GenerateEmbedUrlForRegisteredUserWithIdentity
Generates an embed URL that you can use to embed an Amazon QuickSight experience in your website. This action can be used for any type of user that is registered in an Amazon QuickSight account that uses IAM Identity Center for authentication. This API requires identity-enhanced IAM Role sessions for the authenticated user that the API call is being made for.
This API uses trusted identity propagation to ensure that an end user is authenticated and receives the embed URL that is specific to that user. The IAM Identity Center application that the user has logged into needs to have trusted Identity Propagation enabled for Amazon QuickSight with the scope value set to quicksight:read
. Before you use this action, make sure that you have configured the relevant Amazon QuickSight resource and permissions.
Request Syntax
POST /accounts/AwsAccountId
/embed-url/registered-user-with-identity HTTP/1.1
Content-type: application/json
{
"AllowedDomains": [ "string
" ],
"ExperienceConfiguration": {
"Dashboard": {
"FeatureConfigurations": {
"Bookmarks": {
"Enabled": boolean
},
"SharedView": {
"Enabled": boolean
},
"StatePersistence": {
"Enabled": boolean
}
},
"InitialDashboardId": "string
"
},
"DashboardVisual": {
"InitialDashboardVisualId": {
"DashboardId": "string
",
"SheetId": "string
",
"VisualId": "string
"
}
},
"GenerativeQnA": {
"InitialTopicId": "string
"
},
"QSearchBar": {
"InitialTopicId": "string
"
},
"QuickSightConsole": {
"FeatureConfigurations": {
"SharedView": {
"Enabled": boolean
},
"StatePersistence": {
"Enabled": boolean
}
},
"InitialPath": "string
"
}
},
"SessionLifetimeInMinutes": number
}
URI Request Parameters
The request uses the following URI parameters.
- AwsAccountId
-
The ID of the AWS registered user.
Length Constraints: Fixed length of 12.
Pattern:
^[0-9]{12}$
Required: Yes
Request Body
The request accepts the following data in JSON format.
- ExperienceConfiguration
-
The type of experience you want to embed. For registered users, you can embed Amazon QuickSight dashboards or the Amazon QuickSight console.
Note
Exactly one of the experience configurations is required. You can choose
Dashboard
orQuickSightConsole
. You cannot choose more than one experience configuration.Type: RegisteredUserEmbeddingExperienceConfiguration object
Required: Yes
- AllowedDomains
-
A list of domains to be allowed to generate the embed URL.
Type: Array of strings
Required: No
- SessionLifetimeInMinutes
-
The validity of the session in minutes.
Type: Long
Valid Range: Minimum value of 15. Maximum value of 600.
Required: No
Response Syntax
HTTP/1.1 Status
Content-type: application/json
{
"EmbedUrl": "string",
"RequestId": "string"
}
Response Elements
If the action is successful, the service sends back the following HTTP response.
- Status
-
The HTTP status of the request.
The following data is returned in JSON format by the service.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You don't have access to this item. The provided credentials couldn't be validated. You might not be authorized to carry out the request. Make sure that your account is authorized to use the Amazon QuickSight service, that your policies have the correct permissions, and that you are using the correct credentials.
HTTP Status Code: 401
- InternalFailureException
-
An internal failure occurred.
HTTP Status Code: 500
- InvalidParameterValueException
-
One or more parameters has a value that isn't valid.
HTTP Status Code: 400
- QuickSightUserNotFoundException
-
The user with the provided name isn't found. This error can happen in any operation that requires finding a user based on a provided user name, such as
DeleteUser
,DescribeUser
, and so on.HTTP Status Code: 404
- ResourceNotFoundException
-
One or more resources can't be found.
HTTP Status Code: 404
- SessionLifetimeInMinutesInvalidException
-
The number of minutes specified for the lifetime of a session isn't valid. The session lifetime must be 15-600 minutes.
HTTP Status Code: 400
- ThrottlingException
-
Access is throttled.
HTTP Status Code: 429
- UnsupportedPricingPlanException
-
This error indicates that you are calling an embedding operation in Amazon QuickSight without the required pricing plan on your AWS account. Before you can use embedding for anonymous users, a QuickSight administrator needs to add capacity pricing to Amazon QuickSight. You can do this on the Manage Amazon QuickSight page.
After capacity pricing is added, you can use the
GetDashboardEmbedUrl
API operation with the--identity-type ANONYMOUS
option.HTTP Status Code: 403
- UnsupportedUserEditionException
-
This error indicates that you are calling an operation on an Amazon QuickSight subscription where the edition doesn't include support for that operation. Amazon Amazon QuickSight currently has Standard Edition and Enterprise Edition. Not every operation and capability is available in every edition.
HTTP Status Code: 403
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: