diff --git a/modules/ROOT/pages/abac_rls-variables.adoc b/modules/ROOT/pages/abac_rls-variables.adoc index 29e167013..13155c0cf 100644 --- a/modules/ROOT/pages/abac_rls-variables.adoc +++ b/modules/ROOT/pages/abac_rls-variables.adoc @@ -109,7 +109,7 @@ To define RLS rules with variables for a Table: . Navigate to the Data workspace and click the Table for which to define RLS rules. . Click *Row security* and then click *+ Add row security*. -. In the *Row Security Editor*, define the rules. To reference the formula variable in the rule, use the `ts_var` function. For example, If you want to limit user access to data of a specific region, you can create a region-specific variable, `region = ts_var('region_var')`, and assign values in the token request. +. In the *Row Security Editor*, define the rules. To reference the formula variable in the rule, use the `ts_var` function. For example, If you want to limit user access to data of a specific region, you can create a region-specific variable, `region = ts_var(region_var)`, and assign values in the token request. === RLS rule with a single variable reference @@ -117,7 +117,7 @@ To define RLS rules with variables for a Table: In this formula example, `country` refers to the "country" column in the data table, and `country_var` is the variable. ---- -country = ts_var('country_var') +country = ts_var(country_var) ---- If `country_var` is assigned a single value, the user is permitted to view only rows where the `country` column matches that value. @@ -130,20 +130,20 @@ The RLS rules support the `AND` operator, which means that you can combine multi The following rule restricts data access to rows if the `country` column in the data table matches the value assigned to `country_var` and the `Department` column matches the value assigned to `department_var` for that user. ---- -country = ts_var('country_var') AND Department = ts_var('department_var') +country = ts_var(country_var) AND Department = ts_var(department_var) ---- The rule in this example restricts data access to rows where the `region` column in the table matches the value assigned to `region_var` and the `product` column matches the value assigned to `product_var`. ---- -region = ts_var('region_var') AND product = ts_var('product_var') +region = ts_var(region_var) AND product = ts_var(product_var) ---- === Allow all rule with a TS_WILDCARD_ALL variable In this example, `customer` represents the column `customer` in the table and `customer_var` represents variable. If the value of the customer_var variable is set to `TS_WILDCARD_ALL`, the user can access all customers in the column. ---- -customer = ts_var('customer_var') +customer = ts_var(customer_var) ---- === Group override rule with variable-based check @@ -152,7 +152,7 @@ In any security formula you build, you may want a clause that gives access to al In this example, users can access data if they are in the "data developers" group, or if the `Department` column matches the value assigned to their `department_var` variable. ---- -'data developers' in ts_groups OR Department = ts_var('department_var') +'data developers' in ts_groups OR Department = ts_var(department_var) ---- ==== Variables with numeric and Date data types @@ -160,13 +160,13 @@ In this example, users can access data if they are in the "data developers" grou The following rule enforces a numeric threshold and restricts access to rows where the Revenue value is less than or equal to the value provided by the `revenue_cap_var` variable. ---- -Revenue <= to_double(ts_var('revenue_cap_var')) +Revenue <= to_double(ts_var(revenue_cap_var)) ---- The following rule restricts access to rows where the `date_column` is within the range defined by the `start_date_var` and `end_date_var` variables. Only rows with dates greater than or equal to the start date and less than or equal to the end date specified for these variables will be visible for the user. ---- -(date_column >= ts_var('start_date_var')) AND (date_column <= ts_var('end_date_var')) +(date_column >= ts_var(start_date_var)) AND (date_column <= ts_var(end_date_var)) ---- == Create an ABAC token request with variable attributes @@ -362,8 +362,7 @@ ABAC details are sent in a JWT that can be used as a bearer token for cookieless ==== === Verify the variable assignment - -To verify the variable assignment, use the `POST /api/rest/2.0/users/search` API call and check `variable_values` in the user properties in the API response. +To retrieve user information and object properties, you can use the `POST /api/rest/2.0/users/search` API call. To include variable details in the response, set the `include_variable_values` parameter to `true` in the API request body. This allows you to fetch variable values associated with the user in the specified context. [source,JSON] ---- @@ -395,7 +394,10 @@ To verify the variable assignment, use the `POST /api/rest/2.0/users/search` API } ---- -To verify the security entitlements, start a user session using the JWT and inspect the generated SQL for your query or visualization. +You can also use the `POST /api/rest/2.0/template/variables/search` API call to xref:variables.adoc#_get_variables[get the list of variables] assigned to a specific user, Org, and Model. + +==== Updating variable values for a user +To update variable values for a user, you can use the `/api/rest/2.0/template/variables/update-values` endpoint, or `/api/rest/2.0/auth/token/custom` endpoint when logging in the user. Do not use the `/api/rest/2.0/users/{user_identifier}/update` endpoint, as it does not support updating variable values. == Verify the entitlements To verify the entitlements: diff --git a/modules/ROOT/pages/api-changelog.adoc b/modules/ROOT/pages/api-changelog.adoc index c933ec744..4022f96ea 100644 --- a/modules/ROOT/pages/api-changelog.adoc +++ b/modules/ROOT/pages/api-changelog.adoc @@ -1064,7 +1064,7 @@ The earlier versions of the SDK supported only `GET` API requests. For more info |==== |[tag greenBackground]#NEW FEATURE#| This version of Visual Embed SDK includes the `enableSearchAssist` attribute, using which you can turn on the Search Assist feature on an embedded instance. + -For more information, see xref:search-assist-tse.adoc[Enable Search Assist, window=_blank]. +//For more information, see xref:search-assist-tse.adoc[Enable Search Assist, window=_blank]. |[tag greenBackground]#NEW FEATURE#| The new version of SDK introduces the `AuthType.SAML` enum for SAML-based SSO authentication. Note that `AuthType.SAML` replaces the `AuthType.SSO` enum, which is deprecated in the v1.13.0 version of the SDK. + For more information, see xref:embed-authentication.adoc#saml-sso-embed[Authentication]. |[tag redBackground]#DEPRECATED#| The `AuthType.SSO` enum is deprecated in v1.13.0. ThoughtSpot recommends using `AuthType.SAML` for the SAML SSO authentication method. + diff --git a/modules/ROOT/pages/deploy-with-tml-apis.adoc b/modules/ROOT/pages/deploy-with-tml-apis.adoc index eee2a74a3..ffad32d04 100644 --- a/modules/ROOT/pages/deploy-with-tml-apis.adoc +++ b/modules/ROOT/pages/deploy-with-tml-apis.adoc @@ -81,7 +81,7 @@ The process for exporting TML files into source control is: . Use `/metadata/tml/export` endpoint in REST API v1 or v2.0 with `export_fqns=true` argument and `formmattype=YAML` to retrieve the TML of the object . Save the TML response strings to disk in a Git-enabled directory using a consistent name format -You can use the link:https://thoughtspot.github.io/cs_tools/scriptability/[CS Tools, window=_blank] package for a pre-built tool for programmatic exporting or build your own equivalent using the link:https://github.com/thoughtspot/thoughtspot_rest_api_v1_python[thoughtspot_rest_api_v1 Python library, window=_blank]. +You can use the link:https://thoughtspot.github.io/cs_tools/[CS Tools, window=_blank] package for a pre-built tool for programmatic exporting or build your own equivalent using the link:https://github.com/thoughtspot/thoughtspot_rest_api_v1_python[thoughtspot_rest_api_v1 Python library, window=_blank]. === Best practices with TML export API The `formattype` argument can be set to `YAML` or `JSON`. diff --git a/modules/ROOT/pages/embed-ai-analytics.adoc b/modules/ROOT/pages/embed-ai-analytics.adoc