Embed Token Generation

To embed a Bold BI dashboard securely in your application, you must generate an embed token. This token authorizes access and ensures that only permitted users can view or interact with the dashboard.

The following diagram illustrates the token generation flow:

Token Generation Flow diagram

Node

/*
  Example: Embed Token Generation (Node.js)
  Requires: express, crypto, https, http
  Install express: npm install express
*/

const express = require('express');
const crypto = require('crypto');
const https = require('https');
const http = require('http');

const app = express();

app.post('/tokenGeneration', function (req, res) {
  // Required details
  const serverUrl = "<Bold BI Server URL>";
  const siteIdentifier = "<Site Identifier>";
  const serverApiUrl = serverUrl + "/api/" + siteIdentifier;
  const dashboardId = "<Dashboard Id>";
  const userEmail = "<User Email>";
  const embedSecret = "<Embed Secret Key>";

  // Build query string
  let queryString = "embed_nonce=" + crypto.randomUUID();
  queryString += "&embed_dashboard_id=" + dashboardId;
  queryString += "&embed_user_email=" + userEmail;

  // Sign query string
  const embedSignature = "&embed_signature=" + getSignatureUrl(queryString, embedSecret);
  const embedDetailsUrl = "/embed/authorize?" + queryString + embedSignature;

  // Request token from Bold BI server
  const serverProtocol = new URL(serverApiUrl).protocol === 'https:' ? https : http;
  serverProtocol.get(serverApiUrl + embedDetailsUrl, function (resultContent) {
    let str = '';
    resultContent.on('data', chunk => { str += chunk; });
    resultContent.on('end', function () {
      const resultJson = JSON.parse(str);
      if (resultJson?.ApiStatus && resultJson.Data?.access_token) {
        res.json({ access_token: resultJson.Data.access_token });
      } else {
        res.status(500).json({ error: "Failed to generate embed token" });
      }
    });
  });
});

// Helper function: Sign query string using embedSecret
function getSignatureUrl(queryString, embedSecret) {
  const hmac = crypto.createHmac('sha256', Buffer.from(embedSecret));
  return hmac.update(queryString).digest('base64');
}

The following mandatory values must be configured in your backend application to generate an embed token.

Property	Description
`serverUrl`	Base URL of your Bold BI application (e.g., `https://your-company.boldbi.com/bi`).
`siteIdentifier`	Unique site/tenant identifier in Bold BI (e.g., site/tenant)
`dashboardId`	Unique ID of the dashboard How To get: Open the dashboard in BI application and copy the ID from the browser's URL.
`userEmail`	Email of the user viewing the dashboard. The user must exist in Bold BI and have permission to access it.
`embedSecret`	Secret key used to sign authorization requests. How To get: Retrive this from the Bold BI settings page.

Important: The embedSecret is extremely sensitive. It is highly sensitive and critical to security. Never expose this key to anyone or any publicly accessible location. It must only be stored and used on your backend server to sign embedding requests. The embedSecret should never be exposed in client-side code, mobile apps, or browser consoles. Always store and use it only on your backend server to sign requests. The frontend should only receive the generated embed token, never the embedSecret.

Token Generation Response (JSON)

The Bold BI server returns the response in JSON format, including the access_token and dashboard details, if the request is valid. Please find the below image of the resultContent.

JSON

{
  "ApiStatus": true,
  "Data": {
    "email": "[email protected]",
    "username": "testuser",
    "access_token": "eyJhbGciSI6IjE3NTY4OTEwMDYiLCJjdXN0b21fYXR0cmlidXRlIjOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6ImFudWFiYXJuYS5iQHN5bmNmdXNpb24uY29tIiwidXBuIjoiYW51YWJhcm5hIiwibmFtZWlkIjoiMSIsInVuaXF1ZV9uYW1lIjoiNmUxMmVhNjYtMWU3My00NDVmLWJlMzMtNDY5OTg0ZjVkODNiIiwiSVAiOiI6OjEiLCJpc3N1ZWRfZGF0Zoie30iLCJuYmYiOjE3NTYMiOiJodHRwOi8vbG9jYWxob3N0OjYwNTE1L2JpL3NpdGUvc2l0ZTEiLCJ4OTEwMDYsImV4cCI6MTc1Njk3NzQwNiwiaWF0IjoxNzU2ODkxMDA2LCJpc3hdWQiOiJodHRwOi8vbG9jYWxob3N0OjYwNTE1L2JpL3NpdGUvc2l0ZTEifQ.O1SqPb4gpcwCnqKHC1LtAdVWvdMnMKzDt8iz3vmIG-o",
    "token_type": "bearer",
    "expires_in": 604800,
    "UserDetail": "{\"DisplayName\":\"Test user B\",\"Email\":\"[email protected]\",\"Username\":\"testuser\",\"FirstName\":\"Test user\"...}",
    "ItemDetail": "{\"CanClone\":false,\"CanCopy\":false,\"CanCreateItem\":false,\"CanDelete\":false,\"CanWrite\":true,\"CategoryDescription\":null,\"CategoryId\":\"3ae74984-a689-4997-88b9-3c4e77f10dda\",\"CategoryName\":\"Getting Started Tutorial\",\"CreatedByDisplayName\":\"Test user B\",\"CreatedById\":1,\"CreatedDate\":\"08/08/2025 11:18 AM\",\"FailureOccurence\":0,\"Description\":\"This supply chain performance dashboard helps to effectively track supply chain KPIs related to the efficiency of sales orders processing.\",\"Id\":\"c5bab292-0ee6-4ee7-9dfa-d6b3cffed7ff\",\"ItemLocation\":\"c5bab292-0ee6-4ee7-9dfa-d6b3cffed7ff/1\",\"Name\":\"Supply Chain Performance Dashboard\"...}"
  },
  "Status": true
}

Please provide additional information

Thank you for your feedback and comments.We will rectify this as soon as possible!