Self-sign
If you would prefer to generate the JSON Web Tokens (JWTs) in your codebase, we have provided the definitions for each access token here in typescript notation.
Some of the concepts used here will be explained in the Vizzly Config
Create the dashboard access token
type DashboardAccessToken = {
// https://docs.vizzly.co/concepts/identity-config/access-type
accessType: 'standard' | 'admin';
organisationId: string;
// https://docs.vizzly.co/concepts/identity-config/user-reference
userReference: string;
// ISO 8601 format, including timezone offset
expires: string;
// https://docs.vizzly.co/concepts/identity-config/scope
scope?: 'read' | 'read_write';
// https://docs.vizzly.co/concepts/identity-config/parent-dashboard-ids
parentDashboardIds?: Array<string>
}
Create the data access token
type Filter = {
// ID of the field the secure filter uses.
field: string;
// An operator supported by your Query Engine.
op: string;
value: any;
};
type DataAccessToken = {
// https://docs.vizzly.co/concepts/identity-config/data-sets
dataSetIds: string[] | '*';
// https://docs.vizzly.co/concepts/identity-config/secure-filters
secureFilters: {
[dataSetId: string]: Filter[] | Filter[][];
};
// ISO 8601 format, including timezone offset
expires: string;
}
Create the query engine access token (optional)
It should only be generated with truthy values if the current user is in the engineering department and is permitted access to the Config Manager.
type QueryEngineAccessToken = {
// https://docs.vizzly.co/concepts/identity-config/database-schema-access
allowDatabaseSchemaAccess: boolean;
// Is the user allowed to preview the data in the tables?
allowDataPreviewAccess: boolean;
// ISO 8601 format, including timezone offset
expires: string;
}
Create the project access token (optional)
This token is used to grant access to specific project resources. For example, this is used with the Vizzly Query Engine to persist encrypted Vizzly configs to the Vizzly API.
type DashboardAccessToken = {
// https://docs.vizzly.co/concepts/identity-config/project-id
projectId: string;
// https://docs.vizzly.co/concepts/identity-config/project-resources
resources: Array<{
id: string;
scope: 'read' | 'read_write';
}>;
}
Create signed config
This token is a signed, valid Vizzly Config. You can send this to your Query Engine in the config header. This provides the ability to dynamically change the config depending on the customer by proxying Query Engine requests via your own servers to add this special header.