index 91109f804..1641ce495 100644 --- a/modules/ROOT/pages/embed-ai-analytics.adoc +++ b/modules/ROOT/pages/embed-ai-analytics.adoc @@ -61,7 +61,7 @@ a| * Supported data object is Model Visual Embed SDK provides several configuration settings and controls for customizing Spotter embed view: * Configuration properties that enable or disable features. -For more information, see xref:_spotterembedviewconfig.adoc[SpotterEmbedViewConfig] and xref:SpotterAgentEmbedViewConfig.adoc[SpotterAgentEmbedConfig] +For more information, see xref:SpotterEmbedViewConfig.adoc[SpotterEmbedViewConfig] and xref:SpotterAgentEmbedViewConfig.adoc[SpotterAgentEmbedConfig] * The action customization framework to show or hide actions in the embedded view + For more information, see xref:Action.adoc[Action] and xref:embed-action-ref.adoc[Action IDs in the SDK] * Event handlers for host and embed app interaction + diff --git a/modules/ROOT/pages/full-app-customize.adoc b/modules/ROOT/pages/full-app-customize.adoc index 8fb5f3670..a63084aa0 100644 --- a/modules/ROOT/pages/full-app-customize.adoc +++ b/modules/ROOT/pages/full-app-customize.adoc @@ -46,33 +46,22 @@ A dynamic left navigation menu that adjusts its contents according to the applic |===== -- -//// -[width="100%", cols="2,8,8,8"] -[options='header'] -|===== -||V1 (Legacy) |V2 experience |V3 experience - -|Navigation style a|* Top navigation bar for application menu. + -* Separate left navigation panels only for specific application context, such as *Data*, *Admin* and *Develop* modules a| -* Persona-based app selector on the top navigation bar + -* A separate left navigation panel for each persona-based application context a| -* Sliding left navigation panel -* Persona-based tabs on the left panel to switch between application context. -* Separate left navigation panel for each application context. -|Home page experience| Basic | Modular and customizable home page | Modular -|Enablement| The default, legacy ThoughtSpot UI. a| Disabled by default. + -Can be enabled by setting `modularHomeExperience: true` in the Visual Embed SDK a| Disabled by default. + -Can be enabled by setting the `discoveryExperience` properties in the Visual Embed SDK. -|Migration considerations| If you want to continue using the classic experience, no migration is required. -If you plan to switch to the new navigation and modular home page experience, ThoughtSpot recommends migrating to the new v3 experience. -| The v2 navigation experience can be enabled by setting `modularHomeExperience` to `true` in the Visual Embed SDK. However, the new v3 experience with left navigation panel provides an improved experience and more customizable components for home page, therefore, we recommend using the v3 experience. -If you are already on v2 experience and want to switch to the new v3 experience, contact ThoughtSpot Support to enable this feature on your instance. -Once enabled, configure the `discoveryExperience` properties and customize your home page experience as per your embedding requirements. -|Contact ThoughtSpot Support to enable the v3 experience on your ThoughtSpot instance. -Once enabled, configure the `discoveryExperience` properties and customize your home page experience as per your embedding application requirements. -|||| -|===== -//// + +**V3 navigation and home page experience** +[.bordered] +[.widthAuto] +image::./images/v3-experience.png[V3 UI experience] + +**V2 navigation and home page experience** +[.bordered] +[.widthAuto] +image::./images/v2-experience.png[V2 UI experience] + +**V1 Classic experience** +[.bordered] +[.widthAuto] +image::./images/v1-experience.png[Classic experience] + == Customize the embedded application UI for your users @@ -194,13 +183,15 @@ const embed = new AppEmbed("#embed", { After you enable the V3 experience: * Ensure the UI shows the V3 navigation and home page. + +//// + The following figure shows the user interface with the V3 experience: + [.bordered] [.widthAuto] image::./images/new-nav3.png[New home page] - +//// * Verify that all the customization settings are applied correctly. * If you have set up custom routes for navigation within your embedded app, verify navigation workflows and check for breaking changes. diff --git a/modules/ROOT/pages/locale-setting.adoc b/modules/ROOT/pages/locale-setting.adoc index 00e49b0b0..1c43f2a14 100644 --- a/modules/ROOT/pages/locale-setting.adoc +++ b/modules/ROOT/pages/locale-setting.adoc @@ -23,30 +23,30 @@ If you want to set your embedded app view to a specific locale for your applicat [options="header"] |==================== | Locale | Language -| `ar-EG` | Egyptian Arabic | `da-DK` | Dansk | `de-DE` | Deutsch -| `de-CH` | German (Switzerland) +| `de-CH` | Deutsch (Switzerland) | `en-AU` | English (Australia) | `en-CA` | English (Canada) | `en-DE` | English (Germany) | `en-IN` | English (India) +| `en-NZ` | English (New Zealand) | `en-GB` | English (United Kingdom) | `en-US` | English (United States) -| `en-NZ` | English (New Zealand) +| `es-ES` | Español | `es-US` | Español (Latinoamérica) -| `es-ES` | Español (España) -| `es-MX` | Spanish (Mexico) -| `fi-FI` | Suomi +| `es-MX` | Español (Mexico) | `fr-CA` | Français (Canada) | `fr-FR` | Français (France) +| `ja-JP` | 日本語 +| `ko-KR` | 한국어 | `it-IT` | Italiano -| `ja-JP` | Japanese (Japan)/ 日本語 | `nb-NO` | Norsk | `nl-NL` | Nederland | `pt-BR` | Português (Brasil) | `pt-PT` | Português (Portugal) -| `ru-RU` | Russian (Russia) +| `ru-RU` | Pусский (ограниченный выпуск) +| `fi-FI` | Suomi | `sv-SE` | Svenska | `zh-CN` | 中文(简体) | `zh-HANT`| 中文 (繁體) diff --git a/modules/ROOT/pages/mcp-integration.adoc b/modules/ROOT/pages/mcp-integration.adoc index 8b05690c6..6b877e5ae 100644 --- a/modules/ROOT/pages/mcp-integration.adoc +++ b/modules/ROOT/pages/mcp-integration.adoc @@ -145,7 +145,7 @@ To enable tool calling: You can generate an authentication token for a specific user from ThoughtSpot via a `POST` call to the `/api/rest/2.0/auth/token/full` REST API endpoint. + Logged-in users can view the authentication token for their current session by using the `/api/rest/2.0/auth/session/token` REST API endpoint or by opening the following URL in a new tab on the web browser: + -`https://{your-ts-instance}/api/rest/2.0/auth/session/token` +`\https://{your-ts-instance}/api/rest/2.0/auth/session/token` For information about calling MCP tools using LLM APIs and methods, see these sections: @@ -236,7 +236,7 @@ For more information, see the link:https://docs.claude.com/en/docs/agents-and-to ==== OpenAI API for MCP tool calling To enable tool calling and retrieve data from ThoughtSpot via OpenAI, you can use the Responses API endpoint. -To connect to the ThoughtSpot remote MCP server, call the `https://api.openai.com/v1/responses` API endpoint and specify the following properties in the API request: +To connect to the ThoughtSpot remote MCP server, call the `\https://api.openai.com/v1/responses` API endpoint and specify the following properties in the API request: * `tools` + In the `tools` array, include these parameters: diff --git a/modules/ROOT/pages/mobile-embed-android.adoc b/modules/ROOT/pages/mobile-embed-android.adoc index 153fbc0c3..b7a3a6ad4 100644 --- a/modules/ROOT/pages/mobile-embed-android.adoc +++ b/modules/ROOT/pages/mobile-embed-android.adoc @@ -13,7 +13,6 @@ Your application developers can embed a ThoughtSpot Liveboard in your native And Before you begin, ensure that your development environment has the following setup: * Access to a ThoughtSpot instance with administrator and developer privileges. + -Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot. * Access to the Liveboard object that you want to embed. * Android Studio is installed. + diff --git a/modules/ROOT/pages/mobile-embed-qs-flutter.adoc b/modules/ROOT/pages/mobile-embed-qs-flutter.adoc index 926b091d8..2a8306a72 100644 --- a/modules/ROOT/pages/mobile-embed-qs-flutter.adoc +++ b/modules/ROOT/pages/mobile-embed-qs-flutter.adoc @@ -18,7 +18,6 @@ Before you begin, check if your setup has the following: * A Flutter application project setup. For information about creating a Flutter app, see link:https://docs.flutter.dev/reference/create-new-app[Flutter documentation, window=_blank]. * Access