Hello Naveen, I’d recommend taking a look at the option to
Authenticate With Injected API Token for this use-case. You can use the JWT-injection directly on the website/application where the Dashboard is embedded.
But the JWT still needs to authenticate a user in the Org (in this case a Shared user that will be accessed by the public to look at the dashboard). That’s where the user permissions come in - we make sure that this user(s) doesn’t have Edit access.
Example of Authentication Using Injected JWT.