Some customers want their end users to have a report builder experience that is read-only, meaning that all reporting creating functionality is taken away. In some cases, even ephemeral analytical features like filtering and sorting are removed as well.

How does it work?

When you generate a JWT to be used for a report builder, you can add a rb_allowed_features claim to the JWT that indicates the allowed editing features for the report builder.

This is an optional claim, meaning it is not needed to construct a valid JWT. If it’s not passed in or the list that is passed in is the wildcard string (["*"]), all functionality will be allowed.

By default, end users will always be able to:

  • View reports.
  • Toggle favorite reports.
  • Configure scheduled emails.

Pass specific key words to allow corresponding capabilities:

  • flt -> Allow filtering of reports
  • srt -> Allow sorting of reports
  • core -> Allow core editing functionality (creating / editing reports, adding / editing views). If you are using this feature, more than likely you don’t want to add core to this list.

By default if the rb_allowed_features claim is in the JWT with the empty list ([]), then all editing capabilities are disabled. Here are some example configurations:

[]                 // Disable all editing capabilities
["flt", "srt"]     // Allow filtering and sorting
["flt"]            // Allow only filtering
["srt"]            // Allow only sorting
Duplicating Report BuildersAdd Explo Domains To CSP