AuthType

AuthType

The authentication mechanism for allowing access to the the embedded app

Index🔗

Basic

EmbeddedSSO

None

OIDCRedirect

SAMLRedirect

TrustedAuthToken

TrustedAuthTokenCookieless

Enumeration members🔗

Basic🔗

Basic:= "Basic"

Use the ThoughtSpot login API to authenticate to the cluster directly.

Warning: This feature is primarily intended for developer testing. It is strongly advised not to use this authentication method in production.

Defined in : types.ts

EmbeddedSSO🔗

EmbeddedSSO:= "EmbeddedSSO"

Passthrough SSO to the embedded application within the iframe. Requires least configuration, but may not be supported by all IDPs. This will behave like None if SSO is not configured on ThoughtSpot.

To use this: Your SAML or OpenID provider must allow iframe redirects. For example, if you are using Okta as IdP, you can enable iframe embedding.

Defined in : types.ts

init({
  // ...
  authType: AuthType.EmbeddedSSO,
 });

version: : SDK: 1.15.0 | ThoughtSpot: 8.8.0.cl

None🔗

None:= "None"

No authentication on the SDK. Passthrough to the embedded App. Alias for Passthrough.

Defined in : types.ts

init({
  // ...
  authType: AuthType.None,
 });

OIDCRedirect🔗

OIDCRedirect:= "SSO_OIDC"

SSO using OIDC Will make the host application redirect to the OIDC IdP. See code samples in AuthType.SAMLRedirect.

Defined in : types.ts

SAMLRedirect🔗

SAMLRedirect:= "SSO_SAML"

SSO using SAML Makes the host application redirect to the SAML IdP. Use this if your IdP does not allow itself to be embedded.

This redirects the host application to the SAML IdP. The host application will be redirected back to the ThoughtSpot app after authentication.

Defined in : types.ts

init({
  // ...
  authType: AuthType.SAMLRedirect,
 });

This opens the SAML IdP in a popup window. The popup is triggered when the user clicks the trigger button. The popup window will be closed automatically after authentication.

init({
  // ...
  authType: AuthType.SAMLRedirect,
  authTriggerText: 'Login with SAML',
  authTriggerContainer: '#embed-container',
  inPopup: true,
});

Can also use the event to trigger the popup flow. Works the same as the above example.

const authEE = init({
 // ...
 authType: AuthType.SAMLRedirect,
 inPopup: true,
});

someButtonOnYourPage.addEventListener('click', () => {
 authEE.emit(AuthEvent.TRIGGER_SSO_POPUP);
});

TrustedAuthToken🔗

TrustedAuthToken:= "AuthServer"

Trusted authentication server. Use your own authentication server which returns a bearer token, generated using the secret_key obtained from ThoughtSpot.

Defined in : types.ts

init({
 // ...
 authType: AuthType.TrustedAuthToken,
 getAuthToken: () => {
   return fetch('https://my-backend.app/ts-token')
     .then((response) => response.json())
     .then((data) => data.token);
 }
});

TrustedAuthTokenCookieless🔗

TrustedAuthTokenCookieless:= "AuthServerCookieless"

Trusted authentication server Cookieless, Use your own authentication server which returns a bearer token, generated using the secret_key obtained from ThoughtSpot. This uses a cookieless authentication approach, recommended to bypass the third-party cookie-blocking restriction implemented by some browsers.

Defined in : types.ts

Version : SDK: 1.22.0| ThoughtSpot: 9.3.0.cl, 9.5.1.sw

init({
 // ...
 authType: AuthType.TrustedAuthTokenCookieless,
 getAuthToken: () => {
   return fetch('https://my-backend.app/ts-token')
     .then((response) => response.json())
     .then((data) => data.token);
 }