curl -X POST / --header 'Content-Type: application/json' / --header 'Accept: application/json' / --header 'X-Requested-By: ThoughtSpot' 'https://[address]/callosum/v1/tspublic/v1/searchdata?query_string=%5Brevenue%5D%20by%20%5Bshipmode%5D&data_source_guid=7466f3c5-95a5-44b9-a17d-9cc5fad495ee&batchsize=-1&pagenumber=-1&offset=-1&formattype=COMPACT'
This article helps you to troubleshoot the common problems that you might encounter when setting up or using an embedded ThoughtSpot instance. For additional help and guidance from ThoughtSpot Support, visit our Community site.
CORS and CSP🔗
Refused to frame "<your-site-url>"… error message🔗
Error: When I try to embed in my app, I get the error
Refused to frame "<your-site-url>" because an ancestor violates the following Content Security Policy directive.
Cause: This error occurs when a host app domain is not added to the CSP and CORS allowlists.
How to fix: Add your host app domain as a CSP visual embed host and enable CORS on the Develop > Customizations > Security Settings page.
The CORS allowlist does not allow wildcard (*) for domain URL🔗
Error: The CORS allowlist does not allow wildcard(*) expression for domain URLs.
Cause: This error occurs because ThoughtSpot does not support wildcard expression for domain URLs in the CORS allowlist.
How to fix: Specify the domain URL string in the supported format. For a complete list of allowed domain URL strings for CORS and CSP allowlists, see Security settings.
Cannot open my embedded app in Safari🔗
Error: Unable to access the embedded app on Safari
Cause: This error may occur if third-party cookies are blocked.
How to fix: By default, Safari does not allow third-party cookies.
If the third-party cookies are blocked, the SDK triggers the
NoCookieAccess event. Check the console log.
To resolve this issue:
Allow cookies on Safari to view the embedded app.
To ensure that embedding works on browsers that block third-party cookies, you can set the domain name of your ThoughtSpot instance to the same domain as your host application. If you want to customize the domain name, contact ThoughtSpot Support.
Error: My account is locked and I am unable to log in to the app with my SSO credentials.
Cause: Are you using token-based authentication? In a token-based authentication deployment, this error may occur if a user’s login token has expired. If a user makes multiple attempts to log in to ThoughtSpot using an invalid or expired token, they may get locked out of their accounts.
How to fix: Set the
getAuthToken function in the SDK to return a fresh token for each re-login.
The login page shows up each time a user session expires🔗
Error: The embedded UI prompts me to re-login after a session timeout.
Cause: This error may occur if
autoLogin is disabled in the SDK.
How to fix: If you are using the token-based authentication method, the SDK automatically logs in users after their user session has expired. Make sure the
autoLogin attribute is set to
true in the SDK.
The login prompt shows up for authenticated users🔗
Error: I have logged in to my application instance, but the login page shows up when I try to access the developer Playground.
Cause: This error may occur if session cookies are not enabled on your web browser.
How to fix: Check if third-party cookies are enabled on your web browser. Browsers such as Safari block third-party cookies by default. If you are accessing your application on Chrome in incognito mode, allow third-party cookies.
The login token request returns the 500 response code🔗
Error: ThoughtSpot returns the
500 error code for a session login token request.
Cause: This error may occur due to an invalid
How to fix: Check if the
username sent in the API request matches the name of the user in ThoughtSpot.
Check if trusted authentication is enabled on ThoughtSpot. Make sure the
secrete_key being sent in your API request is valid.
For more information, see Trusted authentication.
SAML SSO authentication errors🔗
In most cases, SAML authentication errors occur due to incorrect IdP settings and invalid SAML authentication attributes. To resolve these issues:
Make sure SAML authentication support is configured without errors on your ThoughtSpot instance.
Check if the attributes, such as a user’s email address, display name, and username are mapped correctly in your IdP configuration. For example, if you are using Okta as your IdP, you must map the
userPrincipalNamein Okta to
NameId. Similarly, you can map the email attribute value to
Make sure your SAML redirect domain is added to the allowlist.
Check if the
authTypeproperty and SAML authentication attributes in the SDK are configured correctly.
For SAML authentication, you must set the
If you are using Visual Embed SDK version 1.17.0 or later, you can set
You can also set redirection parameters in the SDK to handle SAML redirect scenarios. For more information, see SAML redirection.
If embedding ThoughtSpot objects in an iFrame, configure your IdP to allow iframe embedding.
URL custom actions don’t work on my app🔗
Error: When I click the URL action, ThoughtSpot UI displays the URL action failed error message.
Cause: This error occurs when the target URL of the URL action is not allowed to establish connections due to CSP restrictions.
How to fix: Check the target domain name configured in the URL action. Make sure it’s reachable.
Check with your administrator to know if the target URL is added to the CSP connect-src domain allowlist. If you have administrator access, you can update the CSP allowlist on the Develop > Customizations > Security Settings page.
Liveboard filters do not work🔗
Error: When I open Liveboard filters, they are grayed out and I can’t edit them.
Cause: This issue may occur if you do not have edit access to the Liveboard or at least view access to its underlying data.
How to fix: Check if you have edit access to the Liveboard and can view its data source. If you do not have edit access to the Liveboard, click the lock icon and request access from the Liveboard owner.
I set a Runtime filter on a Liveboard, but I don’t see it on the Liveboard🔗
Runtime filters are applied at runtime and do not show up in the Filter bar.
Runtime filters are applied separately from the visible Liveboard filters. Therefore, when you apply these filters together, the conditions for both must be true for data to appear.
For example, if
Store Region is set to
west, southwest in the Liveboard filter, and you set runtime filter of
Store Region as
east, you will get the No data found error because the total filter condition is
Store Region IN ('west', 'southwest') AND Store Region = 'east', which results in an error.
ThoughtSpot navigation bar shows in the embedded mode🔗
Error: When I embed the full ThoughtSpot application in my app, the top navigation bar shows up.
Cause: This issue occurs if you have enabled the
showPrimaryNavbar property in the SDK.
How to fix: Set the
showPrimaryNavbar attribute in the Visual Embed SDK to
My API request returns the 401 error code🔗
Error: When I send an API request, the ThoughtSpot server returns the 401 error code in response.
Cause: This issue occurs if you do not have the required privileges to create or modify the data objects.
Unable to embed a Liveboard using REST API🔗
To embed a Liveboard using REST APIs, you must have at least view access to the Liveboard. To modify or enhance the Liveboard, you require edit privileges.
If you have the required privileges and still get an error, perform the following checks:
The Liveboard and visualization GUIDs passed in the API request body are valid.
Your application domain is added as a CORS host.
The Search Data REST API call returns an error🔗
Error: When I try to use the Search Data REST API, I get the error
Cannot create Answer from empty query.
How to fix: Check the request URL and verify the query string. Try removing the
-d [parameters] option and append the query string to the end of the URL as shown here: