fix(versioning): replace session-state guard with InvalidRequestError catch

The previous attempt (d0520f6766) was too aggressive: skipping when
parent is in session.dirty/new/deleted bypassed the
persistent-and-clean case the hook EXISTS for. Some upstream code
paths put the dataset in session.dirty *before* this listener fires
(API controllers touching audit fields, etc.), so the
session-membership pre-check made us silently no-op on the very
scenario the hook needs to handle. CI symptom:
test_dataset_column_edit_creates_parent_version showed before=317,
after=317 (parent shadow not written).

Restore the unconditional flag_modified and catch the specific
InvalidRequestError that fires only for the session.new case
(uuid default callable hasn't populated state yet). Other states
fall through to the original behavior:
- persistent + clean → flag_modified succeeds, parent goes dirty,
  Continuum picks it up, SkipUnmodifiedPlugin keeps the row via
  _has_dirty_versioned_children. ✓
- persistent + dirty → flag_modified is harmless (already dirty).
- session.new → InvalidRequestError, skip (parent INSERTs anyway).
- session.deleted → flag_modified may or may not raise; if it does,
  we skip; if not, the delete dominates.

Should unblock test_dataset_column_edit_creates_parent_version,
test_get_version_returns_historical_snapshot_with_children, and
test_restore_with_column_edits_reverts_columns.

.github/workflows/codeql-analysis.yml

@@ -41,7 +41,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
+        uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -53,6 +53,6 @@ jobs:
 
       - name: Perform CodeQL Analysis
         if: steps.check.outputs.python || steps.check.outputs.frontend
-        uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
+        uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4
         with:
           category: "/language:${{matrix.language}}"

UPDATING.md

@@ -24,6 +24,56 @@ assists people when migrating to a new version.
 
 ## Next
 
+### Entity version history for charts, dashboards, and datasets
+
+Saves of charts, dashboards, and datasets now automatically produce a version history — browsable and restorable via new API endpoints. No frontend UI in this release; the backend plumbing is the deliverable.
+
+**New endpoints** (per entity type — same pattern for `chart`, `dashboard`, and `dataset`):
+
+| Method | Path | Purpose |
+|---|---|---|
+| `GET` | `/api/v1/{resource}/<uuid>/versions/` | List the entity's version history (0-based `version_number`, `version_uuid`, `issued_at`, `changed_by`) |
+| `GET` | `/api/v1/{resource}/<uuid>/versions/<version_uuid>/` | Get a single version snapshot (scalar fields at that version; plus `columns` / `metrics` for datasets) |
+| `POST` | `/api/v1/{resource}/<uuid>/versions/<version_uuid>/restore` | Restore the entity to the state captured by that version |
+
+`<version_uuid>` is a deterministic `UUIDv5` derived from the entity's UUID and the Continuum transaction id — stable across replicas and retention pruning. Authorisation reuses the resource's existing `can_write` permission; workspace admins can list/restore any entity.
+
+**Version response shape — `changes` array:**
+
+Each entry returned by `GET /api/v1/{resource}/<uuid>/versions/` and `GET .../versions/<version_uuid>/` includes a `changes` array describing what changed relative to the previous version:
+
+```json
+"changes": [
+  {"kind": "field", "path": "slice_name", "from_value": "Old", "to_value": "New"}
+]
+```
+
+The array is empty for baseline (`operation_type=0`) transactions. `kind` enumerates structured record types (`field`, layout-walker records for dashboards, dataset child diffs for `TableColumn` / `SqlMetric`); `path` is a dotted JSON-pointer-style locator; `from_value` / `to_value` are JSON-safe scalars or compact records.
+
+**Save-response and ETag headers:**
+
+- Save responses (`PUT /api/v1/{resource}/<pk>`) include `old_version_uuid` and `new_version_uuid` body fields so the client can correlate a save with its resulting version row.
+- All entity GETs (`GET /api/v1/{chart,dashboard,dataset}/<pk>`), version-list GETs, single-version GETs, and save responses emit an `ETag: "<version_uuid>"` header reflecting the entity's current live version. The default `CORS_OPTIONS` now sets `expose_headers: ["ETag"]` so cross-origin browser clients can read the header. **No `If-Match` enforcement in v1** — `ETag` is informational; concurrent-edit detection is deferred to a follow-up SIP.
+- **Operators overriding `CORS_OPTIONS` in `superset_config.py` MUST include `"expose_headers": ["ETag"]`** (or merge with the default) for cross-origin clients to read the ETag. A bare `CORS_OPTIONS = {"origins": [...]}` will silently drop the expose-headers default.
+
+**Behaviour changes on save:**
+
+- Every save of a chart, dashboard, or dataset produces one new version row. Rows preserve the full post-save state (scalar fields for all three entity types; `TableColumn` / `SqlMetric` children for datasets; `dashboard_slices` chart membership for dashboards — children versioned via SQLAlchemy-Continuum shadow tables `table_columns_version`, `sql_metrics_version`, and `dashboard_slices_version`).
+- First save after an entity already exists in the DB creates a retroactive baseline version so the UI can show "what this looked like before I edited it."
+- Tags, owners, and roles are **not** versioned in v1 (ADR-005). A restore leaves those at their live values.
+
+**New config key:**
+
+| Key | Default | Purpose |
+|---|---|---|
+| `SUPERSET_VERSION_HISTORY_RETENTION_DAYS` | `30` | Versions older than this many days are pruned by a nightly Celery beat task (`superset.tasks.version_history_retention.prune_old_versions`). Each entity's live row (`end_transaction_id IS NULL`) is always preserved; closed historical rows including the baseline age out with the rest. Set to `0` to disable retention entirely. |
+
+**Impact on external integrations:**
+
+- New tables populated on every save — `dashboards_version`, `slices_version`, `tables_version` (parent shadow tables for the three entity types), `table_columns_version`, `sql_metrics_version`, `dashboard_slices_version` (child shadow tables), plus the shared `version_transaction` and `version_changes` tables. External tooling that queries Superset's DB directly will see writes to these tables proportional to save traffic.
+- Existing entity endpoints (`GET`/`PUT /api/v1/{chart,dashboard,dataset}/<pk>`) gain an `ETag` response header and the save response gains `old_version_uuid` / `new_version_uuid` body fields. No existing fields are removed or repurposed.
+- Version capture is always active — no feature flag.
+
 ### Granular Export Controls
 