to a ThoughtSpot instance with administrator and developer privileges. + -Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot. * Access to the Liveboard object that you want to embed. == Get started with embedding diff --git a/modules/ROOT/pages/mobile-embed-qs-swift.adoc b/modules/ROOT/pages/mobile-embed-qs-swift.adoc index 63f3c3ff8..105fe8e4c 100644 --- a/modules/ROOT/pages/mobile-embed-qs-swift.adoc +++ b/modules/ROOT/pages/mobile-embed-qs-swift.adoc @@ -14,7 +14,6 @@ Before you begin, ensure that your development setup includes the following: * Xcode 13 or later is installed. For information about Xcode and SwiftUI, see link:https://developer.apple.com/documentation/Xcode[Xcode documentation, window=_blank]. * iOS 14.0 or later is installed on your device to test your embed. * Access to a ThoughtSpot instance with administrator and developer privileges. + -Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot. * Access to the Liveboard object that you want to embed. == Install the Swift Embed Package diff --git a/modules/ROOT/pages/mobile-embed.adoc b/modules/ROOT/pages/mobile-embed.adoc index dfcdfa3b1..7d22aa27a 100644 --- a/modules/ROOT/pages/mobile-embed.adoc +++ b/modules/ROOT/pages/mobile-embed.adoc @@ -18,15 +18,7 @@ Allows developers to embed ThoughtSpot content in an iOS native app. Allows developers to embed ThoughtSpot content in an Android native app. == Authentication and security settings -Currently, Mobile Embed SDKs support only cookieless authentication (`AuthType.TrustedAuthCookieless`) method to authenticate embed users. To handle authentication, you may have to token provider function or use your backend app to fetch a token for trusted authentication. For more information, see the Mobile Embed SDK quickstart guides. - -You must also add your embedding app domain to the following allowlists on the **Develop** > **Customizations** > **Security Settings** page in the ThoughtSpot UI. - -* CSP visual embed hosts -* Permitted iFrame domains -* CORS whitelisted domains - -For information about how to add your domains to CSP and CORS allowlists, see xref:security-settings.adoc[Security Settings]. +Currently, Mobile Embed SDKs support only cookieless authentication (`AuthType.TrustedAuthCookieless`) method to authenticate embed users. To handle authentication, you may have to token provider function or use your backend app to fetch a token for trusted authentication. For more information, see the respective Mobile Embed SDK quickstart guides. == Mobile embed customization diff --git a/modules/ROOT/pages/mobilesdk-quick-start.adoc b/modules/ROOT/pages/mobilesdk-quick-start.adoc index 68508c237..1d8935f6e 100644 --- a/modules/ROOT/pages/mobilesdk-quick-start.adoc +++ b/modules/ROOT/pages/mobilesdk-quick-start.adoc @@ -17,7 +17,6 @@ Before you begin, check the following: * link:https://docs.npmjs.com/downloading-and-installing-node-js-and-npm[NPM and Node.js are installed, window=_blank] on your system. * Your link:https://reactnative.dev/docs/environment-setup[React Native environment, window=_blank] is set up. * You can access a ThoughtSpot instance with administrator and developer credentials. + -Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot. * You have access to the Liveboard object that you want to embed * If you are using Expo to build your application: @@ -410,7 +409,6 @@ Additionally, you can add a listener for `EmbedEvent.Error` and verify the logs. * In case of rendering issues, adjust the frame size constraints and rerun your app. * Check if your custom CSS specifications are applied correctly. - == Known limitations For information about supported features and known limitations, see xref:mobile-embed.adoc#_known_limitations[Mobile embed limitations]. diff --git a/modules/ROOT/pages/modify-tml.adoc b/modules/ROOT/pages/modify-tml.adoc index 9234c85d3..659a33093 100644 --- a/modules/ROOT/pages/modify-tml.adoc +++ b/modules/ROOT/pages/modify-tml.adoc @@ -350,7 +350,7 @@ For more information, see link:https://docs.thoughtspot.com/cloud/latest/tml-mod [IMPORTANT] ==== -Worksheets are deprecated and replaced with Models in ThoughtSpot Cloud 10.12.0.cl and later versions. You'll no longer be able to import a Worksheet TML object into ThoughtSpot without link:https://docs.thoughtspot.com/latest/worksheet-migration[converting it into a Model, window=_blank]. For information about the TML properties of a Model object, see link:https://docs.thoughtspot.com/cloud/latest/tml-models[TML for Models]. +Worksheets are deprecated and replaced with Models in ThoughtSpot Cloud 10.12.0.cl and later versions. You'll no longer be able to import a Worksheet TML object into ThoughtSpot without link:https://docs.thoughtspot.com/cloud/latest/worksheet-migration[converting it into a Model, window=_blank]. For information about the TML properties of a Model object, see link:https://docs.thoughtspot.com/cloud/latest/tml-models[TML for Models]. ==== Worksheets combine several *tables*, including *Views*, into a coherent data model optimized for searches. The TML syntax for Worksheets defines all aspects, including the tables it joins together, the columns and their properties, filters, and so on. diff --git a/modules/ROOT/pages/multi-tenancy-best-practices.adoc b/modules/ROOT/pages/multi-tenancy-best-practices.adoc index 604fc6d0d..b8315c099 100644 --- a/modules/ROOT/pages/multi-tenancy-best-practices.adoc +++ b/modules/ROOT/pages/multi-tenancy-best-practices.adoc @@ -69,7 +69,7 @@ Sharing is controlled through the UI (including when embedded) or via the xref:s Please see the full documentation on xref:access-control-sharing.adoc[sharing for access control] to learn how the various options work to isolate content for end customers that share a single "prod" environment. ==== What content should be shared? -While you can share individual tables from connections to users, the best practice is to create link:https://docs.thoughtspot.com/cloud/latest/worksheet-create[worksheets, window=_blank] and only share the relevant Models to end users. Any Liveboards and saved answers shared to users should only connect to Models. +While you can share individual tables from connections to users, the best practice is to create link:https://docs.thoughtspot.com/cloud/latest/models[Models, window=_blank] and only share the relevant Models to end users. Any Liveboards and saved Answers shared to users should only connect to Models. Remember to share the Model as *READ_ONLY* along with the Liveboards and answers so the users can access self-service features such as changing filter values. diff --git a/modules/ROOT/pages/pendo-integration.adoc b/modules/ROOT/pages/pendo-integration.adoc index 94d40dd0b..d08c3afd2 100644 --- a/modules/ROOT/pages/pendo-integration.adoc +++ b/modules/ROOT/pages/pendo-integration.adoc @@ -177,7 +177,7 @@ To validate and test Pendo integration in your embed: image::./images/pendo-dev-console.png[Dev console verification] -- . If your integration script includes validation checks with `pendo.validateEnvironment()`, you can verify the logs in the console to confirm if the script is executed successfully and initializes as expected. You can also enable debug logs by adding `logLevel: LogLevel.DEBUG` to your `init` code. + -For more information about `pendo.validateEnvironment()`, see the "Verify the installation" section in the link:https://support.pendo.io/hc/en-us/articles/360046272771-Developer-s-guide-to-implementing-Pendo-using-the-install-script[Pendo Documentation, window=_blank] or refer to the link:https://github.com/thoughtspot/developer-examples/blob/524ef13121fcae4756a951648e3e6dc4bb29aa26/visual-embed/pendo-integration/pendoIntegrationScript.js#L108[sample script provided by ThoughtSpot, window=_blank]. + +For more information about `pendo.validateEnvironment()`, see the "Verify the installation" section in the link:https://support.pendo.io/hc/en-us/articles/360046272771-Developer-s-guide-to-implementing-Pendo-using-the-install-script[Pendo Documentation, window=_blank] or refer to the link:https://github.com/thoughtspot/developer-examples/blob/main/visual-embed/pendo-integration/pendoIntegrationScript.js[sample script provided by