_set_embedded` on Dashboard and API access permissions [reference](https://github.com/apache/superset/issues/33702). If you're running in Docker, config overrides must be in `./docker/pythonpath_dev/superset_config_docker.py` on your host, not in `/app/superset/config.py` [reference](https://github.com/apache/superset/issues/33702). For CSRF/token issues, ensure the Authorization header is present in your requests, and if you see errors about the JWT "sub" claim, make sure it's a string, not an integer [reference](https://github.com/apache/superset/issues/31675). If you have any custom code or plugins that assign `g.user` or similar, make sure you're assigning a real user object, not a LocalProxy. This will prevent the mapping error. Let me know if you need more details on any of these steps! <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/5bbcd76e-78ee-4fb9-860c-ee9c88e67bbd?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/5bbcd76e-78ee-4fb9-860c-ee9c88e67bbd?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/5bbcd76e-78ee-4fb9-860c-ee9c88e67bbd?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/5bbcd76e-78ee-4fb9-860c-ee9c88e67bbd?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/5bbcd76e-78ee-4fb9-860c-ee9c88e67bbd?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/5bbcd76e-78ee-4fb9-860c-ee9c88e67bbd?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/5bbcd76e-78ee-4fb9-860c-ee9c88e67bbd?feedback_type=other)</sup> [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/33886) GitHub link: https://github.com/apache/superset/discussions/33886#discussioncomment-13564424 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
