Is there any way to entirely hide GoodData's login...
# gooddata-platformm
Mitchel Roling
11/09/2022, 6:36 PMIs there any way to entirely hide GoodData's login screen from embedded dashboards? I'm authenticating through a third party application (Auth0) and then directing them into my product. Users don't have any reason to log in directly to the GoodData platform. However, sometimes users become logged out of GoodData and not my product. When this happens, users are prompted to log in to GoodData directly. They then go through GoodData's password reset experience and end up in entirely the wrong spot.
j
Joseph Heun
11/09/2022, 6:50 PMHi Mitchel, you can manage these whitelabel settings to make GD look like your own product: https://help.gooddata.com/pages/viewpage.action?pageId=116524650
m
Mitchel Roling
11/09/2022, 6:51 PMI've embedded the dashboard into my product
Mitchel Roling
11/09/2022, 6:51 PMbut sometimes the embedded dashboard asks for credentials... is there any way to prevent that from showing?
Mitchel Roling
11/09/2022, 6:52 PMI don't want users going to the whitelabeled domain
j
Joseph Heun
11/09/2022, 7:02 PMLogin session for the users is based on SuperSecure Token (SST). The default behaviour is that SST is valid for 2 weeks and after two weeks session expire and user is logged out. Do users have the option to login with passwords as well? It may help to enable SSO only for your users so they have no option to login with the password at all.
m
Mitchel Roling
11/09/2022, 7:03 PMYeah, my product logs them out after 24 hours, so in theory, they would never go 2 weeks. Still, it would probably be a good idea to switch users to SSO only. I'll try to figure out how to do that
Mitchel Roling
11/09/2022, 7:03 PMWhat does a SSO only user see when they try to log in?
j
Joseph Heun
11/09/2022, 7:07 PMdomain admins can update the user settings via API here: https://help.gooddata.com/doc/enterprise/en/expand-your-gooddata-platform/api-reference#operation/getUserProfile
Joseph Heun
11/09/2022, 7:08 PMIf they attempt to login through the login page with SSOonly set, they will just see an “invalid username or password” message
m
Mitchel Roling
11/09/2022, 7:09 PMOk, but they won't be given a 'forgot my password' link?
j
Joseph Heun
11/09/2022, 7:25 PMThere still is the link, if a user does try to click it and reset their password no email is sent to the user though. I’m checking to see if there is a way to remove though from the login page
m
Mitchel Roling
11/09/2022, 7:26 PMIs there any way for my application to know if a user is authenticated or not?
j
Joseph Heun
11/10/2022, 2:21 PMHi Mitchel,
You should be able to redirect users after logout by setting the target url of your application:
https://auth0.com/docs/authenticate/login/logout/redirect-users-after-logout
For example: https://*.gooddata.com
m
Mitchel Roling
11/10/2022, 2:22 PMYes, I do that, but it seems there are still scenarios where someone is logged into Auth0 but not into GoodData, and there is no way that I can find to identify when this happens.
If I knew that a user wasn't logged into GoodData, I could force them to log in again.
j
Joseph Heun
11/14/2022, 8:29 PMHey Mitchel. Sorry for the delay here. I was out with an illness for a few days, but all good now. I think you can solve your problem using JIT: https://help.gooddata.com/pages/viewpage.action?pageId=86797145
m
Mitchel Roling
11/16/2022, 5:28 PMNo worries at all. Glad you are feeling better. I'll check this out! Thanks