Is it possible to dynamically modify the alue of the TALISMAN configuration in superse on a per request basis or for a user set it based on the url domain from which the request has orginated #40802
Replies: 1 comment
-
|
Short answer: No, That said, here are your options for a multi-domain, multi-tenant setup: 1. Talisman (CSP headers) Since Talisman is initialized once via 2. OAuth / Zitadel (dynamic provider selection by domain) Superset's OAuth config (via Flask-AppBuilder) is static — there's no built-in mechanism to route to different Zitadel instances based on the request domain. Possible workarounds:
3. Client-side API calls to domain-specific endpoints For your custom forms that need to call APIs matching the user's domain, you can use JavaScript to read Recommended architecture for your scenario: The most robust approach for 4 domains with different network access and identity providers is to use a reverse proxy that routes each domain to either:
A single Superset instance trying to dynamically serve 4 different security configurations is fighting against how Flask-Talisman and Flask-AppBuilder were designed. Infrastructure-level routing will give you the cleanest, most maintainable solution. To reply, just mention @dosu. Docs are dead. Just use Dosu.
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I am hosting a single Apache Superset 6.x instance in a multi-tenant fashion. Users arrive at Superset from 4 distinct domain links representing different environments/portals.
Network Split: 3 of these domains require a VPN to access, while 1 domain is completely public.
Identity Provider: We use Zitadel for authentication. OAUTH CONFIGURED
is it possible to dynamically modify the alue of the TALISMAN configuration in superset - i want to fetch the domain form which the user has come form and based on that i would need to keep that in the TALISMAN config is that possible?
I also have 4 zitadel links also , 1 publically acceble so is it possible to confgue the superset version 6 in such a way that :
if user selects the Superset A domain the next calls are send to the corresposing domain of Zitadel (Is that possibl ewhicle configuring the OAUTH_PROVIDERS)
I am making some API calls , at client side which requires a form (the form is custome made by which depend on the api data i provide)filling but the scenario is that , based on the user request i have to dynamically identify the url to which i have to make request to is that possible ? (that IF user is htting superset Domain A , then the endpoint for my api's should be actually called for those DOMAINS itslef is that possible ?? )
The challange is t correctly identify the url which the user is at and we need to make sure the Zitadel url configured is with that domain ; ialso talisman , but from what i read are these static at app startup , can i make it dynamic so that based on the users choice they are correctly redirected to the porper zitadel url and also the proper Talisman in configured and also the API calls are made to consistent domains
Beta Was this translation helpful? Give feedback.
All reactions