Mastering Single Sign-On (SSO) for Embedded BI Authentication

Mastering Single Sign-On (SSO) for Embedded BI Authentication

Share this blog

Be the first to get updates

    Subscribe RSS feed
    Mastering Single Sign-On (SSO) for Embedded BI Authentication

    In today’s digital age, we are overwhelmed with numerous online accounts and passwords that can be quite challenging to manage. The introduction of single sign-on (SSO) has simplified the login process for users and enhanced security by minimizing password-related vulnerabilities. Bold BI supports SSO authentication. You can embed Bold BI dashboards in your application with SSO authentication. SSO streamlines the user experience in embedded BI by enabling users to switch among various business apps without having to log in again. In this blog post, we will explore the concept of SSO, some of its benefits, and what Bold BI offers regarding SSO integration.

    What Is Single Sign-On?

    SSO is an authentication technique that enables users to access numerous applications or systems with a single login credential. It enables users to log in once and access all approved apps and services, removing the need for users to remember numerous usernames and passwords. This streamlines the login procedure, improves the user experience, and increases security by minimizing the dangers of weak or repeated passwords.

    Benefits of Implementing SSO

    Here are some of the ways SSO can benefit an organization.

    Increased convenience

    With SSO, users can use embedded BI without remembering and entering several login credentials. Particularly for users who often utilize multiple applications, this can be convenient and save time.

    Improved security

    By setting up SSO for your company’s apps, you can enforce the creation of strong passwords. Having one set of credentials to use keeps employees from using weak passwords that are easier to remember, and therefore security risks. Since people tend to use the same password for multiple apps, a hacker gaining access to one through the app with the weakest security gives them access to all the other apps. With SSO, one strong password goes through an app designed for high security, giving employees access to all their business apps, without giving those apps access to that password. Additionally, SSO can make it simpler to provision and deprovision users, facilitating access control for sensitive data.

    Better user experience

    SSO enables users to open several applications without logging in again, resulting in a smooth user experience. Users can be more productive and have less frustrations as a result. Your IT team will also see fewer requests for help with lost passwords.

    Improved adoption of BI

    SSO can facilitate user access to embedded BI applications, resulting in a rise in adoption and use of these programs. Better insights and more well-informed decisions may result throughout the organization.

    Setting Up SSO with Different Login Providers in Bold BI

    Bold BI’s SSO integration can simplify your authentication process and provide you with seamless access to your data. The following are the supported SSO login providers.

    Azure Active Directory

    SSO with Azure Active Directory in Bold BI allows users to seamlessly access dashboards using their existing Azure AD credentials. To configure SSO, create an Azure AD app, grant necessary permissions, and configure Bold BI settings accordingly. Check out this documentation on the steps to set up Azure Active Directory for SSO authentication in Bold BI.

    Office 365

    Bold BI for the cloud supports adding Office 365 users and groups to share dashboards and email reports with in embedded applications. This documentation explains how to configure SSO with Office 365 support.

    OpenID Connect protocol-based providers

    OpenID Connect can be enabled for SSO and imported into Bold BI for authentication by integrating SSO with an identity provider that supports OpenID Connect (OIDC). Auth0, Okta, OneLogin, Keycloak, and RedHat are supported OIDC providers. To learn more about OpenID Connect support, check out this documentation.

    OAuth 2.0 protocol-based providers

    Configuring Bold BI to enable OAuth 2.0 for SSO allows users to log in instantly after authenticating with OAuth 2.0. Any OAuth 2.0 provider can be used. Learn more about configuring SSO with OAuth in this documentation.

    Bold BI allows you to embed dashboards and data sources with SSO authentication.

    Embedding Dashboards with SSO

    Bold BI offers the ability to integrate dashboards into any application through iframe-based embedding. The following steps discuss the process of using iframe-based embedding with SSO.


    Before starting the embedding process, you need these prerequisites to run the sample. You should either have an active Bold BI for cloud tenant or have the latest Bold BI Enterprise Edition installed in your server.

    Steps to run the sample

    1.Download the iframe embedding SSO sample.

    2.Set the following embed properties in the Program.cs file.

    dashboardUrlURL of the dashboard to be embedded.
    secretCodeAuthorized key for the dashboard to be embedded.
    userInfoThe email ID of the user.
    Embed properties in Program.cs file
    Embed properties in Program.cs file

    In the Bold BI server, you can get an embed secret key to enable the embed SSO authentication from the administrator settings section.

    3.In the cs file, set the URL of the dashboard that you want to render in the variable dashboardUrl. Please follow this link to see how to get the dashboard URL.

    Dashboard URL in the dashboardUrl variable
    Dashboard URL in the dashboardUrl variable

    How the iframe embedding SSO sample works

    4.For SSO authentication while embedding, the secretcode parameter is added to the encryption to generate an encrypted signature.

    Generate an encrypted signature
    Generate an encrypted signature

    5.Based on the provided embed properties, we include the iframe URL with its mandatory parameters while sending a request to the Bold BI server and running the sample.

    iframe URL with mandatory parameters
    iframe URL with mandatory parameters

    6.The server then identifies the encrypted signature and decrypts it server-side. Then, it is authenticated and the dashboard is allowed to render.

    7.The embedded dashboard will be rendered as shown in the following image.

    Embedded dashboard using SSO
    Embedded dashboard using SSO

    In iframe embedding without SSO authentication, we won’t pass the embedsignature to the server. For this case, we need to log in each time while accessing the sample.

    We can also embed data sources in any application using the iframe-based embedding in Bold BI. We can embed data sources without a login prompt while trying to embed using an iframe URL with a valid embedSignature, as explained in this documentation.

    Start Embedding Powerful Analytics

    Try out all the features of Bold BI with 15-day free trial.

    I hope this article has shed some light on SSO, its support in Bold BI, and some of the benefits when used in a business environment.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Live Chat Icon For mobile
    Hugo Morris

    Chat with the Bold BI Sales team now!

    Live Chat Icon