GenerateEmbedUrlForRegisteredUserWithIdentity - Amazon QuickSight

GenerateEmbedUrlForRegisteredUserWithIdentity

Generates an embed URL that you can use to embed an Amazon QuickSight experience in your website. This action can be used for any type of user that is registered in an Amazon QuickSight account that uses IAM Identity Center for authentication. This API requires identity-enhanced IAM Role sessions for the authenticated user that the API call is being made for.

This API uses trusted identity propagation to ensure that an end user is authenticated and receives the embed URL that is specific to that user. The IAM Identity Center application that the user has logged into needs to have trusted Identity Propagation enabled for Amazon QuickSight with the scope value set to quicksight:read. Before you use this action, make sure that you have configured the relevant Amazon QuickSight resource and permissions.

Request Syntax

POST /accounts/AwsAccountId/embed-url/registered-user-with-identity HTTP/1.1 Content-type: application/json { "AllowedDomains": [ "string" ], "ExperienceConfiguration": { "Dashboard": { "FeatureConfigurations": { "Bookmarks": { "Enabled": boolean }, "SharedView": { "Enabled": boolean }, "StatePersistence": { "Enabled": boolean } }, "InitialDashboardId": "string" }, "DashboardVisual": { "InitialDashboardVisualId": { "DashboardId": "string", "SheetId": "string", "VisualId": "string" } }, "GenerativeQnA": { "InitialTopicId": "string" }, "QSearchBar": { "InitialTopicId": "string" }, "QuickSightConsole": { "FeatureConfigurations": { "SharedView": { "Enabled": boolean }, "StatePersistence": { "Enabled": boolean } }, "InitialPath": "string" } }, "SessionLifetimeInMinutes": number }

URI Request Parameters

The request uses the following URI parameters.

AwsAccountId

The ID of the AWS registered user.

Length Constraints: Fixed length of 12.

Pattern: ^[0-9]{12}$

Required: Yes

Request Body

The request accepts the following data in JSON format.

ExperienceConfiguration

The type of experience you want to embed. For registered users, you can embed Amazon QuickSight dashboards or the Amazon QuickSight console.

Note

Exactly one of the experience configurations is required. You can choose Dashboard or QuickSightConsole. You cannot choose more than one experience configuration.

Type: RegisteredUserEmbeddingExperienceConfiguration object

Required: Yes

AllowedDomains

A list of domains to be allowed to generate the embed URL.

Type: Array of strings

Required: No

SessionLifetimeInMinutes

The validity of the session in minutes.

Type: Long

Valid Range: Minimum value of 15. Maximum value of 600.

Required: No

Response Syntax

HTTP/1.1 Status Content-type: application/json { "EmbedUrl": "string", "RequestId": "string" }

Response Elements

If the action is successful, the service sends back the following HTTP response.

Status

The HTTP status of the request.

The following data is returned in JSON format by the service.

EmbedUrl

The generated embed URL for the registered user.

Type: String

RequestId

The AWS request ID for this operation.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have access to this item. The provided credentials couldn't be validated. You might not be authorized to carry out the request. Make sure that your account is authorized to use the Amazon QuickSight service, that your policies have the correct permissions, and that you are using the correct credentials.

HTTP Status Code: 401

InternalFailureException

An internal failure occurred.

HTTP Status Code: 500

InvalidParameterValueException

One or more parameters has a value that isn't valid.

HTTP Status Code: 400

QuickSightUserNotFoundException

The user with the provided name isn't found. This error can happen in any operation that requires finding a user based on a provided user name, such as DeleteUser, DescribeUser, and so on.

HTTP Status Code: 404

ResourceNotFoundException

One or more resources can't be found.

HTTP Status Code: 404

SessionLifetimeInMinutesInvalidException

The number of minutes specified for the lifetime of a session isn't valid. The session lifetime must be 15-600 minutes.

HTTP Status Code: 400

ThrottlingException

Access is throttled.

HTTP Status Code: 429

UnsupportedPricingPlanException

This error indicates that you are calling an embedding operation in Amazon QuickSight without the required pricing plan on your AWS account. Before you can use embedding for anonymous users, a QuickSight administrator needs to add capacity pricing to Amazon QuickSight. You can do this on the Manage Amazon QuickSight page.

After capacity pricing is added, you can use the GetDashboardEmbedUrl API operation with the --identity-type ANONYMOUS option.

HTTP Status Code: 403

UnsupportedUserEditionException

This error indicates that you are calling an operation on an Amazon QuickSight subscription where the edition doesn't include support for that operation. Amazon Amazon QuickSight currently has Standard Edition and Enterprise Edition. Not every operation and capability is available in every edition.

HTTP Status Code: 403

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: