How to Implement ERP-Based Access Control in Embedded Bold BI Dashboards

In today’s data-driven enterprises, integrating Business Intelligence (BI) platforms with Enterprise Resource Planning (ERP) systems is vital. This integration ensures decision-makers have access to the right data while preserving the security and access controls already established within the ERP system.

This guide details best practices for aligning ERP-based user access control with Bold BI, a powerful embedded analytics solution.

Anonymous User Embedding

If you prefer not to import users into Bold BI but still want to use the application securely, Anonymous User Embedding is an ideal solution. One of the most effective methods for integrating ERP controls with BI is through Anonymous User Embedding. This approach allows the ERP application to maintain full control over session management and permissions while embedding the BI software anonymously.

With this method,

• Users who are not registered in the Bold BI Server can still access dashboards through group-based authorization using SDK-based embedding.
• If you want to control the Dashboard permissions, we can also use the Group permissions to provide the permission for the Dashboards.
• Ensures that the ERP application manages access control logic and dashboard visibility directly.
• Provides a seamless experience for users with secure, contextual access.
• For Anonymous Users and Embedding Scenarios: When embedding dashboards in an ERP system, Row level security (RLS) can be configured at the embedding level. This ensures external users see only relevant data based on their roles or attributes without requiring direct provisioning in Bold BI.

For more information on implementing anonymous user embedding, refer to the Anonymous User Documentation.

Inheriting ERP Controls in Bold BI

If you prefer to import the users to integrate ERP controls into Bold BI, consider the following high-level strategies:

1. User Authentication & Authorization:

   • Implement Single Sign-On (SSO) using protocols like OAuth2 or SAML to facilitate seamless login between the ERP and BI systems.
   • Synchronize user roles and permissions from the ERP to define access levels for data and dashboards.

2. Data Access Control (Row-Level Security):

   • Bold BI employs two primary security approaches for managing data access:
     • Role-Based Access Control (RBAC for Resources): This controls which dashboards and resources users can access.
     • Row-Level Security (RLS: This restricts which data rows users can view within those dashboards.

• Bold BI offers mechanisms for implementing row-level security in embedding, ensuring users only see data they are authorized to access based on their roles or attributes.:

Conclusion

Integrating ERP user controls into BI environments is crucial for maintaining secure and contextual data access. By leveraging features such as anonymous user embedding, role-based access control, and row-level security, organizations can ensure that their BI tools align with their ERP systems effectively.

For comprehensive implementation guidance on these topics, explore the referenced resources to implement effective data access control in your Bold BI environment.

Additional References

• User Guide Documentation: Anonymous User Embedding
• Knowledge Base Article: Implement role Based Access
• User Guide Documentation: Row-Level Security (RLS)