You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: references/embedding.mdx
+29Lines changed: 29 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,6 +22,35 @@ This document provides complete API reference for JWT structure and configuratio
22
22
23
23
Embedded Lightdash content is available to view by anyone (not just folks with a Lightdash login). Content is secured using JWT (JSON Web Tokens) with configurable expiration times.
24
24
25
+
## Minimum required endpoints for embedding
26
+
27
+
If you're running Lightdash behind a reverse proxy or firewall, the following endpoints must be whitelisted for embedding to work. The embed system uses JWT-based authentication via the `Lightdash-Embed-Token` HTTP header, separate from Lightdash's session-based auth.
28
+
29
+
### SPA entry point and static assets
30
+
31
+
| Endpoint | Description |
32
+
|----------|-------------|
33
+
|`/embed/*`| SPA entry point that serves the embed UI |
| GET |`/api/v2/projects/*/query/*`| Query result polling and pagination |
47
+
| POST |`/api/v2/projects/*/query/*`| Query execution |
48
+
| GET |`/api/v2/feature-flag/*`| Runtime feature toggles |
49
+
50
+
<Info>
51
+
All API endpoints except `/api/v1/health` require JWT authentication via the `Lightdash-Embed-Token` header. The JWT scopes access to only the specific dashboard/chart and project in the token.
52
+
</Info>
53
+
25
54
## Known limitations
26
55
27
56
- Embedding only works for dashboards and charts directly. To embed explores, use the `canExplore` flag in a dashboard.
![mintlify[bot]](https://avatars.githubusercontent.com/in/222410?v=4&size=40){kind=avatar}
0 commit comments