 A new feature flag `GRANULAR_EXPORT_CONTROLS` introduces three fine-grained permissions that replace the legacy `can_csv` permission:
@@ -310,6 +360,246 @@ See `superset/mcp_service/PRODUCTION.md` for deployment guides.
   }
   ```
 
+### Composite primary keys on many-to-many association tables
+
+The eight M:N association tables listed below have been changed from a synthetic surrogate `id INTEGER PRIMARY KEY` to a composite `PRIMARY KEY (fk1, fk2)` on the two foreign-key columns. The `id` column is dropped, and the two tables that previously carried a redundant `UNIQUE (fk1, fk2)` constraint have that constraint removed (it is now subsumed by the composite primary key).
+
+**Affected tables and their composite-PK column pairs:**
+
+| Table | Composite PK |
+|---|---|
+| `dashboard_roles` | `(dashboard_id, role_id)` |
+| `dashboard_slices` | `(dashboard_id, slice_id)` |
+| `dashboard_user` | `(user_id, dashboard_id)` |
+| `report_schedule_user` | `(user_id, report_schedule_id)` |
+| `rls_filter_roles` | `(role_id, rls_filter_id)` |
+| `rls_filter_tables` | `(table_id, rls_filter_id)` |
+| `slice_user` | `(user_id, slice_id)` |
+| `sqlatable_user` | `(user_id, table_id)` |
+
+**Impact on external readers:** Any BI tool, custom report, backup script, or external integration that references these tables by their old surrogate `id` column (e.g., `SELECT id FROM dashboard_slices WHERE …`, `WHERE dashboard_slices.id IN (…)`) will break. Update such queries to project or filter on the FK pair (`dashboard_id, slice_id`) instead. The FK columns themselves are unchanged.
+
+**Pre-flight inventory queries.** Before applying the upgrade, operators are encouraged to run the queries below against their database to assess what the migration will change. Two classes of pre-existing data are not preserved by the migration: duplicate `(fk1, fk2)` rows (the migration keeps `MIN(id)` and deletes the rest) and rows with `NULL` in either FK column (the migration deletes them, since FK columns are promoted to `NOT NULL` for the composite PK). Compliance- or audit-sensitive operators should also `\copy` (Postgres) or `SELECT … INTO OUTFILE` (MySQL) the affected rows for their own records before upgrading.
+
+```sql
+-- Duplicate (fk1, fk2) pairs (the migration will keep MIN(id) per group, delete the rest)
+SELECT dashboard_id, role_id, COUNT(*) FROM dashboard_roles GROUP BY dashboard_id, role_id HAVING COUNT(*) > 1;
+SELECT dashboard_id, slice_id, COUNT(*) FROM dashboard_slices GROUP BY dashboard_id, slice_id HAVING COUNT(*) > 1;
+SELECT user_id, dashboard_id, COUNT(*) FROM dashboard_user GROUP BY user_id, dashboard_id HAVING COUNT(*) > 1;
+SELECT user_id, report_schedule_id, COUNT(*) FROM report_schedule_user GROUP BY user_id, report_schedule_id HAVING COUNT(*) > 1;
+SELECT role_id, rls_filter_id, COUNT(*) FROM rls_filter_roles GROUP BY role_id, rls_filter_id HAVING COUNT(*) > 1;
+SELECT table_id, rls_filter_id, COUNT(*) FROM rls_filter_tables GROUP BY table_id, rls_filter_id HAVING COUNT(*) > 1;
+SELECT user_id, slice_id, COUNT(*) FROM slice_user GROUP BY user_id, slice_id HAVING COUNT(*) > 1;
+SELECT user_id, table_id, COUNT(*) FROM sqlatable_user GROUP BY user_id, table_id HAVING COUNT(*) > 1;
+
+-- Rows with a NULL in either FK (the migration will delete these)
+SELECT COUNT(*) FROM dashboard_roles WHERE dashboard_id IS NULL OR role_id IS NULL;
+SELECT COUNT(*) FROM dashboard_slices WHERE dashboard_id IS NULL OR slice_id IS NULL;
+SELECT COUNT(*) FROM dashboard_user WHERE user_id IS NULL OR dashboard_id IS NULL;
+SELECT COUNT(*) FROM report_schedule_user WHERE user_id IS NULL OR report_schedule_id IS NULL;
+SELECT COUNT(*) FROM rls_filter_roles WHERE role_id IS NULL OR rls_filter_id IS NULL;
+SELECT COUNT(*) FROM rls_filter_tables WHERE table_id IS NULL OR rls_filter_id IS NULL;
+SELECT COUNT(*) FROM slice_user WHERE user_id IS NULL OR slice_id IS NULL;
+SELECT COUNT(*) FROM sqlatable_user WHERE user_id IS NULL OR table_id IS NULL;
+```
+
+**Sizing the maintenance window on PostgreSQL.** The queries above are dialect-portable but only count rows. Operators on PostgreSQL can run the diagnostic queries below to characterize the migration's runtime cost ahead of time: per-table row count and on-disk size, an aggregated duplicate roll-up, the external-FK pre-flight check (the migration runs the same check and aborts if it returns rows), and a rewrite-time estimate for the two tables that go through the slower full-table-rebuild path.
+
+```sql
+-- Per-table size, row count, and which migration path each will take.
+-- Two tables ("dashboard_slices", "report_schedule_user") have a
+-- redundant UNIQUE constraint that the migration drops via a full
+-- table rewrite (op.batch_alter_table(recreate="always")). The other
+-- six use direct ALTER TABLE, which is much cheaper.
+WITH affected(name, has_unique) AS (
+  VALUES
+    ('dashboard_roles',       false),
+    ('dashboard_slices',      true),
+    ('dashboard_user',        false),
+    ('report_schedule_user',  true),
+    ('rls_filter_roles',      false),
+    ('rls_filter_tables',     false),
+    ('slice_user',            false),
+    ('sqlatable_user',        false)
+)
+SELECT
+  a.name                                                AS table_name,
+  CASE WHEN a.has_unique THEN 'recreate (full rewrite)'
+       ELSE 'direct ALTER' END                          AS migration_path,
+  c.reltuples::bigint                                   AS estimated_rows,
+  pg_size_pretty(pg_total_relation_size(c.oid))         AS total_size,
+  pg_size_pretty(pg_relation_size(c.oid))               AS heap_size,
+  pg_size_pretty(pg_indexes_size(c.oid))                AS index_size
+FROM affected a
+JOIN pg_class c ON c.relname = a.name AND c.relkind = 'r'
+ORDER BY pg_total_relation_size(c.oid) DESC;
+```
+
+```sql
+-- Aggregated duplicate-row roll-up.
+-- "dup_groups" is the number of (fk1, fk2) pairs that appear more
+-- than once; "rows_dropped" is the total number of rows the
+-- migration will delete during the dedupe pass (it keeps MIN(id) per
+-- group and discards the rest).
+SELECT 'dashboard_roles'      AS t, COUNT(*) AS dup_groups, SUM(c) - COUNT(*) AS rows_dropped
+  FROM (SELECT COUNT(*) c FROM dashboard_roles      GROUP BY dashboard_id, role_id            HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'dashboard_slices',    COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM dashboard_slices     GROUP BY dashboard_id, slice_id           HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'dashboard_user',      COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM dashboard_user       GROUP BY user_id, dashboard_id            HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'report_schedule_user',COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM report_schedule_user GROUP BY user_id, report_schedule_id      HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'rls_filter_roles',    COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM rls_filter_roles     GROUP BY role_id, rls_filter_id           HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'rls_filter_tables',   COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM rls_filter_tables    GROUP BY table_id, rls_filter_id          HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'slice_user',          COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM slice_user           GROUP BY user_id, slice_id                HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'sqlatable_user',      COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM sqlatable_user       GROUP BY user_id, table_id                HAVING COUNT(*) > 1) g
+ORDER BY rows_dropped DESC NULLS LAST;
+```
+
+```sql
+-- External-FK pre-flight check.
+-- The migration runs the equivalent check at upgrade time and aborts
+-- if any external FK references one of the soon-to-be-removed `id`
+-- columns. Running it ahead of time lets you discover (and migrate)
+-- any such reference before the maintenance window. On a stock
+-- Superset install this should return zero rows. (Default schema
+-- only; multi-schema deployments need to broaden the lookup.)
+SELECT
+  rc.constraint_name,
+  kcu.table_schema || '.' || kcu.table_name AS referencing_table,
+  kcu.column_name                           AS referencing_column,
+  ccu.table_name                            AS referenced_table,
+  ccu.column_name                           AS referenced_column
+FROM information_schema.referential_constraints rc
+JOIN information_schema.key_column_usage      kcu
+  ON kcu.constraint_name = rc.constraint_name
+ AND kcu.constraint_schema = rc.constraint_schema
+JOIN information_schema.constraint_column_usage ccu
+  ON ccu.constraint_name = rc.constraint_name
+ AND ccu.constraint_schema = rc.constraint_schema
+WHERE ccu.table_name IN (
+        'dashboard_roles','dashboard_slices','dashboard_user',
+        'report_schedule_user','rls_filter_roles','rls_filter_tables',
+        'slice_user','sqlatable_user')
+  AND ccu.column_name = 'id';
+```
+
+```sql
+-- Lock-window estimate for the two full-rewrite tables.
+-- recreate="always" takes ACCESS EXCLUSIVE on the table for the full
+-- rewrite. Use heap size combined with your hardware's effective
+-- write throughput (~100-200 MB/s on commodity SSD; faster on NVMe)
+-- to size the maintenance window. The other six tables use direct
+-- ALTER and are dominated by composite-index build time, typically
+-- seconds for tables in the low millions of rows.
+SELECT
+  c.relname                                              AS table_name,
+  pg_size_pretty(pg_relation_size(c.oid))                AS heap_size,
+  pg_relation_size(c.oid) / 1024 / 1024                  AS heap_size_mb,
+  ROUND(pg_relation_size(c.oid) / 1024 / 1024 / 100.0, 1) AS est_rewrite_seconds_at_100mbs
+FROM pg_class c
+WHERE c.relname IN ('dashboard_slices', 'report_schedule_user');
+```
+
+**Sizing the maintenance window on MySQL.** Equivalent diagnostic queries for MySQL/InnoDB. One important difference from PostgreSQL: InnoDB rebuilds the clustered index on every PK change, so *all eight* tables undergo a full table rebuild on MySQL — not just the two that go through the explicit `recreate="always"` path. The lock-window estimate query below therefore covers all eight tables.
+
+```sql
+-- Per-table size, row count, and which migration path each will take.
+-- TABLE_ROWS is an InnoDB estimate (analogous to PostgreSQL's reltuples);
+-- run SELECT COUNT(*) per table for an exact count if needed.
+SELECT
+  TABLE_NAME AS table_name,
+  CASE WHEN TABLE_NAME IN ('dashboard_slices', 'report_schedule_user')
+       THEN 'recreate (explicit, drops UNIQUE)'
+       ELSE 'direct ALTER (still rebuilds InnoDB clustered index)'
+  END AS migration_path,
+  TABLE_ROWS                                                  AS estimated_rows,
+  CONCAT(ROUND((DATA_LENGTH + INDEX_LENGTH) / 1024 / 1024, 1), ' MB') AS total_size,
+  CONCAT(ROUND(DATA_LENGTH / 1024 / 1024, 1), ' MB')          AS heap_size,
+  CONCAT(ROUND(INDEX_LENGTH / 1024 / 1024, 1), ' MB')         AS index_size
+FROM information_schema.TABLES
+WHERE TABLE_SCHEMA = DATABASE()
+  AND TABLE_NAME IN (
+    'dashboard_roles', 'dashboard_slices', 'dashboard_user',
+    'report_schedule_user', 'rls_filter_roles', 'rls_filter_tables',
+    'slice_user', 'sqlatable_user'
+  )
+ORDER BY (DATA_LENGTH + INDEX_LENGTH) DESC;
+```
+
+```sql
+-- Aggregated duplicate-row roll-up. Same SQL as the PostgreSQL version
+-- (standard SQL); included here for copy-paste convenience.
+SELECT 'dashboard_roles'      AS t, COUNT(*) AS dup_groups, SUM(c) - COUNT(*) AS rows_dropped
+  FROM (SELECT COUNT(*) c FROM dashboard_roles      GROUP BY dashboard_id, role_id            HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'dashboard_slices',    COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM dashboard_slices     GROUP BY dashboard_id, slice_id           HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'dashboard_user',      COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM dashboard_user       GROUP BY user_id, dashboard_id            HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'report_schedule_user',COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM report_schedule_user GROUP BY user_id, report_schedule_id      HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'rls_filter_roles',    COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM rls_filter_roles     GROUP BY role_id, rls_filter_id           HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'rls_filter_tables',   COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM rls_filter_tables    GROUP BY table_id, rls_filter_id          HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'slice_user',          COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM slice_user           GROUP BY user_id, slice_id                HAVING COUNT(*) > 1) g
+UNION ALL SELECT 'sqlatable_user',      COUNT(*), SUM(c) - COUNT(*)
+  FROM (SELECT COUNT(*) c FROM sqlatable_user       GROUP BY user_id, table_id                HAVING COUNT(*) > 1) g
+ORDER BY rows_dropped DESC;
+```
+
+```sql
+-- External-FK pre-flight check. KEY_COLUMN_USAGE on MySQL carries
+-- both sides of the FK in a single row, so this is simpler than the
+-- PostgreSQL version. Should return zero rows on a stock install.
+SELECT
+  CONSTRAINT_NAME,
+  CONCAT(TABLE_SCHEMA, '.', TABLE_NAME)        AS referencing_table,
+  COLUMN_NAME                                  AS referencing_column,
+  REFERENCED_TABLE_NAME                        AS referenced_table,
+  REFERENCED_COLUMN_NAME                       AS referenced_column
+FROM information_schema.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = DATABASE()
+  AND REFERENCED_TABLE_NAME IN (
+    'dashboard_roles', 'dashboard_slices', 'dashboard_user',
+    'report_schedule_user', 'rls_filter_roles', 'rls_filter_tables',
+    'slice_user', 'sqlatable_user'
+  )
+  AND REFERENCED_COLUMN_NAME = 'id';
+```
+
+```sql
+-- Lock-window estimate for ALL EIGHT tables (InnoDB rebuilds the
+-- clustered index on PK change, so even "direct ALTER" is a rewrite).
+-- ADD PRIMARY KEY is INPLACE but not LOCK=NONE — it allows concurrent
+-- reads but blocks writes. Use heap size combined with your effective
+-- rebuild throughput (~100-200 MB/s on commodity SSD; higher on NVMe).
+SELECT
+  TABLE_NAME                                            AS table_name,
+  CONCAT(ROUND(DATA_LENGTH / 1024 / 1024, 1), ' MB')    AS heap_size,
+  ROUND(DATA_LENGTH / 1024 / 1024, 1)                   AS heap_size_mb,
+  ROUND(DATA_LENGTH / 1024 / 1024 / 100.0, 1)           AS est_rewrite_seconds_at_100mbs
+FROM information_schema.TABLES
+WHERE TABLE_SCHEMA = DATABASE()
+  AND TABLE_NAME IN (
+    'dashboard_roles', 'dashboard_slices', 'dashboard_user',
+    'report_schedule_user', 'rls_filter_roles', 'rls_filter_tables',
+    'slice_user', 'sqlatable_user'
+  )
+ORDER BY DATA_LENGTH DESC;
+```
+
+**Restoring an old `pg_dump` (or equivalent) against the new schema.** A dump taken before the migration includes `INSERT` statements that populate the now-removed `id` column. Restoring such a dump against the post-migration schema will fail. The supported workaround is to dump only the schema and reference data, then re-create the M:N associations from application data after restore — for example with `pg_dump --exclude-table-data` (or per-table `--exclude-table-data=dashboard_slices` etc.) for the eight junction tables, restore the rest, then run a one-shot script that re-INSERTs `(fk1, fk2)` pairs derived from your application export. Operators who need to restore an old dump verbatim should restore against a pre-migration Superset and then re-run the upgrade.
+
+**Intentional downgrade asymmetry.** The migration's `downgrade()` restores the surrogate `id` column and (for `dashboard_slices` and `report_schedule_user`) the original `UNIQUE (fk1, fk2)` constraint, but it does **not** restore the original `NULL`-allowed state on the FK columns — they remain `NOT NULL`. This is intentional: under SQLAlchemy's `secondary=` semantics, a `NULL` in either FK column of a junction table is meaningless (it cannot participate in either side of the relationship). Operators downgrading are not expected to need this restored. The asymmetry is documented for completeness so that round-trip schema diffs are not mistaken for migration bugs.
+
+**Constraint-name divergence between upgrade and downgrade.** The composite primary key created on upgrade is named `pk_<table>` (Alembic's default for `op.create_primary_key("pk_<table>", ...)`), while the surrogate `id` primary key restored on downgrade is named `<table>_pkey` (PostgreSQL's default convention for `PrimaryKeyConstraint("id")`). The two names alternate so that a round-trip (upgrade → downgrade → upgrade) does not collide on a pre-existing constraint name. Operators using schema-comparison tools (e.g. `pg_diff`, `migra`) against a downgraded database may see this as drift versus a fresh-install schema. It is cosmetic — no application code references either constraint name.
+
 ## 6.0.0
 - [33055](https://github.com/apache/superset/pull/33055): Upgrades Flask-AppBuilder to 5.0.0. The AUTH_OID authentication type has been deprecated and is no longer available as an option in Flask-AppBuilder. OpenID (OID) is considered a deprecated authentication protocol - if you are using AUTH_OID, you will need to migrate to an alternative authentication method such as OAuth, LDAP, or database authentication before upgrading.
 - [34871](https://github.com/apache/superset/pull/34871): Fixed Jest test hanging issue from Ant Design v5 upgrade. MessageChannel is now mocked in test environment to prevent rc-overflow from causing Jest to hang. Test environment only - no production impact.

docker-compose-mysql.yml

@@ -0,0 +1,117 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# Compose override that swaps the default Postgres metadata DB for MySQL 8.
+# Useful for evaluating dialect-specific behaviour (e.g., DDL-migration
+# cost on a deployment whose production metadata DB is MySQL).
+#
+# Usage:
+#   docker compose -f docker-compose.yml -f docker-compose-mysql.yml up
+#   docker compose -f docker-compose.yml -f docker-compose-mysql.yml down
+#
+# To switch back to Postgres, just drop the second `-f` flag — the MySQL
+# data lives in a separate volume (`db_home_mysql`) so neither side is
+# corrupted by switching dialects.
+#
+# Notes:
+#   - Mirrors the connection settings used by CI's `test-mysql` shard:
+#     dialect ``mysql+mysqldb``, charset utf8mb4 with binary_prefix.
+#   - Host port 13306 (configurable via DATABASE_PORT_MYSQL) to avoid
+#     colliding with a native MySQL install on 3306.
+#   - The Postgres-specific init scripts under
+#     docker/docker-entrypoint-initdb.d/ are not mounted (they are
+#     postgres-only); examples / cypress fixtures still load via
+#     `superset-init`'s post-startup steps.
+
+# Shared environment override applied to every Superset-side service that
+# connects to the metadata DB. ``environment:`` takes precedence over the
+# values inherited from the env_file in docker-compose.yml.
+x-mysql-env: &mysql-env
+  DATABASE_DIALECT: mysql+mysqldb
+  DATABASE_HOST: db
+  DATABASE_PORT: "3306"
+  DATABASE_DB: superset
+  DATABASE_USER: superset
+  DATABASE_PASSWORD: superset
+  SQLALCHEMY_DATABASE_URI: "mysql+mysqldb://superset:superset@db:3306/superset?charset=utf8mb4&binary_prefix=true"
+  # Override the analytics-examples DB connection too. ``EXAMPLES_PORT``
+  # in docker/.env is hardcoded to 5432 (the Postgres port); without
+  # this override the examples connection would try MySQL on 5432 and
+  # fail. The examples user/DB are created by docker/mysql-init/
+  # examples-init.sql on first MySQL boot.
+  EXAMPLES_HOST: db
+  EXAMPLES_PORT: "3306"
+  EXAMPLES_DB: examples
+  EXAMPLES_USER: examples
+  EXAMPLES_PASSWORD: examples
+  SUPERSET__SQLALCHEMY_EXAMPLES_URI: "mysql+mysqldb://examples:examples@db:3306/examples?charset=utf8mb4&binary_prefix=true"
+
+services:
+  db:
+    image: mysql:8.0
+    environment:
+      MYSQL_DATABASE: superset
+      MYSQL_USER: superset
+      MYSQL_PASSWORD: superset
+      MYSQL_ROOT_PASSWORD: root
+    # The original 5432 port mapping is harmless on a MySQL container
+    # (nothing listens on 5432 inside it) but we add 13306->3306 so the
+    # MySQL port is reachable from the host without colliding with a
+    # native MySQL on 3306. Compose merges port lists.
+    ports:
+      - "127.0.0.1:${DATABASE_PORT_MYSQL:-13306}:3306"
+    # Override the init-scripts mount by re-binding the same target path
+    # to a MySQL-compatible directory. Compose merges volume lists by
+    # target path; later definitions win on conflict, so this displaces
+    # the Postgres-specific ``./docker/docker-entrypoint-initdb.d`` mount
+    # from docker-compose.yml. Without this, MySQL would try to run
+    # ``cypress-init.sh`` (which invokes ``psql``, not in the MySQL
+    # image), abort the init phase, and never create the ``examples``
+    # database. Add the MySQL data volume separately.
+    volumes:
+      - db_home_mysql:/var/lib/mysql
+      - ./docker/mysql-init:/docker-entrypoint-initdb.d
+    command:
+      - --default-authentication-plugin=caching_sha2_password
+      - --character-set-server=utf8mb4
+      - --collation-server=utf8mb4_0900_ai_ci
+    healthcheck:
+      test: ["CMD-SHELL", "mysqladmin ping -h localhost -uroot -proot --silent"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
+
+  superset:
+    environment: *mysql-env
+
+  superset-init:
+    environment: *mysql-env
+
+  superset-worker:
+    environment: *mysql-env
+
+  superset-worker-beat:
+    environment: *mysql-env
+
+  superset-node:
+    environment: *mysql-env
+
+  superset-tests-worker:
+    environment: *mysql-env
+
+volumes:
+  db_home_mysql:

docker/mysql-init/examples-init.sql

@@ -0,0 +1,32 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+-- MySQL counterpart to docker/docker-entrypoint-initdb.d/examples-init.sh.
+-- Creates the analytics-examples database and user that Superset's
+-- ``load-examples`` command writes to. Mounted by docker-compose-mysql.yml
+-- at /docker-entrypoint-initdb.d/ so the MySQL image's first-boot
+-- entrypoint runs it automatically. (The Postgres init scripts under
+-- docker/docker-entrypoint-initdb.d/ are NOT mounted on the MySQL
+-- service — they invoke psql, which doesn't exist in the MySQL image.)
+
+CREATE DATABASE IF NOT EXISTS examples
+  CHARACTER SET utf8mb4
+  COLLATE utf8mb4_0900_ai_ci;
+
+CREATE USER IF NOT EXISTS 'examples'@'%' IDENTIFIED BY 'examples';
+GRANT ALL PRIVILEGES ON examples.* TO 'examples'@'%';
+FLUSH PRIVILEGES;

docs/DOCS_CLAUDE.md

@@ -52,11 +52,11 @@ yarn serve                # Serve built site locally
 # For maximum-detail databases.json, drop the `database-diagnostics`
 # artifact from Python-Integration CI at src/data/databases.json before
 # cutting. See README.md "Before You Cut".
-yarn version:add:docs <version>              # Add new docs version
+yarn version:add:user_docs <version>              # Add new docs version
 yarn version:add:admin_docs <version>        # Add admin docs version
 yarn version:add:developer_docs <version>    # Add developer docs version
 yarn version:add:components <version>        # Add components version
-yarn version:remove:docs <version>           # Remove docs version
+yarn version:remove:user_docs <version>           # Remove docs version
 yarn version:remove:admin_docs <version>     # Remove admin docs version
 yarn version:remove:developer_docs <version> # Remove developer docs version
 yarn version:remove:components <version>     # Remove components version
@@ -228,17 +228,20 @@ Versions are managed through `versions-config.json`:
 
