Anonymous embedding is an ideal solution for applications with a large number of users, where managing each user individually within Bold BI would be inefficient. Instead, anonymous embedding allows you to seamlessly integrate dashboards with a predefined, permission-based group on the BI server, providing a streamlined experience for your users.
Enable the System User option in the UMS Accounts page. This allows you to manage anonymous users without creating individual accounts for each user.
Create a new group and assign the necessary permissions for this group to access the necessary dashboards.
Example: Generate Embed Token for Anonymous User shows how to generate an embed token for an anonymous user with group to access the necessary permission.
Node
/*
Example: Embed Token Generation for Anonymous User (Node.js)
Requires: express, crypto, https, http, url
Install express: npm install express
*/
const crypto = require('crypto');
const https = require('https');
const http = require('http');
const url = require('url');
// Endpoint for generating the embed token
app.post('/tokenGeneration', function (req, res) {
var serverUrl = "<Bold BI Server URL>";
var siteIdentifier = "<Bold BI Server Site Identifier>";
var dashboardId = "<Dashboard Id>";
var embedSecret = "<Embed Secret Key>";
var useremail = "<Anonymous User Email>"; // Email of the anonymous user (not in Bold BI)
var groupName = "<Group Name>"; // The group name under which the anonymous user will be authorized
// Build the API endpoint URL
var serverApiUrl = serverUrl + "/api/" + siteIdentifier;
// Create the query string for generating the token
var queryString = "embed_nonce=" + crypto.randomUUID();
queryString += "&embed_dashboard_id=" + dashboardId;
// Add anonymous embedding and group details to the query string
queryString += "&embed_anonymous_token=true"; // This property enables anonymous embedding.
queryString += "&embed_authorize_group=" + groupName; // Authorize the user with a specific group
queryString += "&embed_user_email=" + useremail; // The email associated with the anonymous user
// Sign the query string using the embed secret
let embedSignature = "&embed_signature=" + GetSignatureUrl(queryString, embedSecret);
var embedDetailsUrl = "/embed/authorize?" + queryString + embedSignature;
// Request the token from the Bold BI server
var serverProtocol = url.parse(serverApiUrl).protocol == 'https:' ? https : http;
serverProtocol.get(serverApiUrl + embedDetailsUrl, function (resultContent) {
let str = '';
resultContent.on('data', chunk => str += chunk);
resultContent.on('end', function () {
const resultJson = JSON.parse(str);
if (resultJson?.ApiStatus && resultJson.Data?.access_token) {
res.json({ access_token: resultJson.Data.access_token });
} else {
res.status(500).json({ error: "Failed to generate embed token" });
}
});
});
})
// Helper function: Sign the query string using the embedSecret
function getSignatureUrl(queryString, embedSecret) {
const hmac = crypto.createHmac('sha256', Buffer.from(embedSecret));
return hmac.update(queryString).digest('base64');
}
Property | Description |
---|---|
embed_user_email | Email of the anonymous user (not in Bold BI) |
embed_authorize_group | The group name under which the anonymous user will be authorized |
After generating the embed token, you can embed the dashboard into your frontend application using the Bold BI Embed SDK. The token will authorize the anonymous user based on the group assignment.
<div id="dashboard_container_id"></div>
<script>
var boldbiEmbedInstance = BoldBI.create({
serverUrl: "<Bold BI Server URL>",
dashboardId: "<Dashboard Id>",
embedContainerId: "<Embed Container Id>", // Div ID where dashboard will render
embedToken: "<Embed token generated from backend server>"
});
boldbiEmbedInstance.loadDashboard();
</script>
Important: Anonymous user support is available only for the single dashboard viewer starting from Bold BI Version 10.1.18. It also supports Row-Level Security (RLS) for dynamic data filtering. You can find more details on implementing RLS here.