GetDashboardEmbedUrl - Amazon QuickSight
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

GetDashboardEmbedUrl

Generates a temporary session URL and authorization code(bearer token) that you can use to embed an Amazon QuickSight read-only dashboard in your website or application. Before you use this command, make sure that you have configured the dashboards and permissions.

Currently, you can use GetDashboardEmbedURL only from the server, not from the user's browser. The following rules apply to the generated URL:

  • They must be used together.

  • They can be used one time only.

  • They are valid for 5 minutes after you run this command.

  • You are charged only when the URL is used or there is interaction with Amazon QuickSight.

  • The resulting user session is valid for 15 minutes (default) up to 10 hours (maximum). You can use the optional SessionLifetimeInMinutes parameter to customize session duration.

For more information, see Embedding Analytics Using GetDashboardEmbedUrl in the Amazon QuickSight User Guide.

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

Request Syntax

GET /accounts/AwsAccountId/dashboards/DashboardId/embed-url?additional-dashboard-ids=AdditionalDashboardIds&creds-type=IdentityType&namespace=Namespace&reset-disabled=ResetDisabled&session-lifetime=SessionLifetimeInMinutes&state-persistence-enabled=StatePersistenceEnabled&undo-redo-disabled=UndoRedoDisabled&user-arn=UserArn HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.

AdditionalDashboardIds

A list of one or more dashboard IDs that you want anonymous users to have tempporary access to. Currently, the IdentityType parameter must be set to ANONYMOUS because other identity types authenticate as Amazon QuickSight or IAM users. For example, if you set "--dashboard-id dash_id1 --dashboard-id dash_id2 dash_id3 identity-type ANONYMOUS", the session can access all three dashboards.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Length Constraints: Minimum length of 1. Maximum length of 512.

Pattern: [\w\-]+

AwsAccountId

The ID for the Amazon Web Services account that contains the dashboard that you're embedding.

Length Constraints: Fixed length of 12.

Pattern: ^[0-9]{12}$

Required: Yes

DashboardId

The ID for the dashboard, also added to the Amazon Identity and Access Management (IAM) policy.

Length Constraints: Minimum length of 1. Maximum length of 512.

Pattern: [\w\-]+

Required: Yes

IdentityType

The authentication method that the user uses to sign in.

Valid Values: IAM | QUICKSIGHT | ANONYMOUS

Required: Yes

Namespace

The Amazon QuickSight namespace that contains the dashboard IDs in this request. If you're not using a custom namespace, set Namespace = default.

Length Constraints: Maximum length of 64.

Pattern: ^[a-zA-Z0-9._-]*$

ResetDisabled

Remove the reset button on the embedded dashboard. The default is FALSE, which enables the reset button.

SessionLifetimeInMinutes

How many minutes the session is valid. The session lifetime must be 15-600 minutes.

Valid Range: Minimum value of 15. Maximum value of 600.

StatePersistenceEnabled

Adds persistence of state for the user session in an embedded dashboard. Persistence applies to the sheet and the parameter settings. These are control settings that the dashboard subscriber (Amazon QuickSight reader) chooses while viewing the dashboard. If this is set to TRUE, the settings are the same when the subscriber reopens the same dashboard URL. The state is stored in Amazon QuickSight, not in a browser cookie. If this is set to FALSE, the state of the user session is not persisted. The default is FALSE.

UndoRedoDisabled

Remove the undo/redo button on the embedded dashboard. The default is FALSE, which enables the undo/redo button.

UserArn

The Amazon QuickSight user's Amazon Resource Name (ARN), for use with QUICKSIGHT identity type. You can use this for any Amazon QuickSight users in your account (readers, authors, or admins) authenticated as one of the following:

  • Active Directory (AD) users or group members

  • Invited nonfederated users

  • IAM users and IAM role-based sessions authenticated through Federated Single Sign-On using SAML, OpenID Connect, or IAM federation.

Omit this parameter for users in the third group – IAM users and IAM role-based sessions.

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 Status Content-type: application/json { "EmbedUrl": "string", "RequestId": "string" }

Response Elements

If the action is successful, the service sends back the following HTTP response.

Status

The HTTP status of the request.

The following data is returned in JSON format by the service.

EmbedUrl

A single-use URL that you can put into your server-side webpage to embed your dashboard. This URL is valid for 5 minutes. The API operation provides the URL with an auth_code value that enables one (and only one) sign-on to a user session that is valid for 10 hours.

Type: String

RequestId

The Amazon request ID for this operation.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have access to this item. The provided credentials couldn't be validated. You might not be authorized to carry out the request. Make sure that your account is authorized to use the Amazon QuickSight service, that your policies have the correct permissions, and that you are using the correct credentials.

HTTP Status Code: 401

DomainNotWhitelistedException

The domain specified isn't on the allow list. All domains for embedded dashboards must be added to the approved list by an Amazon QuickSight admin.

HTTP Status Code: 403

IdentityTypeNotSupportedException

The identity type specified isn't supported. Supported identity types include IAM and QUICKSIGHT.

HTTP Status Code: 403

InternalFailureException

An internal failure occurred.

HTTP Status Code: 500

InvalidParameterValueException

One or more parameters has a value that isn't valid.

HTTP Status Code: 400

QuickSightUserNotFoundException

The user with the provided name isn't found. This error can happen in any operation that requires finding a user based on a provided user name, such as DeleteUser, DescribeUser, and so on.

HTTP Status Code: 404

ResourceExistsException

The resource specified already exists.

HTTP Status Code: 409

ResourceNotFoundException

One or more resources can't be found.

HTTP Status Code: 404

SessionLifetimeInMinutesInvalidException

The number of minutes specified for the lifetime of a session isn't valid. The session lifetime must be 15-600 minutes.

HTTP Status Code: 400

ThrottlingException

Access is throttled.

HTTP Status Code: 429

UnsupportedPricingPlanException

This error indicates that you are calling an embedding operation in Amazon QuickSight without the required pricing plan on your Amazon account. Before you can use embedding for anonymous users, a QuickSight administrator needs to add capacity pricing to Amazon QuickSight. You can do this on the Manage Amazon QuickSight page.

After capacity pricing is added, you can use the GetDashboardEmbedUrl API operation with the --identity-type ANONYMOUS option.

HTTP Status Code: 403

UnsupportedUserEditionException

This error indicates that you are calling an operation on an Amazon QuickSight subscription where the edition doesn't include support for that operation. Amazon Amazon QuickSight currently has Standard Edition and Enterprise Edition. Not every operation and capability is available in every edition.

HTTP Status Code: 403

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: