When embedding Bold BI dashboards for users who are not explicitly provisioned in the Bold BI platform, you can still ensure secure and personalized access using Row-Level Security (RLS). RLS dynamically filters data based on the user’s identity, role, or organization—without requiring them to be added as users in Bold BI.
This approach is ideal for applications with thousands of users, where managing each user in Bold BI would be inefficient. Instead, anonymous embedding allows seamless integration while enforcing RLS rules.
Enable the System User option in the UMS Accounts page. This user is stored in the Bold BI server database but is not visible in the user list.
Create a new group (without adding users) and assign the necessary permissions.
You can enable anonymous user support using any of our embedding samples. For this demonstration, we’ll use the ASP.NET Core sample.
In the Index.cshtml
file, add the container to render the dashboard:
<body onload="renderDashboard(dashboardId)">
<div id="viewer-section">
<div id="dashboard"></div>
</div>
</body>
In HomeController.cs
, configure the authorization logic to generate the embed token using anonymous user parameters:
Parameter | Description | Example |
---|---|---|
embed_user_email |
Email of the anonymous user (not in Bold BI) | [email protected] |
embed_anonymous_token |
Enables anonymous embedding | &embed_anonymous_token=true |
embed_authorize_group |
Group name that anonymous users will be authorized under | &embed_authorize_group=Alpha |
[HttpPost]
[Route("AuthorizationServer")]
public string AuthorizationServer([FromBody] object embedQuerString)
{
var embedClass = Newtonsoft.Json.JsonConvert.DeserializeObject<EmbedClass>(embedQuerString.ToString());
var embedQuery = embedClass.embedQuerString;
// Use any anonymous user-email as embed_user_email
embedQuery += "&[email protected]";
embedQuery += "&embed_anonymous_token=true&embed_authorize_group=Alpha";
//To set embed_server_timestamp to overcome the EmbedCodeValidation failing while different timezone using at client application.
double timeStamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
embedQuery += "&embed_server_timestamp=" + timeStamp;
var embedDetailsUrl = "/embed/authorize?" + embedQuery + "&embed_signature=" + GetSignatureUrl(embedQuery);
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(embedClass.dashboardServerApiUrl);
client.DefaultRequestHeaders.Accept.Clear();
var result = client.GetAsync(embedClass.dashboardServerApiUrl + embedDetailsUrl).Result;
string resultContent = result.Content.ReadAsStringAsync().Result;
return resultContent;
}
}
In Index.js
, use the renderDashboard()
function to load the dashboard using the generated token:
function renderDashboard(dashboardId) {
this.dashboard = BoldBI.create({
serverUrl: rootUrl + "/" + siteIdentifier,
dashboardId: dashboardId,
embedContainerId: "dashboard",
width: "100%",
height: "100%",
embedToken: token
});
this.dashboard.loadDashboard();
};
Note: Retrieve the token from the Embed Authorize API and include it in the EmbedToken API member.
Once configured, the dashboard will render for the anonymous user:
You can track anonymous user activity in the Dashboard Usage Analytics dashboard.
Note: Anonymous user support is available only for the single dashboard viewer starting from Bold BI Version 10.1.18.