Use Token Authentication With Embedded Oracle Analytics Cloud Content

Use the token authentication method when you want to authenticate to Oracle Analytics Cloud in the background, but don't want to use 3-Legged OAuth.

When you authenticate embedded Oracle Analytics canvases with tokens, no session cookies are created on the client. This avoids situations where browsers configured to block third-party cookies would block embedded Oracle Analytics content, meaning your content is displayed without having to reconfigure browsers or configure Oracle Analytics to use a vanity URL that has the same domain as the host embedding site. This benefit only applies to JavaScript framework embedding, and does not apply to embedding using a workbook URL.

Note:

Export to Excel does not work correctly when using token authentication with embedded Oracle Analytics Cloud content.

OAuth 2.0 Token Authentication

This authentication type requires a bearer token, obtained by an initial call to the Oracle Identity Cloud Service token REST API (oauth2/v1/token) with suitable parameters. For more information on how to obtain tokens and the options available for grant types, see Managing Authorization Using the API.

Note:

You must obtain the token with a user context. This means you can't use some grant types, such as the Client Credentials grant type, with embedded content.

Update the HTML page to allow for proper token authentication. For information about how to generate tokens, see Securing Authorizations in Oracle Cloud.

  1. In the HTML page, set the TOKEN parameter to true in the embedding.js script reference.
  2. Specify the security configuration type of token. Add the functions to retrieve the token to the application using the setSecurityConfig function. See the example below.

Example

This example uses an API to obtain the token. If your HTML page uses an API to obtain the token, then you must make the required API available.

Here project-path specifies the workbook's repository path. 

<!DOCTYPE html>
<html dir="ltr">
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
     <title>Standalone DV Embed Demo Using Token</title>
     <script src="https://<instance>.analytics.ocp.oraclecloud.com/public/dv/v1/embedding/<embedding mode>/embedding.js?TOKEN=true" type="application/javascript">
     </script>
   </head>
   <body>
     <B>Standalone embedded workbook test</B>
      <div style="width: calc(50% - 40px); height: 50%; border: 1px solid black; padding: 10px;" >
         <oracle-dv
            project-path="/@Catalog/Shared Folders/Embed/Embed Samples"
            active-page="canvas"
            active-tab-id="1">
         </oracle-dv>
      </div>

      <script>
         var token = '<token from identity management API>';
         requirejs(['jquery', 'knockout', 'obitech-application/application', 'ojs/ojcore', 'ojs/ojknockout', 'ojs/ojcomposite', 'jet-composites/oracle-dv/loader'],
  	    function($, ko, application) {
               application.setSecurityConfig("token", {tokenAuthFunction:
                  function(){
                     return token;
                  }
               });
               ko.applyBindings();
            }
	);
      </script>
   </body>
</html>