Generate a list of available dashboards for an embed user with the API

  • 22 March 2018
  • 4 replies
  • 479 views

Userlevel 4

Managing content access and surfacing relevant dashboards for an embedded Looker deployment can be complex, especially when you’re serving different dashboards to different groups of users. This article aims to make that experience easier by showing you how to leverage Looker’s API to programmatically build a list of dashboards that are permissioned to an embed user. This will ultimately help you build a UI that allows users to navigate to Looker content that is relevant to them, without hardcoding anything on your end.

 

Below, are a sequence of API calls that will ultimately return a list of dashboards available to the embed user. As you work through these steps, please consult Looker’s interactive API docs located in Admin > API.

 

 

A very important thing to keep in mind is that you will need to have first created the embed user before making these API calls. So if you have a new a user who’s never looked at a dashboard before, we recommend generating an SSO URL to an arbitrary dashboard for that user. You may then create an embed user with the appropriate permissions by making either a server- or client-side request to the SSO URL.

 

 

1) Authenticate to Looker’s API by sending a request to the /login endpoint:

 

Parameters to supply:

 


  • client_id
  • client_secret

Both of these can be set/found in Admin > Users > Your User Record

 

2) Make a GET request to the /users/credential/{credential_type}/{credential_id} endpoint to map the external_used_id from your SSO URL to the corresponding internal Looker user_id.

Parameters to supply in your request:

 


  • credential_type = ‘embed’
  • credential_id = your external_user_id in the SSO URL

Values to store from the response:

 


  • id: The Looker (internal) user_id

3) Make a POST request to the /login/{user_id} endpoint to authenticate as the embed user

Parameters to supply in your request:

 


  • user_id = the id value that you stored in your last request

 

Values to store from the response:

 


  • access_token: This token allows you to authenticate as that user and make API requests on their behalf.

 

4) Make a GET request to the /dashboards endpoint authenticated as the embed user.

You do not need to supply any parameters in this request, but you will need to attach the access_token to your request header. For example, in python the header will look like this: headers:{"Authorization":"token EMBED USER'S ACCESS_TOKEN"}

 

This request will output a list of dashboards to which the embed user has access.

 


4 replies

Userlevel 6
Badge

does this include lookml dashboards?

Userlevel 4

Hey Ian! Yup - LookML dashboards are included in the response of the final call to the /dashboards endpoint.

Userlevel 6
Badge

thanks v much!

Thanks for the post. We are currently using an in house middleware micro service to handle this. But this approach seems way more simpler.

Reply