 ```bash
 # ✅ CORRECT - Updates both Docusaurus and versions-config.json
-yarn version:add:docs 6.1.0
+yarn version:add:user_docs 6.1.0
 
 # ❌ WRONG - Only updates Docusaurus, breaks version dropdown
 yarn docusaurus docs:version 6.1.0
 ```
 
 ### Version Files Created
-When versioning, these files are created:
-- `versioned_docs/version-X.X.X/` - Snapshot of current docs
-- `versioned_sidebars/version-X.X.X-sidebars.json` - Sidebar config
-- `versions.json` - List of all versions
+When versioning, these files are created (per section, with the
+section's plugin id as prefix):
+- `<section>_versioned_docs/version-X.X.X/` - Snapshot of current docs
+- `<section>_versioned_sidebars/version-X.X.X-sidebars.json` - Sidebar config
+- `<section>_versions.json` - List of all versions
+
+Section plugin ids: `user_docs`, `admin_docs`, `developer_docs`, `components`.
 
 ## 🎨 Styling and Theming
 
@@ -386,7 +389,7 @@ Docusaurus includes Algolia DocSearch integration configured in `docusaurus.conf
 
 ## 🚫 Common Pitfalls to Avoid
 
-1. **Never use `yarn docusaurus docs:version`** - Use `yarn version:add:docs` instead
+1. **Never use `yarn docusaurus docs:version`** - Use `yarn version:add:user_docs` instead
 2. **Don't edit versioned docs directly** - Edit current docs and create new version
 3. **Avoid absolute paths in links** - Use relative paths for maintainability
 4. **Don't forget frontmatter** - Every doc needs title and description
@@ -416,7 +419,7 @@ yarn eslint
 ### Version Issues
 If versions don't appear in dropdown:
 1. Check `versions-config.json` includes the version
-2. Verify version files exist in `versioned_docs/`
+2. Verify version files exist in `<section>_versioned_docs/`
 3. Restart dev server
 
 ## 📚 Resources

docs/README.md

@@ -53,7 +53,7 @@ Also: confirm `master` CI is green, and that your local checkout matches the SHA
 
 ```bash
 # Main Documentation
-yarn version:add:docs 1.2.0
+yarn version:add:user_docs 1.2.0
 
 # Admin Docs
 yarn version:add:admin_docs 1.2.0
@@ -98,7 +98,7 @@ If creating versions manually, you'll need to:
    - **Versioned sidebars**: `[section]_versioned_sidebars/version-X.X.X-sidebars.json`
    - **Versions list**: `[section]_versions.json`
 
-   Note: For main docs, the prefix is omitted (e.g., `versioned_docs/` instead of `docs_versioned_docs/`)
+   All four sections (`user_docs`, `admin_docs`, `developer_docs`, `components`) follow this naming pattern uniformly.
 
 3. **Important**: After adding a version, restart the development server to see changes:
    ```bash
@@ -111,7 +111,7 @@ If creating versions manually, you'll need to:
 #### Using Automated Scripts (Recommended)
 ```bash
 # Main Documentation
-yarn version:remove:docs 1.0.0
+yarn version:remove:user_docs 1.0.0
 
 # Admin Docs
 yarn version:remove:admin_docs 1.0.0
@@ -127,19 +127,19 @@ yarn version:remove:components 1.0.0
 To manually remove a version:
 
 1. **Delete the version folder** from the appropriate location:
-   - Main docs: `versioned_docs/version-X.X.X/` (no prefix for main)
+   - User Docs: `user_docs_versioned_docs/version-X.X.X/`
    - Admin Docs: `admin_docs_versioned_docs/version-X.X.X/`
    - Developer Docs: `developer_docs_versioned_docs/version-X.X.X/`
    - Components: `components_versioned_docs/version-X.X.X/`
 
 2. **Delete the version metadata file**:
-   - Main docs: `versioned_sidebars/version-X.X.X-sidebars.json` (no prefix)
+   - User Docs: `user_docs_versioned_sidebars/version-X.X.X-sidebars.json`
    - Admin Docs: `admin_docs_versioned_sidebars/version-X.X.X-sidebars.json`
    - Developer Docs: `developer_docs_versioned_sidebars/version-X.X.X-sidebars.json`
    - Components: `components_versioned_sidebars/version-X.X.X-sidebars.json`
 
 3. **Update the versions list file**:
-   - Main docs: `versions.json`
+   - User Docs: `user_docs_versions.json`
    - Admin Docs: `admin_docs_versions.json`
    - Developer Docs: `developer_docs_versions.json`
    - Components: `components_versions.json`
@@ -212,8 +212,8 @@ docs: {
 If you accidentally used `yarn docusaurus docs:version` instead of `yarn version:add`:
 1. **Problem**: The version files were created but `versions-config.json` wasn't updated
 2. **Solution**: Either:
-   - Revert the changes: `git restore versions.json && rm -rf versioned_docs/ versioned_sidebars/`
-   - Then use the correct command: `yarn version:add:docs <version>`
+   - Revert the changes: `git restore user_docs_versions.json && rm -rf user_docs_versioned_docs/ user_docs_versioned_sidebars/`
+   - Then use the correct command: `yarn version:add:user_docs <version>`
 
 For other issues:
 - **Restart the server**: Changes to version configuration require a server restart

docs/admin_docs/configuration/mcp-server.mdx

@@ -502,6 +502,7 @@ All MCP settings go in `superset_config.py`. Defaults are defined in `superset/m
 | `MCP_DEBUG` | `False` | Enable debug logging |
 | `MCP_DEV_USERNAME` | -- | Superset username for development mode (no auth) |
 | `MCP_RBAC_ENABLED` | `True` | Enforce Superset's role-based access control on MCP tool calls. When `True`, each tool checks that the authenticated user has the required FAB permission before executing. Disable only for testing or trusted-network deployments. |
+| `MCP_DISABLED_TOOLS` | `set()` | Set of tool names to remove from the MCP server at startup. Disabled tools are never advertised to AI clients during tool discovery. Useful when a custom extension tool should replace a built-in Superset tool. See [Disabling built-in tools](#disabling-built-in-tools). |
 
 ### Authentication
 
@@ -825,6 +826,32 @@ while True:
     page += 1
 ```
 
+## Disabling built-in tools
+
+If you have deployed a custom tool via a Superset extension that supersedes one of the built-in Superset tools, you can suppress the built-in version so AI clients only discover your replacement. Disabled tools are removed from the server at startup and are never advertised during tool discovery.
+
+Set `MCP_DISABLED_TOOLS` in your `superset_config.py` to a set of tool names:
+
+```python
+# superset_config.py
+
+# Disable one tool
+MCP_DISABLED_TOOLS = {"execute_sql"}
+
+# Disable multiple tools
+MCP_DISABLED_TOOLS = {"execute_sql", "health_check"}
+```
+
+Tool names match the function name used in the `@tool` decorator (e.g., `execute_sql`, `list_charts`, `health_check`). Extension-prefixed tools can also be disabled using their full prefixed name:
+
+```python
+MCP_DISABLED_TOOLS = {"extensions.myorg.myextension.some_tool"}
+```
+
+:::note
+Specifying a tool name that does not exist logs a warning at startup and is otherwise ignored — it will not prevent the server from starting.
+:::
+
 ## Security Best Practices
 
 - **Use TLS** for all production MCP endpoints -- place the server behind a reverse proxy with HTTPS

docs/admin_docs_versioned_docs/version-6.1.0/_versioned_data/data/countries.json

@@ -0,0 +1,205 @@
+{
+  "countries": [
+    "Afghanistan",
+    "Aland",
+    "Albania",
+    "Algeria",
+    "American Samoa",
+    "Andorra",
+    "Angola",
+    "Anguilla",
+    "Antarctica",
+    "Antigua And Barbuda",
+    "Argentina",
+    "Armenia",
+    "Australia",
+    "Austria",
+    "Azerbaijan",
+    "Bahrain",
+    "Bangladesh",
+    "Barbados",
+    "Belarus",
+    "Belgium",
+    "Belize",
+    "Benin",
+    "Bermuda",
+    "Bhutan",
+    "Bolivia",
+    "Bosnia And Herzegovina",
+    "Botswana",
+    "Brazil",
+    "Brunei",
+    "Bulgaria",
+    "Burkina Faso",
+    "Burundi",
+    "Cambodia",
+    "Cameroon",
+    "Canada",
+    "Cape Verde",
+    "Central African Republic",
+    "Chad",
+    "Chile",
+    "China",
+    "Colombia",
+    "Comoros",
+    "Cook Islands",
+    "Costa Rica",
+    "Croatia",
+    "Cuba",
+    "Cyprus",
+    "Czech Republic",
+    "Democratic Republic Of The Congo",
+    "Denmark",
+    "Djibouti",
+    "Dominica",
+    "Dominican Republic",
+    "Ecuador",
+    "Egypt",
+    "El Salvador",
+    "Equatorial Guinea",
+    "Eritrea",
+    "Estonia",
+    "Ethiopia",
+    "Fiji",
+    "Finland",
+    "France",
+    "France (with overseas)",
+    "France (regions)",
+    "French Polynesia",
+    "Gabon",
+    "Gambia",
+    "Germany",
+    "Ghana",
+    "Greece",
+    "Greenland",
+    "Grenada",
+    "Guatemala",
+    "Guinea",
+    "Guyana",
+    "Haiti",
+    "Honduras",
+    "Hungary",
+    "Iceland",
+    "India",
+    "Indonesia",
+    "Iran",
+    "Israel",
+    "Italy",
+    "Italy (regions)",
+    "Ivory Coast",
+    "Japan",
+    "Jordan",
+    "Kazakhstan",
+    "Kenya",
+    "Korea",
+    "Kuwait",
+    "Kyrgyzstan",
+    "Laos",
+    "Latvia",
+    "Lebanon",
+    "Lesotho",
+    "Liberia",
+    "Libya",
+    "Liechtenstein",
+    "Lithuania",
+    "Luxembourg",
+    "Macedonia",
+    "Madagascar",
+    "Malawi",
+    "Malaysia",
+    "Maldives",
+    "Mali",
+    "Malta",
+    "Marshall Islands",
+    "Mauritania",
+    "Mauritius",
+    "Mexico",
+    "Moldova",
+    "Mongolia",
+    "Montenegro",
+    "Montserrat",
+    "Morocco",
+    "Mozambique",
+    "Myanmar",
+    "Namibia",
+    "Nauru",
+    "Nepal",
+    "Netherlands",
+    "New Caledonia",
+    "New Zealand",
+    "Nicaragua",
+    "Niger",
+    "Nigeria",
+    "Northern Mariana Islands",
+    "Norway",
+    "Oman",
+    "Pakistan",
+    "Palau",
+    "Panama",
+    "Papua New Guinea",
+    "Paraguay",
+    "Peru",
+    "Philippines",
+    "Philippines (regions)",
+    "Poland",
+    "Portugal",
+    "Qatar",
+    "Republic Of Serbia",
+    "Romania",
+    "Russia",
+    "Rwanda",
+    "Saint Lucia",
+    "Saint Pierre And Miquelon",
+    "Saint Vincent And The Grenadines",
+    "Samoa",
+    "San Marino",
+    "Sao Tome And Principe",
+    "Saudi Arabia",
+    "Senegal",
+    "Seychelles",
+    "Sierra Leone",
+    "Singapore",
+    "Slovakia",
+    "Slovenia",
+    "Solomon Islands",
+    "Somalia",
+    "South Africa",
+    "Spain",
+    "Sri Lanka",
+    "Sudan",
+    "Suriname",
+    "Sweden",
+    "Switzerland",
+    "Syria",
+    "Taiwan",
+    "Tajikistan",
+    "Tanzania",
+    "Thailand",
+    "The Bahamas",
+    "Timorleste",
+    "Togo",
+    "Tonga",
+    "Trinidad And Tobago",
+    "Tunisia",
+    "Turkey",
+    "Turkey (regions)",
+    "Turkmenistan",
+    "Turks And Caicos Islands",
+    "Uganda",
+    "UK",
+    "Ukraine",
+    "United Arab Emirates",
+    "United States Minor Outlying Islands",
+    "United States Virgin Islands",
+    "Uruguay",
+    "USA",
+    "Uzbekistan",
+    "Vanuatu",
+    "Venezuela",
+    "Vietnam",
+    "Wallis And Futuna",
+    "Yemen",
+    "Zambia",
+    "Zimbabwe"
+  ]
+}

docs/admin_docs_versioned_docs/version-6.1.0/_versioned_data/static/feature-flags.json

