Add Authentication to an Application or Web Page Containing Embedded Oracle Analytics Content

Use Login Prompt Authentication With Embedded Oracle Analytics Content

Login prompt authentication is the default authentication method for Oracle Analytics content embedded in a web application or portal web page.

When users access embedded analytics content, they're presented with a login screen where they enter login name and password before they can view data. If there is no common identity management between Oracle Analytics and the web application or portal web page, then users are presented with this login screen, even if they've already logged in to the web application or portal web page containing the embedded analytics content

Customize the Login Prompt Authentication Message

Add attributes to the <oracle-dv> tag to customize the login prompt authentication messages. The following attributes are supported:

auth-message-prefix: Specifies the prefix text for the login message. The default value is "Oracle Analytics".
auth-message-link: Specifies the text for the login link. The default value is "Login".
auth-message-suffix: Specifies the suffix text for the login message. The default value is "Required".
auth-needed-message: Specifies the text for the authentication needed message. The default value is "Requires Authentication".
auth-message-prefix-small: Specifies the prefix text for the login message. The default value is "Oracle Analytics". Applicable only if the embedded container size is smaller than 215 pixels.
auth-message-link-small: Specifies the text for the login link. The default value is "Login". Applicable only if the embedded container size is smaller than 215 pixels.
auth-message-suffix-small - Specifies the suffix text for the login message. The default value is the empty string. Applicable only if the embedded container size is smaller than 215 pixels.
auth-needed-message-small: Specifies the text for the authentication needed message. The default value is "Requires Authentication". Applicable only if the embedded container size is smaller than 160 pixels.

Use 3-Legged OAuth Authentication With Embedded Oracle Analytics Content

Use the 3-Legged OAuth authentication method when embedding Oracle Analytics content into a portal or web application that already uses its own method of authentication.

For a seamless user experience, the custom web page and Oracle Analytics must use the same authentication provider. So in the case of a third-party web application, it would either need to use the same Oracle Cloud authentication provider as Oracle Analytics (that is, the same Oracle Identity Cloud Service instance or Oracle Cloud Infrastructure Identity and Access Management (IAM) identity domain), or Oracle Analytics needs to be federated to the third-party authentication provider.

To allow for proper authentication, you must specify the 3-Legged OAuth parameter for all server requests.

Set the IDCS_OAUTH3LEGGED parameter to true in the embedding.js script reference.
Specify the security configuration type of oauth_3legged to the application using the setSecurityConfig function.

Example

Here project-path specifies the workbook's repository path.

<!DOCTYPE html>
<html dir="ltr">
    <head>
        <script src=""https://<instance>.analytics.ocp.oraclecloud.com/public/dv/v1/embedding/<embedding_method>/embedding.js?IDCS_OAUTH3LEGGED=true" type="application/javascript">
        </script>
    </head>
    <body>
        <div style="position: absolute; width: calc(100% - 40px); height: calc(100% - 120px)" >
            <oracle-dv project-path="/shared/Embed/Embed Samples">
            </oracle-dv>
        </div>
    <script>
      requirejs(['jquery', 'knockout', 'obitech-application/application', 'ojs/ojcore', 'ojs/ojknockout', 'ojs/ojcomposite', 'jet-composites/oracle-dv/loader'], function($, ko, application) {
      application.setSecurityConfig("oauth_3legged");
      ko.applyBindings();
      });
     </script>
    </body>
</html>

Use Token Authentication With Embedded Oracle Analytics Content

Use the token authentication method when you want to authenticate to Oracle Analytics in the background, but don't want to use 3-Legged OAuth.

Update the HTML page to allow for proper token authentication. For information about how to generate tokens, see Securing Authorizations in Oracle Cloud.

In the HTML page, set the TOKEN parameter to true in the embedding.js script reference.
Specify the security configuration type of token. Add the functions to retrieve the token to the application using the setSecurityConfig function. See the example below.

Example

This example uses an API to obtain the token. If your HTML page uses an API to obtain the token, then you must make the required API available.

Here project-path specifies the workbook's repository path.

<!DOCTYPE html>
<html dir="ltr">
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
     <title>Standalone DV Embed Demo Using Token</title>
     <script src="https://<instance>.analytics.ocp.oraclecloud.com/public/dv/v1/embedding/<embedding mode>/embedding.js?TOKEN=true" type="application/javascript">
     </script>
   </head>
   <body>
     <B>Standalone embedded workbook test</B>
      <div style="width: calc(50% - 40px); height: 50%; border: 1px solid black; padding: 10px;" >
         <oracle-dv
            project-path="/@Catalog/shared/Embed/Embed Samples"
            active-page="canvas"
            active-tab-id="1">
         </oracle-dv>
      </div>

      <script>
         var token = “<token from identity management API>";
         requirejs(['jquery', 'knockout', 'obitech-application/application', 'ojs/ojcore', 'ojs/ojknockout', 'ojs/ojcomposite', 'jet-composites/oracle-dv/loader'],
  	    function($, ko, application) {
               application.setSecurityConfig("token", {tokenAuthFunction:
                  function(){
                     return token;
                  }
               });
               ko.applyBindings();
            }
	);
      </script>
   </body>
</html>