My Profile
Sign Out
Tickets
Knowledge Base
Login
Articles in this section
Category / Section
  2. Embed reports

Embedding Bold Reports Using Token-Based Authentication

Published:
Updated:

When embedding Bold Reports into your application, authentication and access control are managed entirely by your application using a secure token-based approach. This method is ideal for large-scale deployments, such as managing thousands of users and onboarding new users, without requiring user management within the Bold Reports server.

Authentication and User Access Flow

1. User Identity Management

  • Your application maintains complete control over user identities, roles, and permissions.
  • No need to create or sync individual users in Bold Reports.

2. Token Generation

  • For each user accessing a report, your application generates an embed token. Embedding with Token Authentication | REST API Reference

  • The token can include:

    • Email of a valid Bold Reports user
    • Password of the same user
    • Optional: Report parameters
    • Optional: Custom attributes (e.g., user ID, department, region)

  • These attributes personalize report content and enforce data-level security.

Bold Reports requires at least one valid user account to generate embed tokens. This can be a single shared service account. The actual user context is passed through the token, ensuring each viewer gets a personalized and secure experience.

User Impersonation in Bold Reports

Access Control and Row-Level Security (RLS)

  • Bold Reports uses the parameters and custom attributes in the embed token to apply data filtering at runtime.
  • RLS Implementation:
    • Report parameters and custom attributes are evaluated during report execution.
    • Applied to data source queries so that every user sees only the data they are authorized to access.

References:

Onboarding New Users

  • No changes required within Bold Reports.
  • Your application simply generates tokens containing the relevant attributes.
  • New users can immediately access embedded reports.

Controlling Report Permissions (View/Edit)

  • Your application controls all permissions using the Bold Reports Server API. You can:
  1. Retrieve the list of reports available to a user
  2. Restrict access based on roles or groups
  3. Manage edit/view permissions dynamically
  • The embed token reflects the user permissions determined by your application.
  • Bold Reports renders the report based on the token but does not manage user-specific permissions internally.

Get Reports List | REST API Reference

For this embedding scenario, Embed Secret Key-based token generation is not supported. You must use Username and Password-based token generation.
Attachments
Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
Comments (0)
Access denied
Access denied