@@ -0,0 +1,418 @@
+{
+  "generated": true,
+  "source": "superset/config.py",
+  "flags": {
+    "development": [
+      {
+        "name": "AG_GRID_TABLE_ENABLED",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enables Table V2 (AG Grid) viz plugin"
+      },
+      {
+        "name": "ALERT_REPORT_TABS",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enables experimental tabs UI for Alerts and Reports"
+      },
+      {
+        "name": "CHART_PLUGINS_EXPERIMENTAL",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enables experimental chart plugins"
+      },
+      {
+        "name": "CSV_UPLOAD_PYARROW_ENGINE",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Experimental PyArrow engine for CSV parsing (may have issues with dates/nulls)"
+      },
+      {
+        "name": "DATASET_FOLDERS",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Allow metrics and columns to be grouped into folders in the chart builder"
+      },
+      {
+        "name": "DATE_RANGE_TIMESHIFTS_ENABLED",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enable support for date range timeshifts (e.g., \"2015-01-03 : 2015-01-04\") in addition to relative timeshifts (e.g., \"1 day ago\")"
+      },
+      {
+        "name": "ENABLE_ADVANCED_DATA_TYPES",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enables advanced data type support"
+      },
+      {
+        "name": "ENABLE_EXTENSIONS",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enable Superset extensions for custom functionality without modifying core"
+      },
+      {
+        "name": "FAB_API_KEY_ENABLED",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enable API key authentication via FAB SecurityManager When enabled, users can create/manage API keys in the User Info page"
+      },
+      {
+        "name": "GRANULAR_EXPORT_CONTROLS",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enable granular export controls (can_export_data, can_export_image, can_copy_clipboard) instead of the single can_csv permission"
+      },
+      {
+        "name": "MATRIXIFY",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enable Matrixify feature for matrix-style chart layouts"
+      },
+      {
+        "name": "OPTIMIZE_SQL",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Try to optimize SQL queries \u2014 for now only predicate pushdown is supported"
+      },
+      {
+        "name": "PRESTO_EXPAND_DATA",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Expand nested types in Presto into extra columns/arrays. Experimental, doesn't work with all nested types."
+      },
+      {
+        "name": "SEMANTIC_LAYERS",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enable semantic layers and show semantic views alongside datasets"
+      },
+      {
+        "name": "TABLE_V2_TIME_COMPARISON_ENABLED",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enable Table V2 time comparison feature"
+      },
+      {
+        "name": "TAGGING_SYSTEM",
+        "default": false,
+        "lifecycle": "development",
+        "description": "Enables the tagging system for organizing assets"
+      }
+    ],
+    "testing": [
+      {
+        "name": "ALERT_REPORTS",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enables Alerts and Reports functionality",
+        "docs": "https://superset.apache.org/docs/configuration/alerts-reports"
+      },
+      {
+        "name": "ALERT_REPORTS_FILTER",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enables filter functionality in Alerts and Reports"
+      },
+      {
+        "name": "ALERT_REPORT_SLACK_V2",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enables Slack V2 integration for Alerts and Reports"
+      },
+      {
+        "name": "ALERT_REPORT_WEBHOOK",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enables webhook integration for Alerts and Reports"
+      },
+      {
+        "name": "ALLOW_FULL_CSV_EXPORT",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Allow users to export full CSV of table viz type. Warning: Could cause server memory/compute issues with large datasets."
+      },
+      {
+        "name": "AWS_DATABASE_IAM_AUTH",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enable AWS IAM authentication for database connections (Aurora, Redshift). Allows cross-account role assumption via STS AssumeRole. Security note: When enabled, ensure Superset's IAM role has restricted sts:AssumeRole permissions to prevent unauthorized access."
+      },
+      {
+        "name": "CACHE_IMPERSONATION",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enable caching per impersonation key in datasources with user impersonation"
+      },
+      {
+        "name": "DATE_FORMAT_IN_EMAIL_SUBJECT",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Allow users to optionally specify date formats in email subjects",
+        "docs": "https://superset.apache.org/docs/configuration/alerts-reports"
+      },
+      {
+        "name": "DYNAMIC_PLUGINS",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enable dynamic plugin loading"
+      },
+      {
+        "name": "ENABLE_DASHBOARD_DOWNLOAD_WEBDRIVER_SCREENSHOT",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Generate screenshots (PDF/JPG) of dashboards using web driver. Depends on ENABLE_DASHBOARD_SCREENSHOT_ENDPOINTS."
+      },
+      {
+        "name": "ENABLE_DASHBOARD_SCREENSHOT_ENDPOINTS",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enables endpoints to cache and retrieve dashboard screenshots via webdriver. Requires Celery and THUMBNAIL_CACHE_CONFIG."
+      },
+      {
+        "name": "ENABLE_SUPERSET_META_DB",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Allows users to add a superset:// DB that can query across databases. Experimental with potential security/performance risks. See SUPERSET_META_DB_LIMIT.",
+        "docs": "https://superset.apache.org/user-docs/databases/supported/superset-meta-database"
+      },
+      {
+        "name": "ESTIMATE_QUERY_COST",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enable query cost estimation. Supported in Presto, Postgres, and BigQuery. Requires `cost_estimate_enabled: true` in database `extra` attribute."
+      },
+      {
+        "name": "GLOBAL_ASYNC_QUERIES",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Enable async queries for dashboards and Explore via WebSocket. Requires Redis 5.0+ and Celery workers.",
+        "docs": "https://superset.apache.org/docs/contributing/misc#async-chart-queries"
+      },
+      {
+        "name": "IMPERSONATE_WITH_EMAIL_PREFIX",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "When impersonating a user, use the email prefix instead of username"
+      },
+      {
+        "name": "PLAYWRIGHT_REPORTS_AND_THUMBNAILS",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Replace Selenium with Playwright for reports and thumbnails. Supports deck.gl visualizations. Requires playwright pip package."
+      },
+      {
+        "name": "RLS_IN_SQLLAB",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Apply RLS rules to SQL Lab queries. Requires query parsing/manipulation. May break queries or allow RLS bypass. Use with care!"
+      },
+      {
+        "name": "SSH_TUNNELING",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Allow users to enable SSH tunneling when creating a DB connection. DB engine must support SSH Tunnels.",
+        "docs": "https://superset.apache.org/docs/configuration/setup-ssh-tunneling"
+      },
+      {
+        "name": "USE_ANALOGOUS_COLORS",
+        "default": false,
+        "lifecycle": "testing",
+        "description": "Use analogous colors in charts"
+      }
+    ],
+    "stable": [
+      {
+        "name": "ALERTS_ATTACH_REPORTS",
+        "default": true,
+        "lifecycle": "stable",
+        "description": "When enabled, alerts send email/slack with screenshot AND link. When disabled, alerts send only link; reports still send screenshot.",
+        "category": "runtime_config"
+      },
+      {
+        "name": "ALLOW_ADHOC_SUBQUERY",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Allow ad-hoc subqueries in SQL Lab",
+        "category": "runtime_config"
+      },
+      {
+        "name": "CACHE_QUERY_BY_USER",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Enable caching per user key for Superset cache",
+        "category": "runtime_config"
+      },
+      {
+        "name": "CSS_TEMPLATES",
+        "default": true,
+        "lifecycle": "stable",
+        "description": "Enables CSS Templates in Settings menu and dashboard forms",
+        "category": "runtime_config"
+      },
+      {
+        "name": "DASHBOARD_RBAC",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Role-based access control for dashboards",
+        "docs": "https://superset.apache.org/docs/using-superset/creating-your-first-dashboard",
+        "category": "runtime_config"
+      },
+      {
+        "name": "DASHBOARD_VIRTUALIZATION",
+        "default": true,
+        "lifecycle": "stable",
+        "description": "Enables dashboard virtualization for improved performance",
+        "category": "path_to_deprecation"
+      },
+      {
+        "name": "DASHBOARD_VIRTUALIZATION_DEFER_DATA",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Supports simultaneous data and dashboard virtualization for backend performance",
+        "category": "runtime_config"
+      },
+      {
+        "name": "DATAPANEL_CLOSED_BY_DEFAULT",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Data panel closed by default in chart builder",
+        "category": "runtime_config"
+      },
+      {
+        "name": "DISABLE_EMBEDDED_SUPERSET_LOGOUT",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Hide the logout button in embedded contexts (e.g., when using SSO in iframes)",
+        "docs": "https://superset.apache.org/docs/configuration/networking-settings#hiding-the-logout-button-in-embedded-contexts",
+        "category": "runtime_config"
+      },
+      {
+        "name": "DRILL_BY",
+        "default": true,
+        "lifecycle": "stable",
+        "description": "Enable drill-by functionality in charts",
+        "category": "runtime_config"
+      },
+      {
+        "name": "DRUID_JOINS",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Enable Druid JOINs (requires Druid version with JOIN support)",
+        "category": "runtime_config"
+      },
+      {
+        "name": "EMBEDDABLE_CHARTS",
+        "default": true,
+        "lifecycle": "stable",
+        "description": "Enable sharing charts with embedding",
+        "category": "runtime_config"
+      },
+      {
+        "name": "EMBEDDED_SUPERSET",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Enable embedded Superset functionality",
+        "category": "runtime_config"
+      },
+      {
+        "name": "ENABLE_FACTORY_RESET_COMMAND",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Enable factory reset CLI command",
+        "category": "internal"
+      },
+      {
+        "name": "ENABLE_TEMPLATE_PROCESSING",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Enable Jinja templating in SQL queries",
+        "category": "runtime_config"
+      },
+      {
+        "name": "ESCAPE_MARKDOWN_HTML",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Escape HTML in Markdown components (rather than rendering it)",
+        "category": "runtime_config"
+      },
+      {
+        "name": "FILTERBAR_CLOSED_BY_DEFAULT",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Filter bar closed by default when opening dashboard",
+        "category": "runtime_config"
+      },
+      {
+        "name": "FORCE_GARBAGE_COLLECTION_AFTER_EVERY_REQUEST",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Force garbage collection after every request",
+        "category": "runtime_config"
+      },
+      {
+        "name": "LISTVIEWS_DEFAULT_CARD_VIEW",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Use card view as default in list views",
+        "category": "runtime_config"
+      },
+      {
+        "name": "MENU_HIDE_USER_INFO",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Hide user info in the navigation menu",
+        "category": "runtime_config"
+      },
+      {
+        "name": "SLACK_ENABLE_AVATARS",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Use Slack avatars for users. Requires adding slack-edge.com to TALISMAN_CONFIG.",
+        "category": "runtime_config"
+      },
+      {
+        "name": "SQLLAB_BACKEND_PERSISTENCE",
+        "default": true,
+        "lifecycle": "stable",
+        "description": "Enable SQL Lab backend persistence for query state",
+        "category": "runtime_config"
+      },
+      {
+        "name": "SQLLAB_FORCE_RUN_ASYNC",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Force SQL Lab to run async via Celery regardless of database settings",
+        "category": "runtime_config"
+      },
+      {
+        "name": "THUMBNAILS",
+        "default": false,
+        "lifecycle": "stable",
+        "description": "Exposes API endpoint to compute thumbnails",
+        "docs": "https://superset.apache.org/docs/configuration/cache",
+        "category": "runtime_config"
+      }
+    ],
+    "deprecated": [
+      {
+        "name": "AVOID_COLORS_COLLISION",
+        "default": true,
+        "lifecycle": "deprecated",
+        "description": "Avoid color collisions in charts by using distinct colors"
+      },
+      {
+        "name": "DRILL_TO_DETAIL",
+        "default": true,
+        "lifecycle": "deprecated",
+        "description": "Enable drill-to-detail functionality in charts"
+      },
+      {
+        "name": "ENABLE_JAVASCRIPT_CONTROLS",
+        "default": false,
+        "lifecycle": "deprecated",
+        "description": "Allow JavaScript in chart controls. WARNING: XSS security vulnerability!"
+      }
+    ]
+  }
+}

