Search results

Anonymous User Embedding

Anonymous embedding is ideal for applications with thousands of users, where managing each user in Bold BI would be inefficient. Instead, anonymous embedding allows seamless integration with a predefined, permission-based group in BI server.

Steps to Implement Anonymous Embedding

Enable the System User option in the UMS Accounts page.

Systemuser

Create a new group and assign the necessary permissions to it.

grouplist

grouppermission

Node

/*
  Required modules for cryptography, URL parsing, and HTTP requests.
  Make sure you have 'express' installed: npm install express
*/
const crypto = require('crypto');
const https = require('https');
const http = require('http');
const url = require('url');

app.post('/tokenGeneration', function (req, res) {
   
    var serverUrl = "<Bold BI server URL>";
    var siteIdentifier = "<Bold BI server Site Identifier>";
    var dashboardId = "<Dashboard Id>";
    var embedSecret = "<Embed Secret key>";

    var useremail = "<Anonymous user Email>";
    var groupName = "<Group Name>";

    // Making the BoldBI server API endpoint.
    var serverApiUrl = serverUrl + "/api/" + siteIdentifier;

   // Making the query string with nonce, dashboard ID and user email.
    var queryString = "embed_nonce=" + crypto.randomUUID();
    queryString += "&embed_dashboard_id=" + dashboardId;
    
    // Append anonymous user details and authorized group name to the query string
    queryString += "&embed_anonymous_token=true" // This property is for anonymous embedding.
    queryString += "&embed_authorize_group=" + groupName;
    queryString += "&embed_user_email=" + useremail;
    
    // Sign query string
    let embedSignature = "&embed_signature=" + GetSignatureUrl(queryString,embedSecret);
    var embedDetailsUrl = "/embed/authorize?" + queryString + embedSignature;

   // Request anonymous token from Bold BI server.
   var serverProtocol = url.parse(serverApiUrl).protocol == 'https:' ? https : http;
   serverProtocol.get(serverApiUrl + embedDetailsUrl, function (resultContent) {
    let str = '';
    resultContent.on('data', function (chunk) {
        str += chunk;
    });
    resultContent.on('end', function () {
            const resultJson = JSON.parse(str);
            // Check if the response is valid and contains the access token.
            if (resultJson && resultJson.ApiStatus && resultJson.Data && resultJson.Data.access_token) {
                res.json({ access_token: resultJson.Data.access_token });
            }
        });
    });

})

  // Helper function: Sign query string using embedSecret

  function GetSignatureUrl(queryString,embedSecret)
  {
    var keyBytes = Buffer.from(embedSecret);
    var hmac = crypto.createHmac('sha256', keyBytes);
    data = hmac.update(queryString);
    gen_hmac= data.digest().toString('base64');

   return gen_hmac;
  }
Property Description
embed_user_email Email of the anonymous user (not in Bold BI)
embed_authorize_group The group name under which the anonymous user will be authorized

Embed the Dashboard for the anonymous user

In this, we will utilize the anonymous token is generated with group name to integrate a dashboard into your frontend application using the embed SDK.

    <div id="dashboard_container_id"></div>
    <script>
        var boldbiEmbedInstance = BoldBI.create({
            serverUrl: "<Bold BI Server URL>",
            dashboardId: "<Dashboard Id>",
            embedContainerId: "<Embed Container Id>", // Div ID where dashboard will render
            embedToken: "<Embed token generated from backend server>"
        });
        boldbiEmbedInstance.loadDashboard();  
    </script>

Important: Anonymous user support is available only for the single dashboard viewer starting from Bold BI Version 10.1.18. It also supports Row-Level Security (RLS) for dynamic data filtering. You can find more details on implementing RLS here.