How to set up JWT for SSO authentication in Bold BI site

This section provides a step-by-step guide to configuring Single Sign-On (SSO) for users at the site level in the Bold BI application using Custom JSON Web Tokens (JWT).

Steps to configure JWT in Bold BI

Login with this URL {domain}/bi/site/{site_identifier}/administration using the admin credentials.
Click on Authentication and then JWT.
Enable the JWT settings.

Provide the following details in the JWT settings.

Name	It represents the name of the JWT provider to be displayed in the login page.
Provider Logo	It represents the logo of the JWT provider to be displayed in the login page.
Remote Login URL	It is the endpoint of the JWT provider to send the authorization request from Bold BI application.
Remote Logout URL	It is the endpoint of the JWT provider to send the logout request once user logged out in the Bold BI application.

After the values are saved, the application will generate a Signing Key. This signing key must be used for signing JSON Web Tokens from your application.
The Signing Key can be copied, viewed, and reset using the following options:

For more details on how JWT works with Bold BI, click here

JWT Callback URL

The JWT callback URL will validate the JWT response from the configured application.

After a user successfully logs into your configured application, you can redirect them to the specific URL provided.

{Bold BI URL}/sso/jwt/callback?jwt={token}&site_identifier={site identifier}&redirect_to={redirecturl}

Parameter Required Comments

jwt Yes JSON Web Token will be passed in this parameter. It will contain the JWT Payload

site_identifier

Yes

Parameter	Required	Comments
jwt	Yes	JSON Web Token will be passed in this parameter. It will contain the JWT Payload
site_identifier	Yes	This parameter will be used to grant site access for the JWT user. If the JWT login accessed from the tenant, Bold BI login URL will redirect to your application with tenant site identifier in URL query string. You can use this identifier in JWT response URL. Example Url`{Remote login URL}?site_identifier={site identifier}` NOTE: Should pass one site identifier. More than one identifier not allowed.
redirect_to	No	If this parameter is included in the JWT response, then the user will be redirected to that page by validating with the site identifier, after the login process completed.

This parameter will be used to grant site access for the JWT user.

If the JWT login accessed from the tenant, Bold BI login URL will redirect to your application with tenant site identifier in URL query string. You can use this identifier in JWT response URL.

Example Url{Remote login URL}?site_identifier={site identifier}

NOTE: Should pass one site identifier. More than one identifier not allowed.

redirect_to No If this parameter is included in the JWT response, then the user will be redirected to that page by validating with the site identifier, after the login process completed.

Creating a JSON Web Token (JWT) To get started with SSO, you need to create a valid JSON Web Token (JWT). Follow the instructions outlined here to generate a JWT for your Bold BI application.

Contents

Steps to configure JWT in Bold BI
JWT Callback URL

Contents

Steps to configure JWT in Bold BI
JWT Callback URL

Please provide additional information

Thank you for your feedback and comments.We will rectify this as soon as possible!