Skip to main content

New Dev Tutorial! Implementing SSO with JWT



  • Suresh ungarala


    Implemented SSO with JWT and need to clarify few points.


    1) When User is created with viewer privileges(through JWT) , what is the Password(default or any) for newly created user?

    2) When doing ajax get for SSO, It throws "Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response."

    If  "Access-Control-Allow-Origin" header is removed from request, it throws "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access."

    Thanks .

  • Moti Granovsky

    Hi Suresh,

    1. Users created via SSO have no password, and thus cannot access Sisense directly (skipping the SSO) until a password is explicitly defined for them.
    2. I'm not exactly sure which "GET" request you are referring to - could you be more specific about the purpose and nature of this AJAX call?


  • Malinda Jepsen


    The "hash" contains the password, so you can set it when you create the user. I hope that helps.


  • Moti Granovsky

    Malinda, that's correct when users are created via our REST API.

    For users created automatically via SSO (on a user's first log in) - which is what Suresh's question was about - they are created without a password (if you look at the MongoDB Users collection, these users don't have a "hash" field).

    The API can then be used to set a password for them (can also be done via the Admin panel UI), but there is no way I'm aware of of pre-defining a password for future users that get created by the SSO process, nor is there a default one - this is on purpose, as a default password set for many users would be a security flaw.

  • Szabolcs Sallai


    I am experiencing a strange thing with regards to SSO JWT.

    My website references an embedded dashboard like:

    My login server gets the following request:

    The dashboard part is missing after the # character.

    Shouldn’t it be return_to=/app/main#/dashboards/5c66cbd72a66db0f1c4b6f11?embed=true&h=false


    Am I doing something wrong?




Post is closed for comments.