We are trying to embed QuickSight Dashboards seamlessly in an internal Sharepoint site. Sharepoint is authenticated using Microsoft Azure AD. We have successfully set up Single-Sign-On with Azure AD to access the QuickSight dashboard, however there are some issues with the user experience for the embedded dashboards -
A clean browser (cleared cookies) launches the dashboard. Before seeing the dashboard a popup window appears, prompting the user to Sign In. The QuickSight account name is pre-filled. The user doesn’t actually have to sign in as they are already signed-in with Sharepoint, so this popup isn’t needed.
We have one AWS account used for QuickSight, and many other AWS Accounts used for other services. If the user already opens an AWS Account in another tab, then launches the QuickSight Dashboard, a popup window opens prompting the user to ‘Sign up for QuickSight’ for the account that was already open. The QuickSight Account ID is in the dashboard URL, but it seems to be ignored if you are already logged in.
Has anyone successfully (and seamlessly) embedded QuickSight in a Sharepoint site?
I have never used share point, but have implemented the same solution with some other platforms.
If you have programming capability in share-point then generate an embed URL for the anonymous user through CLI, or use the respective AWS SDK, and then use that URL in iframe…
may i know if the SSO is setting up etween AzureAD and AWS? Or SSO between AzureAD and QuickSight?
If it was setup between QuickSight and AzureAD, the dashboard URL embedded in sharepoint already include QuickSight account name. When user tries to access the dashboard, QuickSight will check if the user has been authenticated in AzureAD. So, I think it should not prompt the sceen again. Instead, it should show the dashboard. But I don’t have a AzureAD to test on my end.
If the SSO setup is between AWS and Azure AD, when user tries to access QuickSight, QuickSight will not check the authentication token in AzureAD. I think it may be the scenario in your case. Appreciated if you can help to validate.
In the second scenario you mentioned, dashboard ID is not an unique identifier across all accounts as it can customized in API. therefore, QuickSight doesn’t know which account you are referring to.
If my assumption on the SSO integration setup is correct, setting up an integration between Azure AD and QuickSight should be able to solve both issues.
We have not heard back from you regarding your question. We would still like to help. If we do not hear back in the next 3 days, we will archive the question.
Archiving this question as we didn’t hear back from you after multiple reach outs.
Please post a new question if you still need help with this issue / for any future issues.