- Documentation Overview
- Getting started with DoubleCloud
As a concept, embedding displays a DoubleCloud Visualization chart inside an iframe
Embedded chart rendering process
If you want to integrate a chart into your product, your web server will need to make requests to DoubleCloud each time the user updates the page containing the iframe with a chart.
You can see the process in the following diagram:
As shown above, the process of embedding passes through the following stages:
The user opens the web page containing an iframe. It sends a request to the Visualization address that looks as follows:
The browser extracts the token from the above URL and sends it to the Charts API.
The API exchanges the token for the chart configuration. At this stage, the service:
Extracts the chart's
embed IDfrom the token to retrieve the secrets from the database.
Validates the token using the secret's public key.
Verifies the query to the data source. It checks whether the embedded chart's
Entry IDcorresponds to the
chart_idand the identifiers of all its relevant dependencies.
After receiving the chart configuration, the service processes the visualization the same way it does within the DoubleCloud console.
The United Storage unpacks the token and uses the chart's
embed IDto validate the token and to authorize the current query.
Using unsigned parameters
If you specify one or more unsigned parameters while creating an embedding entity, you can pass those parameters directly to the URL, not to the JWT token.
This allows changing some chart parameters on the client side without regenerating the embedding token on the client. It can help implement such a date-time interval picker:
Row-level security in embedded charts
Row-level security (RLS) allows you to limit user access to data within the dataset used to generate a chart.
By default, the token for the embedded chart transfers no specific user credentials. This means the dataset will block the embedded chart's access to any RLS-protected fields.
If you want to display specific RLS-protected data in your embedded chart, pass a username as a signed parameter to apply the relevant RLS settings to your embedded chart.