ThoughtSpot, window=_blank]. . Log in to Pendo to create a sample guide for your ThoughtSpot application instance. . In the ThoughtSpot UI, verify if the Pendo guide is published. + @@ -203,7 +203,7 @@ If the variables are not available: == Additional resources -* link:https://github.com/thoughtspot/developer-examples/blob/524ef13121fcae4756a951648e3e6dc4bb29aa26/visual-embed/pendo-integration/pendoIntegrationScript.js[ThoughtSpot Developer examples GitHub repository, window=_blank] +* link:https://github.com/thoughtspot/developer-examples/tree/main/visual-embed/pendo-integration[ThoughtSpot Developer examples GitHub repository, window=_blank] * link:https://www.pendo.io/resources/getting-started-with-pendo/[Pendo Getting Started Guide] * link:https://support.pendo.io/hc/en-us/articles/360046272771-Developer-s-guide-to-implementing-Pendo-using-the-install-script[Pendo Documentation, window=_blank] * link:https://codesandbox.io/p/devbox/optimistic-mcclintock-lw2qq8[Code sandbox, window=_blank] diff --git a/modules/ROOT/pages/rest-api-java-sdk.adoc b/modules/ROOT/pages/rest-api-java-sdk.adoc index fc8e94be3..db8adb37c 100644 --- a/modules/ROOT/pages/rest-api-java-sdk.adoc +++ b/modules/ROOT/pages/rest-api-java-sdk.adoc @@ -297,7 +297,7 @@ a|ThoughtSpot Cloud: 10.9.0.cl | v2.14.0 or later |===== |Method|HTTP request -|link:ThoughtSpotRestApi.md#activateUser[activateUser, window=_blank] |*POST* +|link:https://github.com/thoughtspot/rest-api-sdk/blob/release/sdks/java/docs/ThoughtSpotRestApi.md#activateUser[activateUser, window=_blank] |*POST* /api/rest/2.0/users/activate |link:https://github.com/thoughtspot/rest-api-sdk/blob/release/sdks/java/docs/ThoughtSpotRestApi.md#assignChangeAuthor[assignChangeAuthor^] diff --git a/modules/ROOT/pages/rest-api-v2-reference-beta.adoc b/modules/ROOT/pages/rest-api-v2-reference-beta.adoc deleted file mode 100644 index 0b551fd5d..000000000 --- a/modules/ROOT/pages/rest-api-v2-reference-beta.adoc +++ /dev/null @@ -1,1037 +0,0 @@ -= REST API v2 ^Beta^ endpoints (Deprecated) -:toc: true - -:page-title: REST API Reference Guide -:page-pageid: rest-apiv2-beta-reference -:page-description: REST API Reference - -[div announcementBlock] --- -Starting from the ThoughtSpot Cloud 9.0.0.cl release, REST API v2 endpoints[beta betaBackground]^Beta^ are deprecated and removed from the ThoughtSpot API Playground. The API Playground will display the REST API V2 endpoints that are qualified for General Availability (GA). - -For detailed information about the endpoints listed in this article, see link:https://visual-embed-sdk-git-redoc-api-docs-thoughtspot-site.vercel.app/docs/apiv2Beta/index.html[REST API V2 (Beta) documentation, window=_blank]. --- - -The REST API v2 endpoints[beta betaBackground]^Beta^ includes the following resource collections and endpoints. - -== Session - --- -`**GET** /tspublic/rest/v2/session` - -Gets details of the current session for the logged-in user. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/session/login` - -Signs in a user to ThoughtSpot. - -+++

+++ - -//// -++++ -View in Playground -++++ -//// - - -`**POST** /tspublic/rest/v2/session/gettoken` - -Gets an OAuth access token for a ThoughtSpot client. You must send this token in the `Authorization` header to authorize your API requests. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**POST** /tspublic/rest/v2/session/revoketoken` - -Revokes an existing access token assigned to a ThoughtSpot client. To make API calls, you must obtain a new access token. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**POST** /tspublic/rest/v2/session/logout` - -Logs out a ThoughtSpot user. -//// -++++ -View in Playground -++++ -//// --- - -== Users --- - -`*POST* /tspublic/rest/v2/user/create` - -Creates a user object. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`GET /tspublic/rest/v2/user` - -Gets details of a specific user. You must provide the username or the GUID of the user. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*PUT* /tspublic/rest/v2/user/update` - -Modifies the properties of a user object. You must specify a username or the GUID of the user. Requires administrator privileges. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`DELETE /tspublic/rest/v2/user/delete` - -Deletes a user object. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**PUT** /tspublic/rest/v2/user/addgroup` - -Assigns a user to groups. If the assigned groups have privileges configured, the user inherits these privileges. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*PUT* /tspublic/rest/v2/user/removegroup` - -Removes the groups assigned to a user. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**PUT** /tspublic/rest/v2/user/changepassword` - -Allows changing a ThoughtSpot user's password. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**POST** /tspublic/rest/v2/user/search` - -Gets a list of users available in the ThoughtSpot system. To filter your query, you can specify the user type, group, privileges, sharing visibility, and other such attributes. -//// -++++ -View in Playground -++++ -//// --- - -== Groups - --- -`*GET* /tspublic/rest/v2/group` - -Gets details of a specific group. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/group/create` - -Creates a group object. Requires administrator privileges. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**PUT** /tspublic/rest/v2/group/update` - -Modifies the properties of a group object. Requires administrator privileges. -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**PUT **/tspublic/rest/v2/group/addprivilege` - -Assigns privileges to a group. Requires administrator privileges. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**PUT **/tspublic/rest/v2/group/removeprivilege` - -Removes privileges assigned to a group. Requires administrator privileges. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**DELETE** /tspublic/rest/v2/group/delete` - -Deletes a group object. Requires administrator privileges. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/group/adduser` - -Assigns users to a group. Requires administrator privileges. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**PUT **/tspublic/rest/v2/group/removeuser` - -Removes one or several users assigned to a group. Requires administrator privileges. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*PUT* /tspublic/rest/v2/group/addgroup` - -Adds a group to another group object. This API request creates a hierarchy of groups. The subgroups inherit the privileges assigned to the parent group. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**PUT** /tspublic/rest/v2/group/removegroup` - -Removes a group from the parent group. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/group/search` - -Gets a list of groups created in the ThoughtSpot system. To filter your query, you can specify the group type, group name, privileges, sharing visibility, users, and other such attributes. -//// -++++ -View in Playground -++++ -//// --- - -== Admin - --- -`**GET ** /tspublic/rest/v2/admin/configuration` - -Gets details of the current configuration of a ThoughtSpot cluster. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*GET* /tspublic/rest/v2/admin/configuration/overrides` - -Gets details of configuration overrides. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**PUT **/tspublic/rest/v2/admin/configuration/update` - -Updates configuration settings of the ThoughtSpot cluster. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*PUT* /tspublic/rest/v2/admin/resetpassword` - -Resets the password of a user account. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/admin/syncprincipal` - -Synchronizes user account and group properties from an external database with ThoughtSpot. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/admin/changeauthor` - -Transfers the ownership of objects from one user to another. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/admin/assignauthor` - -Assigns ownership of objects to a specific user. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/admin/forcelogout` + - -Logs out specified users from ThoughtSpot. - -//// -++++ -View in Playground -++++ -//// --- - -== Metadata - --- -`*GET* /tspublic/rest/v2/metadata/tag` - -Gets details for the specified tag. You must specify the tag name or the GUID. