Apache Superset embed Dashboard with Guest Token in DJango

I have the following setup. I'm running a Django Application with Postgres and Apache Superset on the same network (through docker-compose). The setup works fine; I can access my data (Postgres) from both the Django application and Superset.

I have created a dashboard in Superset with some data and want to embed it on a DJnago page. I have already enabled dashboard sharing and I can use an iFrame to do so. However, this works because I have an active tab in the same browser with Superset, which I'm logged in to.

If I go to another browser, the embedded Superset dashboard will show the login page. This is logical. However, how can manage a guest login from my Django application to the Superset so my users won't receive Superset's login page?

I've tried the following code, in which I'm using Superset Guest Token API, I managed to receive a token successfully but every time I'm going to access the following URL, I'm redirected to Superset's login page with a red message "Access Denied".

http://localhost:8088/superset/dashboard/1/?access_token=TOKEN/?standalone=4 <- 1 is the dashboard ID

import requests
import json

url = "http://127.0.0.1:8088/api/v1/security/login"
headers = {
  'Content-Type': 'application/json'
}
payload = json.dumps({
  "username": "guest_username",
  "password": "guest_password",
  "refresh": "true",
  "provider": "db"
})
response = requests.request("POST", url, headers=headers, data=payload)
ACCESS_TOKEN = response.json()["access_token"]
#print("ACCESS_TOKEN: " + ACCESS_TOKEN)

url = f"http://127.0.0.1:8088/api/v1/security/csrf_token"
headers = {
  'Content-Type': 'application/json',
  "Authorization": f"Bearer {ACCESS_TOKEN}"
}
response = requests.get(url, headers=headers)
CSRF_TOKEN = response.json()["result"]
#print("CSRF_TOKEN: " + CSRF_TOKEN)
CSRF_COOKIE= response.cookies.get_dict()
#print(CSRF_COOKIE)


url = 'http://127.0.0.1:8088/api/v1/security/guest_token/'
headers = {
  'Content-Type': 'application/json',
  "Authorization": f"Bearer {ACCESS_TOKEN}",
  "X-CSRFToken": f"{CSRF_TOKEN}",
  "Cookie": f"session={CSRF_COOKIE["session"]}"
}
payload = json.dumps({
  "resources": [
    {
      "type": "dashboard",
      "id": "1"
    }
  ],
  "rls": [],
  "user": {
    "first_name": "Guest",
    "last_name": "Account",      
    "username": "guest_account"
  }
})
response = requests.request("POST", url, headers=headers, data=payload, cookies=CSRF_COOKIE)
print(response.json()["token"])

Recent Questions & Answers

Intermittent server error in Django after upgrading to MySQL 8

Multiple different attachments using Gmail API in Django

How can I change the url of allauth AddEmailForm?

Issue with Saving Dynamic Formset Data on Frontend: Event Dates and Times Not Persisting

Tailwindcss v4 Grid columns

Django form label changes

How can I solve the Error in setup django project

how to delete delete OneToOneField of a model class in django

How to retrieve singleton model instance with DRF without having to provide id?

Should I reach into the Django _prefetched_objects_cache to solve an N+1 query?

Apache Superset embed Dashboard with Guest Token in DJango

Recent Questions & Answers

Recommended entries on the topic