The Settings page in the General section of the Admin menu lets you configure the instance-wide settings for Looker.
License Key
The license key is unique to the Looker instance you’re using. It enables or disables certain Looker features based on your licensing agreement.
The license key is hidden by default. Click the eye icon to display it.
Host URL
The host URL is the base portion of your Looker instance’s URL. It is used specifically when links to your instance are created in scheduled emails and in all absolute URLs that Looker generates.
Make sure the Host URL setting uses http://
or https://
appropriately, based on your instance’s server configuration.
Changing the host URL may affect the functionality of some Looker features. See the What happens if the URL changes for my Looker instance? article in the Looker Help Center for more information about changing instance URLs.
Technical Contacts
Email addresses added to this box will receive notifications of security updates, major bug fixes, and new Looker releases. They will also have visibility into all support requests submitted by members of their organization in the Customer Portal in the Looker Help Center.
Looker Support requires permission from a technical contact to do any of the following:
- Cause downtime for the instance, which could be due to a non-scheduled version update, performance changes to your Looker server, or other reasons
- Change something about your Looker license, possibly to enable new features for you
Application Time Zone
When displaying data in an Explore, a Look, or a dashboard, Looker can convert time data from the connection’s Database Time Zone to the appropriate time zone for that user.
If the User Specific Time Zones option is enabled, then an admin can set the user’s default time zone or users can set their own default time zone. If the admin or user has not set the user’s default time zone, then the Application Time Zone is used for that user, and all time-based data queried by that user will be converted to the Application Time Zone.
The Application Time Zone setting is also used as the default time zone for content deliveries. The time zone used for schedules does not affect time data returned by a query; it affects only the time a data delivery is sent.
See the Using time zone settings documentation page for more information.
Closed System
This option must be enabled by Looker; contact Looker Support to get started.
The Closed System setting is used in conjunction with groups to prevent users in one group from knowing about the users in another group. This is often useful for multi-tenant installations.
The locations in Looker where users might see other users include:
- The Users page in the Admin section of Looker
- The Users folder in the Browse section of Looker, if they have been granted at least View access to another user’s personal folder
- The Manage Access pop-up, which is a part of folder management
When the Closed System setting is enabled, non-admin users who do not have the see_users
permission will only be able to see other users with whom they share a group. They will also only be able to see groups of which they are members.
All admins and any users who have been granted the see_users
permission can see all users and groups on the instance.
Admins can override the Closed System setting by allowing a user to see the personal folder of another user with whom they do not share a group, so please use caution when editing folder visibility.
Default Private Personal Folders
The Default Private Personal Folders option is not available for Looker instances with Closed System enabled.
When Default Private Personal Folders is enabled, a user’s personal folder is by default visible only to that user and to Looker admins. By default, other users will not see the folder in the People folder, and the content in the folder will not be visible on boards or in content searches.
If you do want to provide access to a personal folder, you can add access to other users or to user groups through the Manage Access option from the personal folder’s gear menu.
If you disable the Default Private Personal Folders option, a user’s personal folder can be viewed by any Looker user in the All Users user group.
New Account Notification
The New Account Notification setting can be enabled or disabled. When it is enabled, any Looker admin user will be emailed when a new Looker account is created. (SSO embed users are an exception; emails are not generated when an SSO embed user is created.) The email will contain the new user’s email address.
In-App Guides
In-app guides let Looker communicate with users in the application through tutorials, banners, alerts, and surveys. These communications are used to help users get more out of the platform, alert them to new features, get feedback on the platform, and invite them to trainings and events where they can learn how to better use Looker.
Administrators can choose to disable guides for their instance, which will disable the guides for all users on that instance. There is no way to selectively turn off in-app guides for certain users. Looker will not show in-app guides to embedded users or non-admin users on whitelabeled instances.
Guides are designed and deployed by Looker’s Customer Experience team and will change over time. Looker uses third-party software (Pendo) JavaScript to serve the guides. Looker vets the individual guides and adds them to the allowlist. When fetching a guide from Pendo, Looker uses SHA-256 integrity hashes to validate that the guide is unchanged. If there are any changes to the guide after Looker’s review, Looker prevents use of the changed guide. If a user’s browser cannot reach the Pendo server, then the guide is simply not displayed.
Cookie Notification Banner
When enabled, this setting will show a cookie notification banner to all users on your instance. This setting is disabled by default.
Looker recommends that you enable this setting if you need to comply with the European Union’s data protection regulations.
Curated Search
Curated Search does not apply to closed systems but is otherwise enabled by default.