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/metadata/tag/create` - -Creates a tag object. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/metadata/tag/update` - -Modifies the properties of a tag object. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/metadata/tag/assign` - -Assigns a tag to one or several metadata objects. You can assign a tag to a Liveboard, Answer, data object, and data connection objects. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/metadata/tag/unassign` - -Removes the tag assigned to an object. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*DELETE* /tspublic/rest/v2/metadata/tag/delete` - -Deletes the specified tag. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**PUT** /tspublic/rest/v2/metadata/favorite/assign` - -Adds an object such as Liveboards and answers to a user's favorites list. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**PUT ** /tspublic/rest/v2/metadata/favorite/unassign` - -Removes the specified object from the user's favorites list. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**GET** /tspublic/rest/v2/metadata/homeliveboard` - -Gets the details of the Liveboard that is set as a default Liveboard for the ThoughtSpot user. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**PUT** /tspublic/rest/v2/metadata/homeliveboard/assign` - -Assigns a Liveboard as a default Liveboard for a ThoughtSpot user. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/metadata/homeliveboard/unassign` - -Removes the default home Liveboard setting for a ThoughtSpot user. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*GET* /tspublic/rest/v2/metadata/incomplete` - -Gets a list of objects with incomplete metadata. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*GET* /tspublic/rest/v2/metadata/header` - -Gets header details for a specific metadata object. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*GET* /tspublic/rest/v2/metadata/details` - -Gets details of a specific metadata object. To filter your query, specify the metadata object type and the ID. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*GET* /tspublic/rest/v2/metadata/vizheaders` - -Gets a list of visualization headers associated with a Liveboard. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/metadata/header/search` - -Gets a list of all metadata objects in the ThoughtSpot system. To filter your query, specify the metadata object type, access level, and other such attributes. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*POST* /tspublic/rest/v2/metadata/detail/search` - -Gets details of one or several metadata objects of a specific type. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*DELETE* /tspublic/rest/v2/metadata/delete` - -Deletes the specified metadata object. You can delete answers, Liveboards, Tags, Models, Views, Tables, Columns, and Table joins. + -Note that the endpoint does not support deleting the connection, user, and group objects. To delete these objects, use the following endpoints: - -* `DELETE /tspublic/rest/v2/connection/delete` -* `DELETE /tspublic/rest/v2/user/delete` -* `DELETE /tspublic/rest/v2/group/delete` - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/metadata/dependency` - -Gets a list of dependent metadata objects. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*POST* /tspublic/rest/v2/metadata/tml/export` - -Exports a TML object and associated metadata. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**POST** /tspublic/rest/v2/metadata/tml/import` - -Imports one or several TML objects and object associations. - -//// -++++ -View in Playground -++++ -//// --- - -== Connections - --- -`*GET* /tspublic/rest/v2/connection` - -Gets details of a specific data connection. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**GET** /tspublic/rest/v2/connection/database` - -Gets details of the databases associated with a connection ID. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**POST** /tspublic/rest/v2/connection/table` - -Gets details of the tables associated with a connection ID. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*POST* /tspublic/rest/v2/connection/tablecoloumn` - -Gets details of the columns of the tables associated with a connection ID. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*POST* /tspublic/rest/v2/connection/create` - -Creates a data connection. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*PUT* /tspublic/rest/v2/connection/update` - -Updates an existing data connection. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -*DELETE* /tspublic/rest/v2/connection/delete - -Deletes a data connection. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/connection/addtable` - -Adds a table to an existing data connection. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*PUT* /tspublic/rest/v2/connection/removetable` - -Removes a table from an existing data connection. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*POST* /tspublic/rest/v2/connection/search` - -Gets details of all data connections. You can also query data for a specific connection type. - -//// -++++ -View in Playground -++++ -//// --- - -== Data - --- -`**POST** /tspublic/rest/v2/data/search` - -Allows constructing a search query string and retrieves data from a search query. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`**POST** /tspublic/rest/v2/data/answer` - -Gets data from a saved search answer. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**POST** /tspublic/rest/v2/data/liveboard` - -Gets data from the specified Liveboard and visualization. - -//// -++++ -View in Playground -++++ -//// --- - -+++

+++ - -`*GET* /tspublic/rest/v2/data/answer/querysql` - -Retrieves SQL for an Answer object. - -//// -++++ -View in Playground -++++ -//// --- - -+++

+++ - -`*GET* /tspublic/rest/v2/data/liveboard/querysql` - -Retrieves SQL for a visualization on a Liveboard. - -//// -++++ -View in Playground -++++ -//// --- - -== Report - --- -`*POST* /tspublic/rest/v2/report/answer` - -Downloads Answer data in the specified file format, such as PDF, CSV, PNG, and XLSX. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**POST** /tspublic/rest/v2/report/liveboard` - -Downloads a given Liveboard and its visualizations as a PDF, CSV, XLSX, or PNG file. - -//// -++++ -View in Playground -++++ -//// --- - -== Security - -`*POST* /tspublic/rest/v2/security/share/tsobject` - -Allows sharing an object with another user or group in ThoughtSpot. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**POST** /tspublic/rest/v2/security/share/visualization` - -Allows sharing a Liveboard visualization with another user or group in ThoughtSpot. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**GET** /tspublic/rest/v2/security/permission/tsobject` - -Gets access permission details for a metadata object. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*GET* /tspublic/rest/v2/security/permission/principal` - -Gets a list of objects that the specified user or group has access to. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*POST* /tspublic/rest/v2/security/permission/tsobject/search` - -Gets permission details for specific objects, and users and groups who have access to these objects. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*POST* /tspublic/rest/v2/security/permission/principal/search` - -Gets a list objects to which a user or group has `READ_ONLY` or `MODIFY` permissions. - -//// -++++ -View in Playground -++++ -//// - -== Custom actions - -`*GET* /tspublic/rest/v2/customaction` - -Gets details of a custom action. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**POST **/tspublic/rest/v2/customaction/create` - -Creates a custom action. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**PUT** /tspublic/rest/v2/customaction/update` - -Updates a custom action object. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**DELETE** /tspublic/rest/v2/customaction/delete` - -Deletes a custom action object. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**POST** /tspublic/rest/v2/customaction/search` - -Allows searching for custom actions available in ThoughtSpot. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`*GET* /tspublic/rest/v2/customaction/association` - -Gets metadata association details for a given custom action. - -//// -++++ -View in Playground -++++ -//// -+++

