GitHub user dotdot1z23 added a comment to the discussion: Mixing Jmix Superset add-on embedded dashboards (guest token) with full Superset UI iframe (SSO) causes redirect to login
Hi @dosu, thanks for the detailed explanation ๐ I understand that mixing guest token embedding and Keycloak SSO sessions usually causes conflicts. In my case, I really need to support **both flows under the same domain** because: * **Nav A:** Jmix Superset add-on uses guest tokens to embed dashboards securely (read-only). * **Nav B:** Full Superset UI (with Keycloak SSO) should be available inside an iframe for power users. Iโd like to keep everything under one domain (e.g. `https://app.example.com/superset/...`) for security and user experience reasons. **My questions:** 1. Is there any recommended way to configure Superset so that guest token embedding and SSO sessions can coexist under the same domain without invalidating each other? 2. Would it help to isolate cookies by path (e.g. `/superset/embed/*` vs `/superset/ui/*`) or via reverse proxy rules? 3. Can you guide me on how to set up Superset (or Nginx/Flask config) so that cookies donโt conflict but both flows still work securely? If the only way is to completely separate subdomains, I can try that, but Iโd prefer to keep one domain if possible. Thanks again for your help! ๐ GitHub link: https://github.com/apache/superset/discussions/35231#discussioncomment-14477336 ---- This is an automatically sent email for notifications@superset.apache.org. To unsubscribe, please send an email to: notifications-unsubscr...@superset.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For additional commands, e-mail: notifications-h...@superset.apache.org
