Explains what the feature is or what its benefits are to the user or customer.
Your web page needs to authenticate by calling
window.thoughtspot.initialize and waiting for the
onInitializationCallback to be called before embedding any ThoughtSpot visualizations or making any ThoughtSpot REST API calls.
window.thoughtspot.initializecan cause the entire Web page to be re-directed to your Identity Provider (IDP). This implies that you may not execute any of your application logic before
window.thoughtspot.initializehas called your callback, because any possible redirection could interfere with your application logic. The recommended way of achieving this is to:
- Place the JS API in the
<head>section of the HTML on your Web page.
- Ensure that the JS API script tag is the first script to be loaded in the page.
- Ensure that you don’t embed any static ThoughtSpot visualizations in your HTML. In other words, you should generate the ThoughtSpot visualizations dynamically after
window.thoughtspot.initializehas called your callback.
onAuthenticationExpiredCallback is only available if you have at least one ThoughtSpot visualization iframe in your web page.
To enable the JS API:
window.thoughtspot.initialize(onInitializationCallback, onAuthenticationExpiredCallback, <Hostname_or_IP>)For example:
- Set up CORS (Cross-Origin HTTP Request) to control what domains are allowed to use this code to authorize users:
- Log in to the Linux shell using SSH.
- Issue the command to set the domains that will be allowed to access ThoughtSpot using the JS API using this syntax:
echo "https?://(localhost|.*:443)" | tscli --adv config set --key "/config/nginx/corshosts"When supplying an IP address, you have to escape the dots with a triple backslash (\) as shown in this example:
$ echo "https?://(localhost|10\\\.77\\\.20\\\.87:443)" | tscli --adv config set --key "/config/nginx/corshosts"Note: By default this value is set to empty, to disallow any cross domain access. When this value is changed, the nginx service will be restarted automatically to reflect the change.
- Now you're ready to either embed a visualization or use the REST API to get data from ThoughtSpot and display it within your Web page or application.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
If this happens, go back to the step in this procedure where you set up CORS.