GetSessionEmbedUrl -

GetSessionEmbedUrl

Generates a session URL and authorization code that you can use to embed the Amazon QuickSight console in your web server code. Use GetSessionEmbedUrl where you want to provide an authoring portal that allows users to create data sources, datasets, analyses, and dashboards. The users who access an embedded QuickSight console need belong to the author or admin security cohort. If you want to restrict permissions to some of these features, add a custom permissions profile to the user with the UpdateUser API operation. Use RegisterUser API operation to add a new user with a custom permission profile attached. For more information, see the following sections in the Amazon QuickSight User Guide:

Request Syntax

GET /accounts/AwsAccountId/session-embed-url?entry-point=EntryPoint&session-lifetime=SessionLifetimeInMinutes&user-arn=UserArn HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.

AwsAccountId

The ID for the AWS account associated with your QuickSight subscription.

Length Constraints: Fixed length of 12.

Pattern: ^[0-9]{12}$

Required: Yes

EntryPoint

The URL you use to access the embedded session. The entry point URL is constrained to the following paths:

  • /start

  • /start/analyses

  • /start/dashboards

  • /start/favorites

  • /dashboards/DashboardId - where DashboardId is the actual ID key from the QuickSight console URL of the dashboard

  • /analyses/AnalysisId - where AnalysisId is the actual ID key from the QuickSight console URL of the analysis

Length Constraints: Minimum length of 1. Maximum length of 1000.

SessionLifetimeInMinutes

How many minutes the session is valid. The session lifetime must be 15-600 minutes.

Valid Range: Minimum value of 15. Maximum value of 600.

UserArn

The Amazon QuickSight user's Amazon Resource Name (ARN), for use with QUICKSIGHT identity type. You can use this for any type of Amazon QuickSight users in your account (readers, authors, or admins). They need to be authenticated as one of the following:

  1. Active Directory (AD) users or group members

  2. Invited nonfederated users

  3. IAM users and IAM role-based sessions authenticated through Federated Single Sign-On using SAML, OpenID Connect, or IAM federation

Omit this parameter for users in the third group – IAM users and IAM role-based sessions.

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 Status Content-type: application/json { "EmbedUrl": "string", "RequestId": "string" }

Response Elements

If the action is successful, the service sends back the following HTTP response.

Status

The HTTP status of the request.

The following data is returned in JSON format by the service.

EmbedUrl

A single-use URL that you can put into your server-side web page to embed your QuickSight session. This URL is valid for 5 minutes. The API operation provides the URL with an auth_code value that enables one (and only one) sign-on to a user session that is valid for 10 hours.

Type: String

RequestId

The AWS request ID for this operation.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have access to this item. The provided credentials couldn't be validated. You might not be authorized to carry out the request. Make sure that your account is authorized to use the Amazon QuickSight service, that your policies have the correct permissions, and that you are using the correct access keys.

HTTP Status Code: 401

InternalFailureException

An internal failure occurred.

HTTP Status Code: 500

InvalidParameterValueException

One or more parameters has a value that isn't valid.

HTTP Status Code: 400

QuickSightUserNotFoundException

The user with the provided name isn't found. This error can happen in any operation that requires finding a user based on a provided user name, such as DeleteUser, DescribeUser, and so on.

HTTP Status Code: 404

ResourceExistsException

The resource specified already exists.

HTTP Status Code: 409

ResourceNotFoundException

One or more resources can't be found.

HTTP Status Code: 404

SessionLifetimeInMinutesInvalidException

The number of minutes specified for the lifetime of a session isn't valid. The session lifetime must be 15-600 minutes.

HTTP Status Code: 400

ThrottlingException

Access is throttled.

HTTP Status Code: 429

UnsupportedUserEditionException

This error indicates that you are calling an operation on an Amazon QuickSight subscription where the edition doesn't include support for that operation. Amazon QuickSight currently has Standard Edition and Enterprise Edition. Not every operation and capability is available in every edition.

HTTP Status Code: 403

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: