View the original community article here
Last tested: Aug 30, 2020
The embed_domain
parameter isn't its own SSO parameter, but rather gets put directly in the embed_url parameter. If the embed_domain is specified as a separate query parameter, even if it is placed after the embed_url, users may get the error: "Embed URI is not valid: This request includes invalid params: [“embed_domain”]
. The script will not format the embed_domain correctly to generate the signature unless it is actually part of the embed_url.
If you are troubleshooting this error, first ask yourself, "Do I actually need to include the embed_domain?" The embed_domain parameter is only necessary if your script is using Javascript event listeners (not a requirement for a basic SSO embed implementation). So if you do not need to listen for Javascript events, the simplest option is to get rid of the embed_domain completely.
If you do want to listen for Javascript events, you'll want to check the URL generation script to see where the embed_domain is being added. Here is what it should look like when done correctly:
{
host: 'localhost:9999',
secret: [embed secret goes here],
external_user_id: '57',
first_name: 'Embed Steve',
last_name: 'Dude',
permissions: ['see_user_dashboards', 'access_data', 'see_looks'],
models: ['thegreatmodel'],
group_ids: [5, 2],
external_group_id: 'awesome_engineers',
user_attributes: {"an_attribute_name" => "my_value"},
access_filters: {:fake_model => {:id => 1}},
session_length: fifteen_minutes,
embed_url: "/embed/dashboards/3?embed_domain=http://localhost:8081", #DO THIS
force_logout_login: true
}
Here is what it should look like when done incorrectly:
{
embed_domain: 'localhost:8081', #DON'T DO THIS
host: 'localhost:9999',
secret: [embed secret goes here],
external_user_id: '57',
first_name: 'Embed Steve',
last_name: 'Dude',
permissions: ['see_user_dashboards', 'see_lookml_dashboards', 'access_data', 'see_looks'],
models: ['thegreatmodel'],
group_ids: [5, 2],
external_group_id: 'awesome_engineers',
user_attributes: {"an_attribute_name" => "my_value"},
access_filters: {:fake_model => {:id => 1}},
session_length: fifteen_minutes
embed_url: "/embed/dashboards/3",
force_logout_login: true
}
Notice that the incorrect script puts embed_domain as the first parameter, which will show up directly after the main embed path /embed/dashboards/3
. So the final generated URL will look very similar to a correct URL, but the URL will still not validate because the embed_domain
parameter is not recognized.
This content is subject to limited support.