+++ - -`*PUT* /tspublic/rest/v2/customaction/association/update` - -Updates metadata association for a given custom action. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -`**DELETE **/tspublic/rest/v2/customactions/association/delete` - -Removes custom action association to a user, group or metadata object. - -//// -++++ -View in Playground -++++ -//// - -+++

+++ - -== Log --- -`*GET* /tspublic/rest/v2/logs/events` - -Gets security audit logs from the ThoughtSpot system. - -//// -++++ -View in Playground -++++ -//// -+++

+++ --- - -//// -== Materialization --- -`*PUT* /tspublic/rest/v2/materialization/refreshview` - -Refreshes data in a materialized view. + - -This endpoint is applicable to ThoughtSpot Software deployments only. - -++++ -View in Playground -++++ -+++

+++ --- - -== Database - -The Database endpoints are applicable to ThoughtSpot Falcon-based Software deployments only. - - -//// diff --git a/modules/ROOT/pages/security-api.adoc b/modules/ROOT/pages/security-api.adoc index 5a4adb304..b703b5852 100644 --- a/modules/ROOT/pages/security-api.adoc +++ b/modules/ROOT/pages/security-api.adoc @@ -125,7 +125,16 @@ Response code [#shareviz] == Share a visualization with another user or user group -If you want to share a specific visualization from a Liveboard with another user or user group, use the `/tspublic/v1/security/shareviz` API. This API lets you share the visualization with specific user IDs and provide read-only access. +If you want to share a specific visualization from a Liveboard with another user or user group, use the `/tspublic/v1/security/shareviz` API. + +[IMPORTANT] +==== +* Sharing a visualization implicitly shares the entire Liveboard with the recipient. +* If email notifications for object sharing are enabled, a notification with a link to the shared visualization will be sent to the recipient’s email address. Although this link opens the shared visualization, recipients can also access other visualizations in the Liveboard. +* The `/tspublic/v1/security/shareviz` API endpoint provides only read-only access to the shared visualization. +==== + + === Resource URL ---- diff --git a/modules/ROOT/pages/trusted-auth-sdk.adoc b/modules/ROOT/pages/trusted-auth-sdk.adoc index eb3b02805..56275764a 100644 --- a/modules/ROOT/pages/trusted-auth-sdk.adoc +++ b/modules/ROOT/pages/trusted-auth-sdk.adoc @@ -13,10 +13,12 @@ When `init()` is called, the SDK checks if there is an existing ThoughtSpot sess Cookieless authentication, specified using `AuthType.TrustedAuthTokenCookieless`, uses the token as a bearer token for all subsequent requests to ThoughtSpot, without establishing a session in the browser. -Cookie-based authentication, specified using `AuthType.TrustedAuthToken`, uses the token to create a session in the browser immediately, and does not use the token afterward, instead relying on the established session with the ThoughtSpot instance. +Cookie-based authentication, specified using `AuthType.TrustedAuthToken`, uses the token to create a session in the browser immediately. It does not use the token afterward; instead, it relies on the established session with the ThoughtSpot instance. For the request to be *secure*, the user in the browser cannot modify the request or make their own valid request to the *token request service* in a way that requests a token for any other user. +The `autoLogin: true` property in the `init()` function causes the Visual Embed SDK to request a new token before the current token or the session expires, so that a user never sees the embedded ThoughtSpot component in a signed-out state. + == Define token request service There are two options in the `init()` function to define the request to the *token request service*: `authEndpoint` or `getAuthToken`. @@ -25,9 +27,9 @@ The `authEndpoint` parameter of the `init()` function specifies a URL for a dire Any authentication details must be included by the browser in this automated GET request, typically in the cookies. -It is *insecure* to allow specifying the username of the desired login token in the URL called by `authEndpoint`, because any user could request tokens for other users. Instead, the *token request service* itself must be able to determine which user is logged in from the backend. +It is *insecure* to allow specifying the username of the desired login token in the URL called by `authEndpoint`, because any user could request tokens for other users. Instead, the *token request service* must determine the logged-in user from the backend. -Cookies are not sent across domains (only to sub-domains), so your *token request service* must be *hosted in the same domain* as the embedding application. +Cookies are not sent across domains (only to subdomains), so your *token request service* must be *hosted in the same domain* as the embedding application. If you need more control beyond a GET request, use `getAuthToken` instead to define a customized request. @@ -40,8 +42,8 @@ The callback function must return a *Promise* that resolves with the *login toke ---- init({ thoughtSpotHost: "<%=tshost%>", - authType: AuthType.TrustedAuthToken, - username: "UserA", + authType: AuthType.TrustedAuthTokenCookieless, + autoLogin: true, getAuthToken: () => { // fetch() returns a Promise naturally. Assumes a JSON response from the token request service with a 'token' property return fetch('https://my-backend.app/ts-token') @@ -51,14 +53,13 @@ init({ }); ---- -You can even use the callback function to reference a hard-coded login token, in a testing or other appropriate situation. Remember, it must return a Promise that resolves with the token: +You can even use the callback function to reference a hard-coded login token in a testing or other appropriate situation. Remember, it must return a Promise that resolves with the token: [source,JavaScript] ---- init({ thoughtSpotHost: "<%=tshost%>", - authType: AuthType.TrustedAuthToken, - username: "", + authType: AuthType.TrustedAuthTokenCookieless, getAuthToken: () => { let tsToken = '{long-lived-token}'; return Promise.resolve(tsToken); @@ -90,7 +91,7 @@ The Visual Embed SDK provides a link:https://developers.thoughtspot.com/docs/Fun Please see the documentation on xref:rest-apiv2-js.adoc[REST API V2.0 within a browser] for further explanation and example code. === Multiple user sessions in one browser -Cookieless authentication is also useful for scenarios where the embedding application allows for being logged into multiple user accounts in different tabs, or quick switches between users. Cookie-based authentication restricts the whole browser to a single logged-in user per ThoughtSpot instance, while cookie-less allows each tab to use a different token without conflicts. +Cookieless authentication is also useful for scenarios where the embedding application allows for being logged into multiple user accounts in different tabs, or quick switches between users. Cookie-based authentication restricts the whole browser to a single logged-in user per ThoughtSpot instance, while cookieless allows each tab to use a different token without conflicts. == Code examples The only difference between cookie-based trusted authentication and cookieless authentication in the `init()` function is the value used for the `authType` property. @@ -104,38 +105,39 @@ The following example shows a custom callback function with a custom request usi let tsToken; // global scope to store token for other REST API requests init({ thoughtSpotHost: tsURL, - authType: AuthType.TrustedAuthTokenCookieless, - getAuthToken: getAuthToken - }); + authType: AuthType.TrustedAuthTokenCookieless, + getAuthToken: getAuthToken, + autoLogin: true +}); function async getAuthToken { - const tokenURL = tokenServiceURL + "/gettoken/"; - console.log("calling token server at " + tokenURL); - - const timeoutSecs = 5 * 1000; // seconds to milliseconds - - const response = await timeout(timeoutSecs, fetch( - tokenURL, - { - method: 'POST', - mode: 'cors', - cache: 'no-cache', - headers: { - // This Token Request Service returns the token as a plain-text string - 'Content-Type': "text/plain", - // Custom header for passing a JWT with auth details from the web app to the token request service - // Instead the token request service may have access to a user session with the details - 'X-Auth-Token': authJWT - }, - credentials: 'include' - } - )) - - // Token request service returns plain-text string of the token - // set the global tsToken variable for using the token for separate REST API requests - tsToken = response.text(); - // Must return for the Promise to be completed - return response.text() + const tokenURL = tokenServiceURL + "/gettoken/"; + console.log("calling token server at " + tokenURL); + + const timeoutSecs = 5 * 1000; // seconds to milliseconds + + const response = await timeout( + timeoutSecs, + fetch(tokenURL, { + method: 'POST', + mode: 'cors', + cache: 'no-cache', + headers: { + // This Token Request Service returns the token as a plain-text string + 'Content-Type': "text/plain", + // Custom header for passing a JWT with auth details from the web app to the token request service + // Instead the token request service may have access to a user session with the details + 'X-Auth-Token': authJWT + }, + credentials: 'include' + }) + ) + + // Token request service returns plain-text string of the token + // set the global tsToken variable for using the token for separate REST API requests + tsToken = response.text(); + // Must return for the Promise to be completed + return response.text() } ---- @@ -146,8 +148,8 @@ function async getAuthToken { init({ thoughtSpotHost: "", authType: AuthType.TrustedAuthToken, - username: "", authEndpoint: "https://authenticator-server:/endpoint", + autoLogin: true }); ---- @@ -156,12 +158,12 @@ init({ init({ thoughtSpotHost: "", authType: AuthType.TrustedAuthToken, - username: "", + autoLogin: true, getAuthToken: () => { return fetch('https://my-backend.app/ts-token') .then((response) => response.json()) .then((data) => data.token); - }); +}); ---- === Cookieless authentication examples @@ -172,6 +174,7 @@ init({ thoughtSpotHost: "", authType: AuthType.TrustedAuthTokenCookieless, authEndpoint: "https://authenticator-server:/endpoint", + autoLogin: true }); ---- @@ -181,10 +184,11 @@ init({ init({ thoughtSpotHost: "", authType: AuthType.TrustedAuthTokenCookieless, + autoLogin: true, getAuthToken: () => { return fetch('https://my-backend.app/ts-token') .then((response) => response.json()) .then((data) => data.token); } - }); +}); ---- diff --git a/modules/ROOT/pages/webhooks-lb-schedule.adoc b/modules/ROOT/pages/webhooks-lb-schedule.adoc index e695ee250..eec7e3d5a 100644 --- a/modules/ROOT/pages/webhooks-lb-schedule.adoc +++ b/modules/ROOT/pages/webhooks-lb-schedule.adoc @@ -396,7 +396,7 @@ If the webhook creation is successful, the API returns the following response: "modification_time_in_millis": 1761050197164, "created_by": { "id": "08c6b203-ff6e-4ed8-b923-35ebbbfef27b", - "name": "UserA@thoughtspot.com" + "name": "UserA@UserA@example.com" }, "last_modified_by": null } @@ -477,11 +477,11 @@ If the API request is successful, ThoughtSpot returns the webhook configuration "modification_time_in_millis": 1761051944507, "created_by": { "id": "08c6b203-ff6e-4ed8-b923-35ebbbfef27b", - "name": "UserA@thoughtspot.com" + "name": "UserA@UserA@example.com" }, "last_modified_by": { "id": "08c6b203-ff6e-4ed8-b923-35ebbbfef27b", - "name": "UserA@thoughtspot.com" + "name": "UserA@UserA@example.com" } } ], @@ -603,7 +603,7 @@ If the API request is successful, the webhook is deleted, and the API returns th "modification_time_in_millis": 1761184185887, "created_by": { "id": "08c6b203-ff6e-4ed8-b923-35ebbbfef27b", - "name": "UserA@thoughtspot.com" + "name": "UserA@UserA@example.com" }, "last_modified_by": null } diff --git a/modules/ROOT/pages/whats-new.adoc b/modules/ROOT/pages/whats-new.adoc index 1bbd50faa..40437acc7 100644 --- a/modules/ROOT/pages/whats-new.adoc +++ b/modules/ROOT/pages/whats-new.adoc @@ -957,7 +957,8 @@ For more information, see xref:security-settings.adoc[Security Settings]. .Support for Sage coach [%collapsible] ==== -In full application embedding, you can now review user feedback on the natural language search queries on the **Data** page. For more information, see link:https://docs.thoughtspot.com/cloud/latest/sage-coach[Sage Coach, window=_blank]. +In full application embedding, you can now review user feedback on the natural language search queries on the **Data** page. +//For more information, see link:https://docs.thoughtspot.com/cloud/latest/sage-coach[Sage Coach, window=_blank]. ==== .Visual Embed SDK @@ -1253,7 +1254,7 @@ For more information, see xref:version_control.adoc[Version control with Git int ==== The Visual Embed developer Playground now includes a *Try* button in the preview panel. The *Try* button is attached to an event handler. You can register a host event and click *Try* to trigger an action on the embedded page in the Playground. -For more information, see xref:embed-events.adoc#host-events[Events reference]. +For more information, see xref:embed-events.adoc[Events reference]. ==== .Visual Embed SDK diff --git a/modules/tutorials/pages/react-components/react-components_intro.adoc b/modules/tutorials/pages/react-components/react-components_intro.adoc index 4cdc5e771..de5cfe70e 100644 --- a/modules/tutorials/pages/react-components/react-components_intro.adoc +++ b/modules/tutorials/pages/react-components/react-components_intro.adoc @@ -23,7 +23,11 @@ There are many great resources for understanding React itself, including the lin React projects almost always use many different packages on top of the baseline "React" install. -Within the tutorial, all packages will be given a brief explanation, with links to the respective project documentation. +Primarily, the example app is built using link:https://nextjs.org/[Next.js], one of the most widely used React frameworks. The structure of the app, including routing, takes into account the features and patterns of Next.js, but using Next.js is not a requirement to use ThoughtSpot's React components. + +The example app also uses link:https://flowbite-react.com/[Flowbite, window=_blank] for pre-defined UI components and link:https://tailwindcss.com/docs/installation/framework-guides/nextjs[Tailwind CSS, window=_blank] as a unified styling system. + +Most of the `className` references in the example app are specific to Tailwind's predefined classes and can be removed when adding code into your own application. Nothing within the example related to ThoughtSpot depends on Tailwind or the Flowbite components. == Routes and pages *Routes* are URLs that load different "pages" within the app. @@ -91,6 +95,11 @@ link:https://github.com/thoughtspot/embed-example-react-app/blob/main/src/lib/co The `constants` const is declared and exported with several properties, the most important of which is `tsURL`, because it configures the ThoughtSpot instance from which the content will load. +[WARNING] +==== +You must include *https://* in the `tsURL` string to avoid browser redirect issues. +==== + [source,typescript] ---- export const constants = { diff --git a/modules/tutorials/pages/react-components/react-components_lesson-01.adoc b/modules/tutorials/pages/react-components/react-components_lesson-01.adoc index ba0d4a6ff..572cbcc5e 100644 --- a/modules/tutorials/pages/react-components/react-components_lesson-01.adoc +++ b/modules/tutorials/pages/react-components/react-components_lesson-01.adoc @@ -32,7 +32,9 @@ return ( ); ---- -The `tsInitialize()` function wraps around the entire process of calling the `init()` function from the Visual Embed SDK (note that authentication has not been implemented in this example): +The `tsInitialize()` function wraps around the entire process of calling the `init()` function from the Visual Embed SDK. + +Please note that authentication has not been implemented in this example. You must be signed into ThoughtSpot already in another tab in your browser. Production-level xref:embed-authentication.adoc[authentication methods] are covered elsewhere in the documentation. [source,typescript] ---- @@ -43,13 +45,11 @@ The `tsInitialize()` function wraps