docs/admin_docs_versioned_docs/version-6.1.0/configuration/alerts-reports.mdx

@@ -0,0 +1,500 @@
+---
+title: Alerts and Reports
+hide_title: true
+sidebar_position: 2
+version: 2
+---
+
+# Alerts and Reports
+
+Users can configure automated alerts and reports to send dashboards or charts to an email recipient or Slack channel.
+
+- *Alerts* are sent when a SQL condition is reached
+- *Reports* are sent on a schedule
+
+Alerts and reports are disabled by default. To turn them on, you'll need to change configuration settings and install a suitable headless browser in your environment.
+
+## Requirements
+
+### Commons
+
+#### In your `superset_config.py` or `superset_config_docker.py`
+
+- `"ALERT_REPORTS"` [feature flag](/admin-docs/configuration/configuring-superset#feature-flags) must be turned to True.
+- `beat_schedule` in CeleryConfig must contain schedule for `reports.scheduler`.
+- At least one of those must be configured, depending on what you want to use:
+  - emails: `SMTP_*` settings
+  - Slack messages: `SLACK_API_TOKEN`
+- Users can customize the email subject by including date code placeholders, which will automatically be replaced with the corresponding UTC date when the email is sent. To enable this functionality, activate the `"DATE_FORMAT_IN_EMAIL_SUBJECT"` [feature flag](/admin-docs/configuration/configuring-superset#feature-flags). This enables date formatting in email subjects, preventing all reporting emails from being grouped into the same thread (optional for the reporting feature).
+    - Use date codes from [strftime.org](https://strftime.org/) to create the email subject.
+    - If no date code is provided, the original string will be used as the email subject.
+
+##### Disable dry-run mode
+
+Screenshots will be taken but no messages actually sent as long as `ALERT_REPORTS_NOTIFICATION_DRY_RUN = True`, its default value in `docker/pythonpath_dev/superset_config.py`.  To disable dry-run mode and start receiving email/Slack notifications, set `ALERT_REPORTS_NOTIFICATION_DRY_RUN` to `False` in [superset config](https://github.com/apache/superset/blob/master/docker/pythonpath_dev/superset_config.py).
+
+#### In your `Dockerfile`
+
+You'll need to extend the Superset image to include a headless browser. Your options include:
+- Use Playwright with Chrome: this is the recommended approach as of version 4.1.x or greater. A working example of a Dockerfile that installs these tools is provided under "Building your own production Docker image" on the [Docker Builds](/admin-docs/installation/docker-builds#building-your-own-production-docker-image) page. Read the code comments there as you'll also need to change a feature flag in your config.
+- Use Firefox: you'll need to install geckodriver and Firefox.
+- Use Chrome without Playwright: you'll need to install Chrome and set the value of `WEBDRIVER_TYPE` to `"chrome"` in your `superset_config.py`.
+
+In Superset versions <=4.0x, users installed Firefox or Chrome and that was documented here.
+
+Only the worker container needs the browser.
+
+### Slack integration
+
+To send alerts and reports to Slack channels, you need to create a new Slack Application on your workspace.
+
+1. Connect to your Slack workspace, then head to [https://api.slack.com/apps].
+2. Create a new app.
+3. Go to "OAuth & Permissions" section, and give the following scopes to your app:
+   - `incoming-webhook`
+   - `files:write`
+   - `chat:write`
+   - `channels:read`
+   - `groups:read`
+4. At the top of the "OAuth and Permissions" section, click "install to workspace".
+5. Select a default channel for your app and continue.
+   (You can post to any channel by inviting your Superset app into that channel).
+6. The app should now be installed in your workspace, and a "Bot User OAuth Access Token" should have been created. Copy that token in the `SLACK_API_TOKEN` variable of your `superset_config.py`.
+7. Ensure the feature flag `ALERT_REPORT_SLACK_V2` is set to True in `superset_config.py`
+8. Restart the service (or run `superset init`) to pull in the new configuration.
+
+Note: when you configure an alert or a report, the Slack channel list takes channel names without the leading '#' e.g. use `alerts` instead of `#alerts`.
+
+#### Large Slack Workspaces (10k+ channels)
+
+For workspaces with many channels, fetching the complete channel list can take several minutes and may encounter Slack API rate limits. Add the following to your `superset_config.py`:
+
+```python
+from datetime import timedelta
+
+# Increase cache timeout to reduce API calls
+# Default: 1 day (86400 seconds)
+SLACK_CACHE_TIMEOUT = int(timedelta(days=2).total_seconds())
+
+# Increase retry count for rate limit errors
+# Default: 2
+SLACK_API_RATE_LIMIT_RETRY_COUNT = 5
+```
+
+### Webhook integration
+
+Superset can send alert and report notifications to any HTTP endpoint — useful for chat platforms, incident management tools, or custom automation.
+
+#### Enabling Webhooks
+
+Enable the feature flag in `superset_config.py`:
+
+```python
+FEATURE_FLAGS = {
+    "ALERT_REPORTS": True,
+    "ALERT_REPORT_WEBHOOK": True,
+}
+```
+
+#### Configuring a Webhook Recipient
+
+When creating or editing an alert or report, select **Webhook** as the notification method and enter your endpoint URL.
+
+#### Payload Format
+
+Superset sends an HTTP POST with `Content-Type: application/json`:
+
+```json
+{
+  "name": "My Alert",
+  "header": {
+    "notification_format": "JSON",
+    "notification_type": "Alert",
+    "notification_source": "Alert",
+    "chart_id": 42,
+    "dashboard_id": null
+  },
+  "text": "Alert condition met: value exceeded threshold",
+  "description": "Monthly revenue dropped below target",
+  "url": "https://your-superset-host/superset/dashboard/1/"
+}
+```
+
+When a report includes file attachments (CSV, PDF, or PNG screenshots), the request is sent as `multipart/form-data` instead. In that case, each top-level payload field (`name`, `text`, `description`, `url`) becomes its own form field, and nested structures like `header` are serialized as a JSON-encoded string in their own field. Every attachment is added as a repeated form field named `files`:
+
+```
+POST /webhook HTTP/1.1
+Content-Type: multipart/form-data; boundary=...
+
+--...
+Content-Disposition: form-data; name="name"
+
+My Alert
+--...
+Content-Disposition: form-data; name="header"
+
+{"notification_format": "JSON", "notification_type": "Alert", ...}
+--...
+Content-Disposition: form-data; name="text"
+
+Alert condition met: value exceeded threshold
+--...
+Content-Disposition: form-data; name="files"; filename="report.csv"
+Content-Type: text/csv
+
+<file bytes>
+--...
+```
+
+Webhook consumers should branch on `Content-Type`: parse the body as JSON when `application/json`, or read the individual form fields (decoding `header` as JSON) when `multipart/form-data`.
+
+#### HTTPS Enforcement
+
+To require HTTPS webhook URLs (recommended for production), set:
+
+```python
+ALERT_REPORTS_WEBHOOK_HTTPS_ONLY = True
+```
+
+When enabled, Superset rejects webhook configurations that use `http://` URLs.
+
+#### Retry Behavior
+
+Superset automatically retries webhook deliveries on `429 Too Many Requests` and `5xx` server errors using exponential backoff.
+
+### Kubernetes-specific
+
+- You must have a `celery beat` pod running. If you're using the chart included in the GitHub repository under [helm/superset](https://github.com/apache/superset/tree/master/helm/superset), you need to put `supersetCeleryBeat.enabled = true` in your values override.
+- You can see the dedicated docs about [Kubernetes installation](/admin-docs/installation/kubernetes) for more details.
+
+### Docker Compose specific
+
+#### You must have in your `docker-compose.yml`
+
+- A Redis message broker
+- PostgreSQL DB instead of SQLlite
+- One or more `celery worker`
+- A single `celery beat`
+
+This process also works in a Docker swarm environment, you would just need to add `Deploy:` to the Superset, Redis and Postgres services along with your specific configs for your swarm.
+
+### Detailed config
+
+The following configurations need to be added to the `superset_config.py` file. This file is loaded when the image runs, and any configurations in it will override the default configurations found in the `config.py`.
+
+You can find documentation about each field in the default `config.py` in the GitHub repository under [superset/config.py](https://github.com/apache/superset/blob/master/superset/config.py).
+
+You need to replace default values with your custom Redis, Slack and/or SMTP config.
+
+Superset uses Celery beat and Celery worker(s) to send alerts and reports.
+
+- The beat is the scheduler that tells the worker when to perform its tasks. This schedule is defined when you create the alert or report.
+- The worker will process the  tasks that need to be performed when an alert or report is fired.
+
+In the `CeleryConfig`, only the `beat_schedule` is relevant to this feature, the rest of the `CeleryConfig` can be changed for your needs.
+
+```python
+from celery.schedules import crontab
+
+FEATURE_FLAGS = {
+    "ALERT_REPORTS": True
+}
+
+REDIS_HOST = "superset_cache"
+REDIS_PORT = "6379"
+
+class CeleryConfig:
+    broker_url = f"redis://{REDIS_HOST}:{REDIS_PORT}/0"
+    imports = (
+        "superset.sql_lab",
+        "superset.tasks.scheduler",
+    )
+    result_backend = f"redis://{REDIS_HOST}:{REDIS_PORT}/0"
+    worker_prefetch_multiplier = 10
+    task_acks_late = True
+    task_annotations = {
+        "sql_lab.get_sql_results": {
+            "rate_limit": "100/s",
+        },
+    }
+    beat_schedule = {
+        "reports.scheduler": {
+            "task": "reports.scheduler",
+            "schedule": crontab(minute="*", hour="*"),
+        },
+        "reports.prune_log": {
+            "task": "reports.prune_log",
+            "schedule": crontab(minute=0, hour=0),
+        },
+    }
+CELERY_CONFIG = CeleryConfig
+
+SCREENSHOT_LOCATE_WAIT = 100
+SCREENSHOT_LOAD_WAIT = 600
+
+# Slack configuration
+SLACK_API_TOKEN = "xoxb-"
+
+# Email configuration
+SMTP_HOST = "smtp.sendgrid.net" # change to your host
+SMTP_PORT = 2525 # your port, e.g. 587
+SMTP_STARTTLS = True
+SMTP_SSL_SERVER_AUTH = True # If you're using an SMTP server with a valid certificate
+SMTP_SSL = False
+SMTP_USER = "your_user" # use the empty string "" if using an unauthenticated SMTP server
+SMTP_PASSWORD = "your_password" # use the empty string "" if using an unauthenticated SMTP server
+SMTP_MAIL_FROM = "noreply@youremail.com"
+EMAIL_REPORTS_SUBJECT_PREFIX = "[Superset] " # optional - overwrites default value in config.py of "[Report] "
+
+# WebDriver configuration
+# If you use Firefox or Playwright with Chrome, you can stick with default values
+# If you use Chrome and are *not* using Playwright, then add the following WEBDRIVER_TYPE and WEBDRIVER_OPTION_ARGS
+WEBDRIVER_TYPE = "chrome"
+WEBDRIVER_OPTION_ARGS = [
+    "--force-device-scale-factor=2.0",
+    "--high-dpi-support=2.0",
+    "--headless",
+    "--disable-gpu",
+    "--disable-dev-shm-usage",
+    "--no-sandbox",
+    "--disable-setuid-sandbox",
+    "--disable-extensions",
+]
+
+# This is for internal use, you can keep http
+WEBDRIVER_BASEURL = "http://superset:8088" # When running using docker compose use "http://superset_app:8088'
+# This is the link sent to the recipient. Change to your domain, e.g. https://superset.mydomain.com
+WEBDRIVER_BASEURL_USER_FRIENDLY = "http://localhost:8088"
+```
+
+You also need
+to specify on behalf of which username to render the dashboards. In general, dashboards and charts
+are not accessible to unauthorized requests, that is why the worker needs to take over credentials
+of an existing user to take a snapshot.
+
+By default, Alerts and Reports are executed as the owner of the alert/report object. To use a fixed user account,
+just change the config as follows (`admin` in this example):
+
+```python
+from superset.tasks.types import FixedExecutor
+
+ALERT_REPORTS_EXECUTORS = [FixedExecutor("admin")]
+```
+
+Please refer to `ExecutorType` in the codebase for other executor types.
+
+**Important notes**
+
+- Be mindful of the concurrency setting for celery (using `-c 4`). Selenium/webdriver instances can
+  consume a lot of CPU / memory on your servers.
+- In some cases, if you notice a lot of leaked geckodriver processes, try running your celery
+  processes with `celery worker --pool=prefork --max-tasks-per-child=128 ...`
+- It is recommended to run separate workers for the `sql_lab` and `email_reports` tasks. This can be
+  done using the `queue` field in `task_annotations`.
+- Adjust `WEBDRIVER_BASEURL` in your configuration file if celery workers can’t access Superset via
+  its default value of `http://0.0.0.0:8080/`.
+
+It's also possible to specify a minimum interval between each report's execution through the config file:
+
+``` python
+# Set a minimum interval threshold between executions (for each Alert/Report)
+# Value should be an integer
+ALERT_MINIMUM_INTERVAL = int(timedelta(minutes=10).total_seconds())
+REPORT_MINIMUM_INTERVAL = int(timedelta(minutes=5).total_seconds())
+```
+
+Alternatively, you can assign a function to `ALERT_MINIMUM_INTERVAL` and/or `REPORT_MINIMUM_INTERVAL`. This is useful to dynamically retrieve a value as needed:
+
+``` python
+def alert_dynamic_minimal_interval(**kwargs) -> int:
+    """
+    Define logic here to retrieve the value dynamically
+    """
+
+ALERT_MINIMUM_INTERVAL = alert_dynamic_minimal_interval
+```
+
+## External Link Redirection
+
+For security, Superset rewrites external links in alert/report email HTML so
+they go through a warning page before the user is navigated to the external
+site.  Internal links (matching your configured base URL) are not affected.
+
+```python
+# Disable external link redirection entirely (default: True)
+ALERT_REPORTS_ENABLE_LINK_REDIRECT = False
+```
+
+The feature uses `WEBDRIVER_BASEURL_USER_FRIENDLY` (or `WEBDRIVER_BASEURL`)
+to determine which hosts are internal.
+
+## Troubleshooting
+
+There are many reasons that reports might not be working.  Try these steps to check for specific issues.
+
+### Confirm feature flag is enabled and you have sufficient permissions
+
+If you don't see "Alerts & Reports" under the *Manage* section of the Settings dropdown in the Superset UI, you need to enable the `ALERT_REPORTS` feature flag (see above). Enable another feature flag and check to see that it took effect, to verify that your config file is getting loaded.
+
+Log in as an admin user to ensure you have adequate permissions.
+
+### Check the logs of your Celery worker
+
+This is the best source of information about the problem.  In a docker compose deployment, you can do this with a command like `docker logs superset_worker --since 1h`.
+
+### Check web browser and webdriver installation
+
+To take a screenshot, the worker visits the dashboard or chart using a headless browser, then takes a screenshot. If you are able to send a chart as CSV or text but can't send as PNG, your problem may lie with the browser.
+
+If you are handling the installation of the headless browser on your own, do your own verification to ensure that the headless browser opens successfully in the worker environment.
+
+### Send a test email
+
+One symptom of an invalid connection to an email server is receiving an error of `[Errno 110] Connection timed out` in your logs when the report tries to send.
+
+Confirm via testing that your outbound email configuration is correct.  Here is the simplest test, for an un-authenticated email SMTP email service running on port 25.  If you are sending over SSL, for instance, study how [Superset's codebase sends emails](https://github.com/apache/superset/blob/master/superset/utils/core.py#L818) and then test with those commands and arguments.
+
+Start Python in your worker environment, replace all example values, and run:
+
+```python
+import smtplib
+from email.mime.multipart import MIMEMultipart
+from email.mime.text import MIMEText
+
+from_email = 'superset_emails@example.com'
+to_email = 'your_email@example.com'
+msg = MIMEMultipart()
+msg['From'] = from_email
+msg['To'] = to_email
+msg['Subject'] = 'Superset SMTP config test'
+message = 'It worked'
+msg.attach(MIMEText(message))
+mailserver = smtplib.SMTP('smtpmail.example.com', 25)
+mailserver.sendmail(from_email, to_email, msg.as_string())
+mailserver.quit()
+```
+
+This should send an email.
+
+Possible fixes:
+
+- Some cloud hosts disable outgoing unauthenticated SMTP email to prevent spam.  For instance, [Azure blocks port 25 by default on some machines](https://learn.microsoft.com/en-us/azure/virtual-network/troubleshoot-outbound-smtp-connectivity). Enable that port or use another sending method.
+- Use another set of SMTP credentials that you verify works in this setup.
+
+### Browse to your report from the worker
+
+The worker may be unable to reach the report. It will use the value of `WEBDRIVER_BASEURL` to browse to the report.  If that route is invalid, or presents an authentication challenge that the worker can't pass, the report screenshot will fail.
+
+Check this by attempting to `curl` the URL of a report that you see in the error logs of your worker. For instance, from the worker environment, run `curl http://superset_app:8088/superset/dashboard/1/`. You may get different responses depending on whether the dashboard exists - for example, you may need to change the `1` in that URL. If there's a URL in your logs from a failed report screenshot, that's a good place to start. The goal is to determine a valid value for `WEBDRIVER_BASEURL` and determine if an issue like HTTPS or authentication is redirecting your worker.
+
+In a deployment with authentication measures enabled like HTTPS and Single Sign-On, it may make sense to have the worker navigate directly to the Superset application running in the same location, avoiding the need to sign in.  For instance, you could use `WEBDRIVER_BASEURL="http://superset_app:8088"` for a docker compose deployment, and set `"force_https": False,` in your `TALISMAN_CONFIG`.
+
+### Duplicate report deliveries
+
+In some deployment configurations a scheduled report can be delivered more than once around its planned time. This typically happens when more than one process is responsible for running the alerts & reports schedule (for example, multiple schedulers or Celery beat instances). To avoid duplicate emails or notifications:
+
+- Ensure that only a **single scheduler/beat process** is configured to trigger alerts and reports for a given environment.
+- If you run **multiple Celery workers**, verify that there is still only one component responsible for scheduling the report tasks (workers should execute tasks, not schedule them independently).
+- Review your deployment/orchestration setup (for example systemd, Docker, or Kubernetes) to make sure the alerts & reports scheduler is **not started from multiple places by accident**.
+
+## Scheduling Queries as Reports
+
+You can optionally allow your users to schedule queries directly in SQL Lab. This is done by adding
+extra metadata to saved queries, which are then picked up by an external scheduled (like
+[Apache Airflow](https://airflow.apache.org/)).
+
+To allow scheduled queries, add the following to `SCHEDULED_QUERIES` in your configuration file:
+
+```python
+SCHEDULED_QUERIES = {
+    # This information is collected when the user clicks "Schedule query",
+    # and saved into the `extra` field of saved queries.
+    # See: https://github.com/mozilla-services/react-jsonschema-form
+    'JSONSCHEMA': {
+        'title': 'Schedule',
+        'description': (
+            'In order to schedule a query, you need to specify when it '
+            'should start running, when it should stop running, and how '
+            'often it should run. You can also optionally specify '
+            'dependencies that should be met before the query is '
+            'executed. Please read the documentation for best practices '
+            'and more information on how to specify dependencies.'
+        ),
+        'type': 'object',
+        'properties': {
+            'output_table': {
+                'type': 'string',
+                'title': 'Output table name',
+            },
+            'start_date': {
+                'type': 'string',
+                'title': 'Start date',
+                # date-time is parsed using the chrono library, see
+                # https://www.npmjs.com/package/chrono-node#usage
+                'format': 'date-time',
+                'default': 'tomorrow at 9am',
+            },
+            'end_date': {
+                'type': 'string',
+                'title': 'End date',
+                # date-time is parsed using the chrono library, see
+                # https://www.npmjs.com/package/chrono-node#usage
+                'format': 'date-time',
+                'default': '9am in 30 days',
+            },
+            'schedule_interval': {
+                'type': 'string',
+                'title': 'Schedule interval',
+            },
+            'dependencies': {
+                'type': 'array',
+                'title': 'Dependencies',
+                'items': {
+                    'type': 'string',
+                },
+            },
+        },
+    },
+    'UISCHEMA': {
+        'schedule_interval': {
+            'ui:placeholder': '@daily, @weekly, etc.',
+        },
+        'dependencies': {
+            'ui:help': (
+                'Check the documentation for the correct format when '
+                'defining dependencies.'
+            ),
+        },
+    },
+    'VALIDATION': [
+        # ensure that start_date <= end_date
+        {
+            'name': 'less_equal',
+            'arguments': ['start_date', 'end_date'],
+            'message': 'End date cannot be before start date',
+            # this is where the error message is shown
+            'container': 'end_date',
+        },
+    ],
+    # link to the scheduler; this example links to an Airflow pipeline
+    # that uses the query id and the output table as its name
+    'linkback': (
+        'https://airflow.example.com/admin/airflow/tree?'
+        'dag_id=query_${id}_${extra_json.schedule_info.output_table}'
+    ),
+}
+```
+
+This configuration is based on
+[react-jsonschema-form](https://github.com/mozilla-services/react-jsonschema-form) and will add a
+menu item called “Schedule” to SQL Lab. When the menu item is clicked, a modal will show up where
+the user can add the metadata required for scheduling the query.
+
+This information can then be retrieved from the endpoint `/api/v1/saved_query/` and used to
+schedule the queries that have `schedule_info` in their JSON metadata. For schedulers other than
+Airflow, additional fields can be easily added to the configuration file above.
+
+:::resources
+- [Tutorial: Automated Alerts and Reporting via Slack/Email in Superset](https://dev.to/ngtduc693/apache-superset-topic-5-automated-alerts-and-reporting-via-slackemail-in-superset-2gbe)
+- [Blog: Integrating Slack alerts and Apache Superset for better data observability](https://medium.com/affinityanswers-tech/integrating-slack-alerts-and-apache-superset-for-better-data-observability-fd2f9a12c350)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/configuration/async-queries-celery.mdx

