My Profile
Sign Out
Tickets
Knowledge Base
Login
Articles in this section
Category / Section
  2. Embed reports

How Authentication Works for Embedded Bold Reports?

Published:
Updated:

Imagine your application already serves 2,000 users, and you onboard 100 additional users. How do these users gain access to embedded reports without manual setup in Bold Reports? Here’s the process:

Step 1: Your Application Owns Identity Management

Your application is the single source of truth for user identities, roles, and permissions. Bold Reports does not require you to create or synchronize individual users. When new users join—whether it’s 100 or 1,000—they remain in your application’s user database or identity provider. No changes are needed in Bold Reports, as your app fully controls who the user is and what they can access.

Bold Reports requires at least one valid user account to generate tokens. Typically, this is a shared service account. The actual user context is passed through the token.

Step 2: Token-Based Authentication

When a user opens a report, your backend generates an embed token using the Bold Reports Authentication API.
This token acts as a secure credential and can include:

  • A valid Bold Reports service account (email and password)
  • Optional report parameters
  • Optional custom attributes (e.g., userId, role, region)

These attributes personalize the report and enforce data-level security.

For embedded scenarios, use Username and Password-based token generation, Secret Key-based tokens are not supported.

Step 3: Example – User Alice’s Access Flow

Click to view Alice’s journey

Scenario: Alice logs in and opens a report.

Process:

  1. Your backend requests a Bold Reports access token using a service account.
  2. Your frontend initializes the Report Viewer with that token.
  3. Bold Reports renders Alice’s personalized data using attributes in the token.

Sample Token:

{
  "userId": "Alice123",
  "role": "Manager",
  "filters": { "region": "North" }
}

Step 4: Row-Level Security

Bold Reports applies filters and parameters from the token during report execution.
For example, if Alice is a Manager, your app adds region="North" to the token, ensuring Alice only sees North-region data.

Filter data based on Parameter in Report

Step 5: Seamless Scalability

Onboarding 100 new users? No configuration changes in Bold Reports.
Your application issues tokens for them automatically, enabling immediate access to embedded reports.

Step 6: Permissions

Your application enforces view/edit permissions using the Bold Reports Server API:

  • Retrieve available reports
  • Restrict access by role or group
  • Manage permissions dynamically

Bold Reports simply renders reports based on the token—it does not manage per-user permissions internally.

Get Reports List | REST API Reference
Attachments
Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
Comments (0)
Access denied
Access denied