Embedded Analytics Security
Each Embed link contains information required for logging in to the bipp server. When a login is successful, the server returns an EmbedToken to the iframe. This embed token is used in all further communication between iframe and server. The embed token stores information including white listed domains, dashboard identifier and filters in encrypted form (AES 256). The EnbedToken can not be read by anyone.
Each embed link is associated with a website(s). Only websites white listed during the creation of the embed link can use link. Any other website trying to use the link is denied, with an authorization error.
Dynamic Embed links are created with the bipp rest API. You can write custom logic on the server side, choose the dashboard and pass filters while creating the embed links. Refer to Creating Dynamic Embed Links
IN THIS PAGE