When Curated Search is enabled, users are able to search for content across shared folders, their personal folder, and boards. Content that is saved in other users’ personal folders will be included in the results only if such content is also pinned to a board. The search results will exclude content that exists only in the personal folders of other users. Users have the option to exclude content in personal folders by clicking the switch next to the Curated Search feature name in the search modal.
Use Gravatar
When enabled, this setting displays the Profile Picture option on the user menu, letting users select or create an avatar for their account using the Gravatar app.
User Specific Time Zones
When adding a connection, you specify what time zone your database stores time information as the Database Time Zone.
When User Specific Time Zones is enabled, each user is assigned a time zone, and Looker converts time-based data from the Database Time Zone to a user’s time zone when viewing query results or interpreting filters.
When User Specific Time Zones is disabled, Looker converts time-based data for all users to the Query Time Zone value.
See the Using time zone settings documentation page for more information.
Default Visualization Colors
The Default Visualization Colors setting lets you define a default color collection for visualizations, and also lets you create new color collections for use in your instances.
Setting a default color collection
Each Looker instance must have a default color collection.
To set a pre-existing color collection as your default, choose the color collection from the drop-down menu and click the Update button.
Setting a new default color collection will update all visualizations on Looks and dashboards that use the default color collection. Visualizations saved with a different color collection, or a custom palette, will not be affected.
You can see the first categorical, sequential, and diverging palettes of each collection directly under the drop-down menu. These are the palettes that will be used as the visualization defaults. To view all the palettes in the color collection, visit the Color collections documentation page.
Creating a custom color collection
To create a custom color collection:
- Select Create a color collection from the collection drop-down.
- Give your new collection a unique name.
- Click each palette to edit.
- Select individual colors to edit, or click Edit All to edit all the colors at once.
- When you’re finished editing your new collection, click Update.
Color values can be formatted as hex strings, such as #2ca6cd
, or as CSS color names, such as mediumblue
. Or you can click on the color wheel to open and select a shade from the color picker. If you choose to edit all colors, use a comma between each color name to separate them. To add or remove a color, click on the + or - signs.
The new collection will automatically become the instance default, but you can choose a different default if you want.
Collection IDs and palette IDs for any new custom color collections are based on each collection’s name. This allows LookML dashboards that use those collections to render consistently across instances if both instances have the same custom collections named identically.
Deleting a custom color collection
You can delete a custom color collection by selecting the collection from the drop-down menu and clicking the Delete button that appears. You cannot delete Looker’s native color collections.
Load Assets from CDN
This option is available only for customer-hosted instances. Because Looker-hosted instances always load assets from the CDN, this setting cannot be disabled for these instances..
CDN stands for content delivery network. A CDN is a network of servers that stores content in multiple geographic locations to reduce page load time for users. Your data is never stored on these servers; only items specific to Looker (such as images) are stored here.
The Load Assets from CDN setting can be either enabled or disabled. When it is enabled, Looker pages should load faster.
Persist Assets in Browser Cache
When this setting is enabled, static assets such as JavaScript files and fonts are cached in each user’s browser storage. This speeds up subsequent navigations, because the browser does not need to continue to reload these assets from the Looker server.
Mobile Application Access
When this setting is enabled, users can log in to their Looker account on the instance using the Looker mobile app. When it’s disabled, any existing mobile sessions are terminated.
Force mobile authentication
When this setting is enabled, users are required to sign in to the Looker mobile app every time they open the app on their mobile device. Users can also enable biometric login when Force mobile authentication is enabled.
Public URLs
The Public URL setting can be enabled or disabled. When this setting is enabled, Looker users with appropriate permissions can generate public URLs to access Looker data.
Although public URLs are not guessable, anyone who has one can access your data without security restraints. Please use with caution.
Email Domain Allowlist for Scheduled Content
This setting lets you define the email domains to which your users can send content deliveries or alert notifications through email. Enter allowable email domains in the format domain.suffix
to limit external emails according to the Permissions overview section on this page. For example, to limit external emails to the gmail.com
and friendly_domain.org
domains:
This setting applies to all data deliveries: Looks, dashboards, queries with visualizations, and alerts.
Permissions overview
A user must have at least the schedule_look_emails
permission to be able to email any Looker content. To send alert notifications, a user must also have create_alerts
permissions.
Some users may additionally have the schedule_external_look_emails
permission, which can be granted if the user first has the schedule_look_emails
permission (see more on permissions and dependencies on the Roles documentation page).
