Let us take a closer look at the SSO Embedding Looker Content in Web Application. With the support of our GCP support services at the Bobcares we can give you a complete overview of the process.

Prerequisites for SSO Embedding Looker Content in Web Application

Here, we will primarily focus on Single-Sign-On (SSO) Embedding, including how to construct the Signed URL and the benefits and drawbacks of Single-Sign-On (SSO) Embedding. When we want the host application to handle user authentication and authorization, single-sign-on (SSO) is often preferable.

Prerequisites for SSO Embedding Looker Content in Web Application

To work with embedding in Looker, you should be familiar with combining the frontend and backend applications. We need a Looker instance with Admin access for SSO Embedding. To make this option visible to users, the looker admin must enable the embedded option in the administration panel.

Using the Embed Secret Key to generate the Signed URL

Let us now look at how to produce the Secret Key, create the Embed URL, and test the created URL:

Step 1: Make the Looker’s Secret Key:

To ensure that the SSO embedding request is genuine and not a forgery for SSO Embedding Looker Content in Web Application, we’ll need to produce a “embed secret” first. To accomplish this:

1. In the left corner, navigate to the ‘Admin’ Section -> Under ‘Find a setting,’ search ‘Platform,’ and then click on Embed page.
2. Click Update after selecting Enabled from the Embed SSO Authentication drop-down.
3. To create the embed secret, click the Reset Secret button. Make a duplicate of this secret and keep it somewhere safe, because we won’t be able to get it back from Looker without resetting it. Any embeds that used the old key will be broken if the key is reset.

Note that anybody who has access to the secret key can establish a URL that allows them to access any model to which the Looker instance is attached, as any user with any permission. If we are not utilizing SSO Embedding, disable it.

Step 2: Building the Embed URL:

Enable SSO Authentication for SSO Embedding Looker Content in Web Application

Building the right URL will necessitate the creation of code to properly encode the URL with the secret key.

Copy the secret to a safe place because we won’t be able to get it back from Looker without resetting the key, and resetting the key would ruin any embeds that utilize the old key.

We may create an SSO URL using the Python script. Looker has public scripts accessible in a number of languages. After this process we can move to the next step in SSO Embedding Looker Content in Web Application setup.

To build the Embed SSO URL, follow the steps below:

• Firstly, create a blank file for the script: python example.py.
• Then, copy the Looker embed SSO script and paste it into the newly formed file.
• After that, we only need to change the URL data part of the code now.
• Enter the Looker instance’s hostname without the HTTPS.
• Copy and paste the embed secret created.
• nonce: Any random string, but it must be fewer than 255 characters and cannot be repeated within an hour. This stops an attacker from re-submitting a valid user’s URL to obtain the information they should not have.
• time: The current time in UNIX timestamp format.
• Permission: The set of permissions that the user should have.
• models: The list of model names the user should have access to. Go through all of these steps to ensure a smooth SSO Embedding Looker Content in Web Application setup.
• external_user id: whatever arbitrary id we want to assign.
• external_group id: The external group ID is a unique identifier for the group to which the user belongs as well as the application in which Looker is embedded. The external group id will establish a folder in which people who share the same ID can exchange items.
• Access_filter: Add any user traits or access filters that a user should have. This argument will be left blank.
• session_length: It is pre-set and we cannot be modify it unless we want to.
• embed_url: Finally, the embed URL for the item we’re embedding is placed here, and the embed URL was produced in previous phases.
• force_logout_login: If set to true, a regular user can access an SSO embedded item using their current credentials if they are already signed in to Looker.
• Finally, save the modifications and run the Python script -> the script will produce the URL -> paste the URL script output into the browser.

Step 3: Testing the Embed URL:

To validate the final URL, enter it into the Embed URI Validator on Looker’s Admin page’s Embed page.

While this option cannot tell us if the data and permissions we want are successfully set up, it may confirm that the authentication operation is accurate.

We can test the URL we generated for Looker’s Single Sign-on Embedding functionality by copying it into the Embed URI Validator box and selecting Test URI. If the SSO embed URL is legitimate, the URI validator will provide a message.

[Need assistance with similar queries? We are here to help]

Conclusion

To sum up we have now gone through how to set up SSO Embedding Looker Content in Web Application. With the support of our GCP support services, we have gone through all of the configuration steps for the process.