Multi-tenancy by using parameter filters

2:30 min
Medium

If you want to embed a dashboard that has access to a multi-tenant dataset which requires row-level filtering, you can apply parameter filters to the dataset and override these parameters when requesting an embed token for a specific user in your application. This is useful if you would like to maintain one dataset for all your clients and make sure that each of them only has access to their relevant data.


Step 1: Define the parameter filter on the dataset

In the video example below we specified a hierarchy array parameter "Customer" and applied it to the "Customer name" column in our "Sales Trends" dataset!


The different parameter types are explained in this Academy article, together with the specific filter expressions supporting these parameter types.

Step 2: Override the parameter in the embed authorization request

The parameter type also indicates how you should override the parameter in the authorization request:

  • Numeric - specify a number value (e.g. 1)
  • Datetime - specify a RFC 3339 date value enclosed in quotes (i.e. "yyyy-mm-ddThh:mm:ss.SSSZ")
  • Hierarchy - specify a text value enclosed in quotes (e.g. "Text")
  • [ ] Numeric array (indicated by 'Numeric[ ]') - specify an array of number values (e.g. [1])
  • [ ] Hierarchy array (indicated by 'Hierarchy[ ]') - specify an array of text values (e.g. ["Text"])

An example of the complete embed token authorization request using our Node.js SDK can be found below:
(Notice that in this example we've specified a parameter override for the hierarchy array parameter Customer)

const Luzmo = require('@luzmo/nodejs-sdk');
var client = new Luzmo({
    api_key: '< Your API key >',
    api_token: '< Your API token >'
  });

let promise = client.create('authorization', {
  type: 'embed',
  access: {
  collections: [
   {
   id: '<collection ID>',
   inheritRights: 'use'
            }
      ]
  },
  username: '12345678',
  suborganization: 'Burrito Co.',
  name: 'Embed user',
  email : 'embed_user@luzmo.com',
  parameter_overrides: {
    Customer: ['<Customer names visible to user 12345678>']
  }
});

promise.then((result) => {
  // result.id contains the embed authorization key,
  // result.token contains the embed authorization token.
});

Parameters in dashboard editor

You might have noticed that parameters can also be created and used in filters in our dashboard editor: this actually helps you in getting a preview of how the dashboard would look like for your end user. You can easily prefilter your dashboard(s)/chart(s) which also improves the querying performance!
Do keep in mind that parameterized filters on the dashboard-level can be altered/removed by an embed user with modify access to the dashboard; o in case you are giving edit rights to your users, make sure to always put the filter on the dataset as well! Besides that, dashboard (parameter) filters are only applied when the dataset is queried within the dashboard's context; if you give at least "can use" access to your dataset(s) in the Embed authorization request, the Embed key-token pair can be used to query data via the Data API Service which would result in the dashboard (parameter) filters not being applied.

overridefiltersmulti-tenancymulti-tenantparametersembed
Previous
Next

Need more information?

Do you still have questions? Let us know how we can help.
Send us feedback!

Course Outline

Embed into your application
Multi-tenant dashboards
Diving deeper into the Embedded Dashboard Editor
Additional features
Increase user engagement