Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

selective user access #250

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

selective user access #250

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9450157
selective user access
rani2655 Jan 6, 2025
9d86b41
selective user access
rani2655 Jan 6, 2025
70e4bb2
selective user access
rani2655 Jan 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 8 additions & 3 deletions modules/ROOT/pages/selective-user-access.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,17 @@ If you have embedded ThoughtSpot content in your app, you may want to control ho
[#block-access]
== Control access to non-embedded content

If you have embedded ThoughtSpot using Visual Embed SDK v1.22.0 or later, the `blockNonEmbedFullAppAccess` property in the SDK is set to `true` by default. Due to this, your application users cannot access or navigate to the ThoughtSpot application experience outside the context of your app.
For ThoughtSpot releases 10.5.0.cl or earlier, if you have embedded ThoughtSpot using Visual Embed SDK v1.22.0 or later, the `blockNonEmbedFullAppAccess` property in the SDK is set to `true` by default. Due to this, your application users cannot access or navigate to the ThoughtSpot application experience outside the context of your app.

If you are not using Visual Embed SDK to embed ThoughtSpot, you can turn on the *Block non-embed full app access* feature on the *Develop* > *Customizations* > *Security Settings* page. This will restrict your users from opening non-embedded ThoughtSpot pages from their embedded app context. Note that this feature does not restrict ThoughtSpot users with administrator
or developer privileges from accessing ThoughtSpot pages.


[#selective-access]

== Selectively assign access [earlyAccess eaBackground]#Early Access#
== Selectively assign access

[earlyAccess eaBackground]#Early Access#

With the current implementation, if you have embedded ThoughtSpot content in your app, users can access only the ThoughtSpot pages embedded within the context of your host app.
Trying to give some users the ability to access the ThoughtSpot cluster requires giving every such user the administrator or developer privilege, which is not recommended.
Expand Down Expand Up @@ -58,7 +61,9 @@ Currently, there is no support for selective user access through the APIs.

[NOTE]
====
Users assigned this role via a group will be able to access the ThoughtSpot cluster even when `blockNonEmbedFullAppAccess = TRUE` in the SDK, just like the users with administrator or developer privilege. The selective user access granted through the *Security Settings* overrides the `blockNonEmbedFullAppAccess` SDK flag settings.
For ThoughtSpot releases 10.5.0.cl or earlier, users assigned this role via a group will be able to access the ThoughtSpot cluster even when `blockNonEmbedFullAppAccess = TRUE` in the SDK, just like the users with administrator or developer privilege. The selective user access granted through the *Security Settings* overrides the `blockNonEmbedFullAppAccess` SDK flag settings.

However, starting with ThoughtSpot Cloud 10.6.0.cl release, the `blockNonEmbedFullAppAccess` in the SDK will not be available to new ThoughtSpot embedded users.
====


Expand Down
Loading