For users with only the
schedule_look_emails
permission (but notschedule_external_look_emails
):If the Email Domain Allowlist for Scheduled Content field is left blank, a user with the
schedule_look_emails
permission can send data delivery and alert notification emails to any email address. (This behavior is different for SSO embed users; see the Permissions and considerations for SSO Embed users section on this page.)If the Email Domain Allowlist for Scheduled Content field has a domain or list of domains, a user with the
schedule_look_emails
permission can email data deliveries and alert email notifications to their own email address, to the email address of a user on the Looker instance, or to an email address with a domain listed in the Email Domain Allowlist for Scheduled Content field.
Users with the additional
schedule_external_look_emails
permission can send email data deliveries or alert email notifications to any email address, regardless of the configuration of the Email Domain Allowlist for Scheduled Content field.
Permissions and considerations for SSO Embed users
An embed user must have at least the schedule_look_emails
permission to be able to email any Looker content. To send alert notifications, a user must also have create_alerts
permissions.
Some embed users who additionally have the schedule_external_look_emails
permission can send email data deliveries to any email address, regardless of the configuration of the Email Domain Allowlist for Scheduled Content field.
Due to the nature of embedding content, there are some circumstances that are different for embed users as opposed to non-embed users. Embedded Looker content is accessed through a dedicated embed user account, not by individual user accounts. Therefore, when a person accesses Looker content through an embed, Looker isn’t expected to know the individual user’s email address. Because of this, embed users with only the schedule_look_emails
permission are allowed to email Looker content only to emails with domains that are listed in the allowlist. This means that:
- If the Email Domain Allowlist for Scheduled Content field has a domain or list of domains, an embed user with only the
schedule_look_emails
permission (but notschedule_external_look_emails
) can email data deliveries or alert email notifications to an email address with a domain listed in the email allowlist. This restriction extends to other users on the Looker instance: the embed user can email them data deliveries only if the recipients’ email domains are in the allowlist. - If the Email Domain Allowlist for Scheduled Content field is blank, an embed user with the
schedule_look_emails
permission (but notschedule_external_look_emails
) cannot email Looker content at all.
There is one exception to these rules: You can provide Looker with an embed user’s email address by defining it in the email
user attribute in the SSO embed URL. For example:...&user_attributes={"email":"joe@domain.com"}
If you define the email
user attribute in the embed URL, Looker will allow an embed user with just the schedule_look_emails
permission to email Looker content to their own email address, even if their domain isn’t in the Email Domain Allowlist for Scheduled Content field, or if the Email Domain Allowlist for Scheduled Content field is blank.
URL Allowlist for Data Actions
This setting lets you define URLs (such as https://looker.com
) where your users can process data actions.
For example, if you add the URL https://looker.com
to the URL allowlist for data actions, data actions will be able to be processed only at https://looker.com
. Attempts to process data actions at other URLs will not be allowed.
If this field is left blank, there are no URL restrictions for data actions. However, if you have included a user attribute in a data action, this field is required. In that case, you must provide valid URLs to process data actions.
Block Inline Embedded Images in Query Results
By default, Looker does not display Base64 encoded images in query results. Disable this setting to display Base64 encoded images in query results.
Block Formulas and Macros in CSV and Excel Files
When this setting is enabled, Looker prepends a '
character to all values that could be interpreted as formulas or macros in queries downloaded in CSV or Excel spreadsheet formats.
Outgoing Webhook Token
If a user uses a webhook to deliver content — such as a dashboard, a legacy dashboard, or a Look— the request will include a special Looker token that can be set here. Servers that receive webhooks can then verify that requests contain this value to verify the legitimacy of webhook requests.
Default Export Format
The Default Export Format setting lets you choose the default file format that is used when users choose to download data. Users can still choose a different file format if they like.
Format | File Extension | Description |
---|---|---|
TXT | .txt |
Generates a text file delimited by tabs. |
Excel Spreadsheet | .xlsx |
Generates a spreadsheet file using the format for Microsoft Excel 2007 and later. |
CSV | .csv |
Generates a text file delimited by commas. |
JSON | .json |
Generates a JSON file with one record per line. |
HTML | .html |
Generates basic HTML to display the data in a way that is similar to how the user sees it in their browser; however, the formatting is not exactly the same because Looker’s CSS will not be included. |
Markdown | .md |
Generates a standard Markdown file with a | delimited table. |
Onboarding
New in Looker 22.6 is an onboarding walkthrough for first time users.
When enabled, Looker admins and developers who log into a new Looker instance will see the Looker onboarding walkthrough, which guides users through the four major steps to make use of a Looker instance:
- Adding a connection
- Creating a project
- Editing project files if desired
- Exploring data
Once any combintion of admins or developers complete the full guide it stops being displayed.
The In-App Guides setting must be enabled for the Onboarding option to be available.