Parsing User and Plan Capabilities
The dashboard always loads a JWT token for the current logged in user, containing information about the user and the plan.
let user = {
firstname:
lastname:
is_admin: <true|false> // Is this a SaaS admin, or regular user?
is_customer: <true|false> // Is this a paid user?
id: <uuid> // Unique user identifier
email: "[email protected]" // User email string
plan: (plan == null) ? null : { // Admins have a null plan.
id: <uuid> // Unique plan identifier
name: "premium" // Plan name, e.g. starter, middle tier, or premium
description: "string" // Plan description
limits: plan.limits, // An array of key-value pairs on plan limits.
features: plan.features // An array of marketing features of the plan.
}
};
The JWT token signed with your secret key is stored in a hidden div as follows, in your user dashboard pages. If you don't see it in your dashboard page, add this div yourself:
div(hidden, id="token", data-token=token)
Use the "Bearer" field in the Authorization headers to pass the JWT token to your API server. Here is an example that replaces the 'fetch' call we have shown in Step 2, Making API Requests with an AJAX call:
script.
function fetchEmbedUrl() {
var session;
var containerDiv = document.getElementById("embeddingContainer");
//
// Retrieve the token from the hidden div into javascript
//
let token = $("#token").attr("data-token");
$.ajax({
url: "https://<your-server-url>/get-embed-url",
contentType: 'application/json; charset=utf-8',
dataType: 'json',
// Pass the token in the Authorization header Bearer field
// with an empty ' ' space inbetween:
beforeSend: function (xhr) {
xhr.setRequestHeader('Authorization', 'Bearer ' + token);
xhr.withCredentials = true;
},
type: 'GET',
success: ((data) => {
console.log("Response:", data);
var options = {
// replace this dummy url with the one generated via embedding API
url: data.EmbedUrl,
container: containerDiv,
scrolling: "no",
height: "1200px",
width: "1000px",
locale: "en-US",
footerPaddingEnabled: true,
sheetId: '<sheet-id>', // use this option to specify initial sheet id to load for the embedded dashboard
sheetTabsDisabled: false, // use this option to enable or disable sheet tab controls
undoRedoDisabled: false, // use this option to disable undo and redo buttons
resetDisabled: false // use this option to disable reset button
};
session = QuickSightEmbedding.embedSession(options);
}),
error: ((error) => {
console.log(error);
})
});
}
$(document).ready (function(){
fetchEmbedUrl();
})
Here we cover the NodeJS / ExpressJS example. You would typically require the JWT library for your backend server , in NodeJS, here is what you need:
npm install jsonwebtoken --save
Press the Generate JWT Secret to create your secret
// Your .env or environment file:
jwt_secret=eb8bcbfdc57e0bc393f80ef14a9d06c50465
const jwt = require('jsonwebtoken');
const jwt_secret = process.env.jwt_secret;
// Fetch token from Auth header Bearer field
// Decode the token using JWT secret saved earlier:
const jwtTokenData = function(req, res, next) {
const token = req.header('Authorization').replace('Bearer', '').trim();
// TODO: Call this async, e.g. by passing a callback, then wrapping in promise.
const decoded = jwt.verify(token, jwt_secret);
return decoded;
}
//
exports.get_anon_embed_url = function(req, res, next) {
let user_info = jwtTokenData(req, res, next);
console.log("User Info:", user_info);
// [...]
}
// Console output:
/*
User Info: {
firstname: 'Team',
lastname: 'SaaSBox',
is_admin: true,
is_customer: false,
id: 'cb2931f2-c315-42a5-9ace-1023748b4953',
email: '[email protected]',
plan: null,
}
*/