around the entire process of calling the `in // See https://developers.thoughtspot.com/docs/Interface_EmbedConfig for all configurations const ee = init({ thoughtSpotHost: constants.tsURL, - authType: AuthType.None, - username: constants.username, - getAuthToken: () => { - return getAuthToken(constants.username); - }, callPrefetch: true, customizations: {}, + authType: AuthType.None + // getAuthToken: () => { return Promise.resolve('{tokenCopiedFromPlayground}'); } , + // autoLogin: true, } as EmbedConfig); // Checks for Auth process completed as expected @@ -67,6 +67,11 @@ The `tsInitialize()` function wraps around the entire process of calling the `in }; ---- +[NOTE] +==== +When running the tutorial app locally, it is expected behavior to see duplicated calls and messages in the browser Developer Tools. Next.js is running in development mode using React Strict Mode, which automatically renders components twice, causing the duplication. +==== + == Common customizations in the init As mentioned above, link:https://developers.thoughtspot.com/docs/Interface_EmbedConfig[many configuration options] can be specified as part of the `init()` function. diff --git a/modules/tutorials/pages/react-components/react-components_lesson-03.adoc b/modules/tutorials/pages/react-components/react-components_lesson-03.adoc index 1340166f2..9baf18f7b 100644 --- a/modules/tutorials/pages/react-components/react-components_lesson-03.adoc +++ b/modules/tutorials/pages/react-components/react-components_lesson-03.adoc @@ -245,7 +245,7 @@ When this page renders, there is now a dynamic menu to get to any Liveboard the == Spotter embed pages and menu The example app contains an equivalent menu and component display page for Spotter content, under the link:https://github.com/thoughtspot/embed-example-react-app/tree/main/src/app/datachat[/app/datachat/^] subdirectory. -Spotter conversations are started against Models (formerly Worksheets), so the set of UI components and filters differs within the link:https://github.com/thoughtspot/embed-example-react-app/blob/main/src/app/datachat/page.tsx[menu page^]. +Spotter conversations are started against Models, so the set of UI components and filters differs within the link:https://github.com/thoughtspot/embed-example-react-app/blob/main/src/app/datachat/page.tsx[menu page^]. The basic concepts from the entire tutorial apply regardless of which component you are using. diff --git a/modules/tutorials/pages/tse-fundamentals/tse-fundamentals-lesson-05.adoc b/modules/tutorials/pages/tse-fundamentals/tse-fundamentals-lesson-05.adoc index ac63049b4..7579d96e9 100644 --- a/modules/tutorials/pages/tse-fundamentals/tse-fundamentals-lesson-05.adoc +++ b/modules/tutorials/pages/tse-fundamentals/tse-fundamentals-lesson-05.adoc @@ -68,7 +68,7 @@ image:images/tutorials/tse-fundamentals/lesson-05-search-console.png[Console out Before embedding the search, we need to initialize the SDK. Initializing the SDK tells it which ThoughtSpot instance to communicate with and the type of authentication. -There are additional parameters you can pass, which you can read about in the link:https://developer-docs-nnh3ibjh0-thoughtspot-site.vercel.app/docs/tsembed#initSdk[documentation]. +There are additional parameters you can pass, which you can read about in the link:https://developers.thoughtspot.com/docs/tsembed#initSdk[documentation]. One useful parameter to consider is `callPrefetch`, which can speed up the first embed object's load time by caching static content locally. This will not have an effect if caching is disabled during development but can improve performance in production. diff --git a/scripts/Converter/index.ts b/scripts/Converter/index.ts index 955ad1be6..05a35fb45 100644 --- a/scripts/Converter/index.ts +++ b/scripts/Converter/index.ts @@ -155,32 +155,29 @@ const _indent = ( // All the parse functions are to be used internally (its used to get sub content) class TypeDocInternalParser { - static convertToItalic = (name: string | undefined) => - name ? `_${name}_` : ''; + static convertToItalic = (name: string | undefined) => (name ? `_${name}_` : ''); - static convertNameToLink: ( - node: string | undefined, - includeParent?: boolean, - ) => string; + static convertNameToLink: (node: string | undefined, includeParent?: boolean) => string; - static GITHUB_LINK = - 'https://github.com/thoughtspot/visual-embed-sdk/blob/main/src'; + static GITHUB_LINK = 'https://github.com/thoughtspot/visual-embed-sdk/blob/main/src'; static covertTypeDocText = (text: string) => { - // convert all {@link Name.hash} - // to xref:Name.adoc#hash[Name] - const matches = text.match(/{@link\s[^{]+}/g); - if (!matches) return text; - const updatedText = matches?.reduce((prevUpdatedText, curLinkText) => { - const linkTo = curLinkText.split(/\s/)[1].replace('}', ''); - const newLinkText = this.convertNameToLink(linkTo, true); + // 1) Convert Markdown links -> AsciiDoc links + const updated = text.replace( + /\[([^\]]+)\]\((https?:\/\/[^)]+)\)/g, + 'link:$2[$1]', + ); - if (!newLinkText) return prevUpdatedText; + // 2) Existing logic: convert {@link Name.hash} -> xref:... + const matches = updated.match(/{@link\s[^{]+}/g); + if (!matches) return updated; + return matches.reduce((prevUpdatedText, curLinkText) => { + const linkTo = curLinkText.split(/\s/)[1].replace(/}/g, ''); + const newLinkText = this.convertNameToLink(linkTo, true); + if (!newLinkText) return prevUpdatedText; return prevUpdatedText.replace(curLinkText, newLinkText); - }, text); - - return updatedText; + }, updated); }; // function to parse a tag @@ -195,7 +192,7 @@ class TypeDocInternalParser { if (tag.tag === 'example') return `${tag.text}\n`; if (tag.tag === 'param') { - return `\nParameter::\n${tag.text}\n`; + return `\nParameter::\n${this.covertTypeDocText(tag.text)}\n`; } if (tag.tag === 'deprecated') { return `[deprecated]#Deprecated : ${tag.text.replace( diff --git a/src/components/DevDocTemplate/index.tsx b/src/components/DevDocTemplate/index.tsx index be6ea8441..ad9f331ca 100644 --- a/src/components/DevDocTemplate/index.tsx +++ b/src/components/DevDocTemplate/index.tsx @@ -251,6 +251,10 @@ const DevDocTemplate: FC = (props) => { } url.searchParams.set('pageid', e.data.params.pageid); + const hash = e.data.subsection; + if (hash) { + url.hash = hash; + } window.history.replaceState({}, '', url.toString()); } } diff --git a/src/components/VersionIframe/index.tsx b/src/components/VersionIframe/index.tsx index fa818aaae..e6e23eaa3 100644 --- a/src/components/VersionIframe/index.tsx +++ b/src/components/VersionIframe/index.tsx @@ -34,11 +34,14 @@ const VersionIframe: React.FC = ({ } else if (mainUrlParams.has('pageId')) { url.searchParams.set('pageid', mainUrlParams.get('pageId')); } + if (location?.hash) { + url.hash = location?.hash; + } url.searchParams.set('_iframe', '1'); } return url.toString(); - }, [iframeUrl, isDarkMode, location?.search]); + }, [iframeUrl, isDarkMode, location?.search, location?.hash]); return (
diff --git a/src/intl/en.json b/src/intl/en.json index 5ba29665c..1e395a360 100644 --- a/src/intl/en.json +++ b/src/intl/en.json @@ -13,7 +13,7 @@ "CODE_COPY_BTN_HOVER_TEXT": "Copy to clipboard", "CODE_COPY_BTN_AFTER_CLICK_TEXT": "Copied!", "RIGHT_NAV_SIDERBAR_TITLE": "On this page", - "COPYRIGHT_TEXT": "© 2025 ThoughtSpot Inc. All Rights Reserved.", + "COPYRIGHT_TEXT": "© 2026 ThoughtSpot Inc. All Rights Reserved.", "KEYWORD_NOT_FOUND_MSG": "Sorry. We could not find a match for", "HEADER_BANNER_MAIN": "ThoughtSpot Embedded Documentation", "SEARCH_HINT_1": "Press", diff --git a/static/doc-images/images/v1-experience.png b/static/doc-images/images/v1-experience.png new file mode 100644 index 000000000..9777eb044 Binary files /dev/null and b/static/doc-images/images/v1-experience.png differ diff --git a/static/doc-images/images/v2-experience.png b/static/doc-images/images/v2-experience.png new file mode 100644 index 000000000..00c403ad6 Binary files /dev/null and b/static/doc-images/images/v2-experience.png differ diff --git a/static/doc-images/images/v3-experience.png b/static/doc-images/images/v3-experience.png new file mode 100644 index 000000000..3f988376c Binary files /dev/null and b/static/doc-images/images/v3-experience.png differ