Hi guys, we are utilizing jwt token to by pass signin when embedding opensearch dashboards in iframe in our website. When embedding the dashboard, can we
Automatically select the tenant used
Prevent user from switching tenant, as datasets belonging to other clients are under other tenants in the same domain?
Yes, I do believe that is achievable on both points.
On point #1, you could set the "default_tenant" : "Private" more info here. So then the user (JWT in your case) gets authorized it will get to the tenancy base on the roles:
i.e:
And on point #2 you can disable the Global_tenant so that the user in this case “john” can only access private tenancy (defined in the roles mapped to the user):