Hi GD team, Is there a way to control what authentication method a user uses when accessing an embedded dashboard? I've run into issues where I am authenticating through a JWT for an embedded dashboard but GoodData is using my Okta session instead. My end users may be using Okta for other apps but will be using JWT authentication when accessing the embedded dashboard in our product. I am embedding my dashboard with the argument of

apiTokenAuthentication=true

as in the documentation here: https://www.gooddata.com/docs/cloud/embed-visualizations/iframes/embed-dashboard-via-iframe/ .

Hi Tim, this depends on the authentication method first used to log in to GoodData Cloud in the browser, if you already logged in to the platform via your OKTA session, there won't be any need to authenticate again in the embedded dashboard as the session is shared. I would suggest testing removing GoodData from OKTA for a single user, but if this is not desirable, please feel free to specify your use case and let us know why a same user should be able to use two different authentication methods for GoodData Cloud.

Hi Moises, I have two cases I think: 1. For a customer that uses Okta with an existing email (e.g., customer@client.com) and we are using that same email tied for that user for the GoodData account we create for them. Maybe this case doesn't actually happen where it would redirect them to the Okta login. 2. For internal users who want to test the embedded version acting as an end user and use GoodData logging in through Okta to develop dashboards themselves. For myself, I have to ensure I am logged out of GoodData and Okta to receive the end user experience instead of it bypassing to use my Okta credentials. The result is I can see different dashboards and data that my end user wouldn't have access to.

Thank you for the details, Tim. I will make sure to share them internally with out developers, for this use case to be considered in future product releases. At this time, I can recommend using either authentication method to sign in to the platform.

🎉 New note created.

Hi @Moises Morales I'm running into an issue related to this. When we're trying to test our embedded experience acting as one of our end users (who doesn't have GoodData in Okta but uses a JWT we create for them), we are getting redirected to the Okta login screen in our embedded iframe.

Hi Tim, I would first start by making sure that the JWT was successfully uploaded/enabled on your org. You can check this by making a GET call to this endpoint:

$HOST_URL/api/v1/entities/jwks

Hi Moises, Yes, I can confirm the JWK is registered there.