Articles in this section

How to Generate an Embed Token Using an Embed Secret Key in Bold Reports

Published:
Updated:

Bold Reports provides REST APIs that allow programmatic access and management of various reporting resources. These APIs enable developers to automate tasks and integrate report functionalities within applications.

For embedded reporting scenarios, Bold Reports supports generating embed tokens using an Embed Secret Key. This authentication method helps secure embedded applications by eliminating the need to expose Report Server user passwords.

This article explains how to generate an embed token using an Embed Secret Key and use the generated token in the embedded report viewer.

Prerequisites

Before generating an embed token, ensure that:

  • You have access to a Bold Reports Server environment.
  • An Embed Secret Key has been generated for the Report Server user.
  • You have access to an API client such as Postman.

Steps to Generate an Embed Token

  1. Create a New POST Request

    Open the Postman application and create a new POST request.

  2. Configure the Token Endpoint

    Follow the instructions in the Embed Authentication REST API documentation.

    Use the following endpoint URL:

{BoldReportsUrl}/reporting/api/site/{{tenant-name}}/token

Note: Replace {BoldReportsUrl} with the base URL of your Bold Reports server and <tenant-name> with your actual tenant name.

  1. Configure the Request Body

    Specify the grant_type as embed_token, provide the ReportServerUser, and include the corresponding Embed_Secret.

    You can also pass report parameters and custom attributes that will be applied when the report is rendered.

{
  "grant_type": "embed_token",
  "ReportServerUser": "[email protected]",
  "Embed_Secret": "Yhfw5o9c0VdPk8HWhQQnGKAl0K9HP",
  "ReportParameters": [
    {
      "Key": "ParameterKey1",
      "Values": [
        "Value3",
        "Value4"
      ]
    },
    {
      "Key": "ParameterKey2",
      "Values": [
        "Value4"
      ]
    }
  ],
  "CustomAttributes": [
    {
      "Key": "AttributeKey3",
      "Value": "AttributeValue4"
    },
    {
      "Key": "AttributeKey5",
      "Value": "AttributeValue6"
    }
  ]
}
  1. You will receive a response containing the embed token under the access_token tag:

image.png

Request Parameter Description

Parameter Description
grant_type Specifies the token type. Use embed_token.
ReportServerUser The Report Server user for whom the embed token is generated.
Embed_Secret The Embed Secret Key associated with the specified user.
ReportParameters Optional collection of report parameters passed to the report.
CustomAttributes Optional collection of custom attributes used for filtering, security, or custom business logic.

Note: When using the Embed_Secret field, the Password field is not required. The embed token is generated for the specified Report Server user using the provided embed secret key.

  1. Generate the Token

Send the request and verify that the response contains an access_token field.

Example response:

{
  "access_token": "generated_embed_token",
  "token_type": "bearer",
  "expires_in": 86400
}

Copy the generated access_token value for use in your embedded application.

Using the Generated Token in Bold Reports Viewer

Once the embed token has been generated, assign it to the embedToken property while initializing the Bold Reports Viewer.

$("#report-viewer").boldReportViewer({
    reportServiceUrl: "http://reportserver.syncfusion.com/ReportService/api/Viewer",
    reportPath: report_path,
    embedToken: generated_access_token
});

The report viewer authenticates using the provided token and automatically applies the configured report parameters and custom attributes.

See Also

Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
Comments (0)
Access denied
Access denied