Anonymous embedding is ideal for applications with thousands of users, where managing each user in Bold BI would be inefficient. Instead, anonymous embedding allows seamless integration with a predefined, permission-based group in BI server.
Enable the System User option in the UMS Accounts page.
Create a new group and assign the necessary permissions to it.
Node
/*
Required modules for cryptography, URL parsing, and HTTP requests.
Make sure you have 'express' installed: npm install express
*/
const crypto = require('crypto');
const https = require('https');
const http = require('http');
const url = require('url');
app.post('/tokenGeneration', function (req, res) {
var serverUrl = "<Bold BI server URL>";
var siteIdentifier = "<Bold BI server Site Identifier>";
var dashboardId = "<Dashboard Id>";
var embedSecret = "<Embed Secret key>";
var useremail = "<Anonymous user Email>";
var groupName = "<Group Name>";
// Making the BoldBI server API endpoint.
var serverApiUrl = serverUrl + "/api/" + siteIdentifier;
// Making the query string with nonce, dashboard ID and user email.
var queryString = "embed_nonce=" + crypto.randomUUID();
queryString += "&embed_dashboard_id=" + dashboardId;
// Append anonymous user details and authorized group name to the query string
queryString += "&embed_anonymous_token=true" // This property is for anonymous embedding.
queryString += "&embed_authorize_group=" + groupName;
queryString += "&embed_user_email=" + useremail;
// Sign query string
let embedSignature = "&embed_signature=" + GetSignatureUrl(queryString,embedSecret);
var embedDetailsUrl = "/embed/authorize?" + queryString + embedSignature;
// Request anonymous token from Bold BI server.
var serverProtocol = url.parse(serverApiUrl).protocol == 'https:' ? https : http;
serverProtocol.get(serverApiUrl + embedDetailsUrl, function (resultContent) {
let str = '';
resultContent.on('data', function (chunk) {
str += chunk;
});
resultContent.on('end', function () {
const resultJson = JSON.parse(str);
// Check if the response is valid and contains the access token.
if (resultJson && resultJson.ApiStatus && resultJson.Data && resultJson.Data.access_token) {
res.json({ access_token: resultJson.Data.access_token });
}
});
});
})
// Helper function: Sign query string using embedSecret
function GetSignatureUrl(queryString,embedSecret)
{
var keyBytes = Buffer.from(embedSecret);
var hmac = crypto.createHmac('sha256', keyBytes);
data = hmac.update(queryString);
gen_hmac= data.digest().toString('base64');
return gen_hmac;
}
Property | Description |
---|---|
embed_user_email | Email of the anonymous user (not in Bold BI) |
embed_authorize_group | The group name under which the anonymous user will be authorized |
In this, we will utilize the anonymous token is generated with group name to integrate a dashboard into your frontend application using the embed SDK.
<div id="dashboard_container_id"></div>
<script>
var boldbiEmbedInstance = BoldBI.create({
serverUrl: "<Bold BI Server URL>",
dashboardId: "<Dashboard Id>",
embedContainerId: "<Embed Container Id>", // Div ID where dashboard will render
embedToken: "<Embed token generated from backend server>"
});
boldbiEmbedInstance.loadDashboard();
</script>
Important: Anonymous user support is available only for the single dashboard viewer starting from Bold BI Version 10.1.18. It also supports Row-Level Security (RLS) for dynamic data filtering. You can find more details on implementing RLS here.