@@ -0,0 +1,108 @@
+---
+title: Async Queries via Celery
+hide_title: true
+sidebar_position: 4
+version: 1
+---
+
+# Async Queries via Celery
+
+## Celery
+
+On large analytic databases, it’s common to run queries that execute for minutes or hours. To enable
+support for long running queries that execute beyond the typical web request’s timeout (30-60
+seconds), it is necessary to configure an asynchronous backend for Superset which consists of:
+
+- one or many Superset workers (which is implemented as a Celery worker), and can be started with
+  the `celery worker` command, run `celery worker --help` to view the related options.
+- a celery broker (message queue) for which we recommend using Redis or RabbitMQ
+- a results backend that defines where the worker will persist the query results
+
+Configuring Celery requires defining a `CELERY_CONFIG` in your `superset_config.py`. Both the worker
+and web server processes should have the same configuration.
+
+```python
+class CeleryConfig(object):
+    broker_url = "redis://localhost:6379/0"
+    imports = (
+        "superset.sql_lab",
+        "superset.tasks.scheduler",
+    )
+    result_backend = "redis://localhost:6379/0"
+    worker_prefetch_multiplier = 10
+    task_acks_late = True
+    task_annotations = {
+        "sql_lab.get_sql_results": {
+            "rate_limit": "100/s",
+        },
+    }
+
+CELERY_CONFIG = CeleryConfig
+```
+
+To start a Celery worker to leverage the configuration, run the following command:
+
+```bash
+celery --app=superset.tasks.celery_app:app worker --pool=prefork -O fair -c 4
+```
+
+To start a job which schedules periodic background jobs, run the following command:
+
+```bash
+celery --app=superset.tasks.celery_app:app beat
+```
+
+To setup a result backend, you need to pass an instance of a derivative of `BaseCache` (`from
+flask_caching.backends.base import BaseCache`) to the RESULTS_BACKEND configuration key in your
+superset_config.py. You can use Memcached, Redis, S3 (https://pypi.python.org/pypi/s3werkzeugcache),
+memory or the file system (in a single server-type setup or for testing), or to write your own
+caching interface. Your `superset_config.py` may look something like:
+
+```python
+# On S3
+from s3cache.s3cache import S3Cache
+S3_CACHE_BUCKET = 'foobar-superset'
+S3_CACHE_KEY_PREFIX = 'sql_lab_result'
+RESULTS_BACKEND = S3Cache(S3_CACHE_BUCKET, S3_CACHE_KEY_PREFIX)
+
+# On Redis
+from flask_caching.backends.rediscache import RedisCache
+RESULTS_BACKEND = RedisCache(
+    host='localhost', port=6379, key_prefix='superset_results')
+```
+
+For performance gains, [MessagePack](https://github.com/msgpack/msgpack-python) and
+[PyArrow](https://arrow.apache.org/docs/python/) are now used for results serialization. This can be
+disabled by setting `RESULTS_BACKEND_USE_MSGPACK = False` in your `superset_config.py`, should any
+issues arise. Please clear your existing results cache store when upgrading an existing environment.
+
+**Important Notes**
+
+- It is important that all the worker nodes and web servers in the Superset cluster _share a common
+  metadata database_. This means that SQLite will not work in this context since it has limited
+  support for concurrency and typically lives on the local file system.
+
+- There should _only be one instance of celery beat running_ in your entire setup. If not,
+  background jobs can get scheduled multiple times resulting in weird behaviors like duplicate
+  delivery of reports, higher than expected load / traffic etc.
+
+- SQL Lab will _only run your queries asynchronously if_ you enable **Asynchronous Query Execution**
+  in your database settings (Sources > Databases > Edit record).
+
+## Celery Flower
+
+Flower is a web based tool for monitoring the Celery cluster which you can install from pip:
+
+```bash
+pip install flower
+```
+
+You can run flower using:
+
+```bash
+celery --app=superset.tasks.celery_app:app flower
+```
+
+:::resources
+- [Blog: How to Set Up Global Async Queries (GAQ) in Apache Superset](https://medium.com/@ngigilevis/how-to-set-up-global-async-queries-gaq-in-apache-superset-a-complete-guide-9d2f4a047559)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/configuration/aws-iam.mdx

@@ -0,0 +1,162 @@
+{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}
+
+---
+title: AWS IAM Authentication
+sidebar_label: AWS IAM Authentication
+sidebar_position: 15
+---
+
+# AWS IAM Authentication for AWS Databases
+
+Superset supports IAM-based authentication for **Amazon Aurora** (PostgreSQL and MySQL) and **Amazon Redshift**. IAM auth eliminates the need for database passwords — Superset generates a short-lived auth token using temporary AWS credentials instead.
+
+Cross-account IAM role assumption via STS `AssumeRole` is supported, allowing a Superset deployment in one AWS account to connect to databases in a different account.
+
+## Prerequisites
+
+- Enable the `AWS_DATABASE_IAM_AUTH` feature flag in `superset_config.py`. IAM authentication is gated behind this flag; if it is disabled, connections using `aws_iam` fail with *"AWS IAM database authentication is not enabled."*
+  ```python
+  FEATURE_FLAGS = {
+      "AWS_DATABASE_IAM_AUTH": True,
+  }
+  ```
+- `boto3` must be installed in your Superset environment:
+  ```bash
+  pip install boto3
+  ```
+- The Superset server's IAM role (or static credentials) must have permission to call `sts:AssumeRole` (for cross-account) or the same-account permissions for the target service:
+  - **Aurora (RDS)**: `rds-db:connect`
+  - **Redshift provisioned**: `redshift:GetClusterCredentials`
+  - **Redshift Serverless**: `redshift-serverless:GetCredentials` and `redshift-serverless:GetWorkgroup`
+- SSL must be enabled on the Aurora / Redshift endpoint (required for IAM token auth).
+
+## Configuration
+
+IAM authentication is configured via the **encrypted_extra** field of the database connection. Access this field in the **Advanced** → **Security** section of the database connection form, under **Secure Extra**.
+
+### Aurora PostgreSQL or Aurora MySQL
+
+```json
+{
+  "aws_iam": {
+    "enabled": true,
+    "role_arn": "arn:aws:iam::222222222222:role/SupersetDatabaseAccess",
+    "external_id": "superset-prod-12345",
+    "region": "us-east-1",
+    "db_username": "superset_iam_user",
+    "session_duration": 3600
+  }
+}
+```
+
+| Field | Required | Description |
+|-------|----------|-------------|
+| `enabled` | Yes | Set to `true` to activate IAM auth |
+| `role_arn` | No | ARN of the cross-account IAM role to assume via STS. Omit for same-account auth |
+| `external_id` | No | External ID for the STS `AssumeRole` call, if required by the target role's trust policy |
+| `region` | Yes | AWS region of the database cluster |
+| `db_username` | Yes | The database username associated with the IAM identity |
+| `session_duration` | No | STS session duration in seconds (default: `3600`) |
+
+### Redshift (Serverless)
+
+```json
+{
+  "aws_iam": {
+    "enabled": true,
+    "role_arn": "arn:aws:iam::222222222222:role/SupersetRedshiftAccess",
+    "region": "us-east-1",
+    "workgroup_name": "my-workgroup",
+    "db_name": "dev"
+  }
+}
+```
+
+### Redshift (Provisioned Cluster)
+
+```json
+{
+  "aws_iam": {
+    "enabled": true,
+    "role_arn": "arn:aws:iam::222222222222:role/SupersetRedshiftAccess",
+    "region": "us-east-1",
+    "cluster_identifier": "my-cluster",
+    "db_username": "superset_iam_user",
+    "db_name": "dev"
+  }
+}
+```
+
+## Cross-Account IAM Setup
+
+To connect to a database in Account B from a Superset deployment in Account A:
+
+**1. In Account B — create a database-access role:**
+
+```json
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": ["rds-db:connect"],
+      "Resource": "arn:aws:rds-db:us-east-1:222222222222:dbuser/db-XXXXXXXXXXXX/superset_iam_user"
+    }
+  ]
+}
+```
+
+**Trust policy** (allows Account A's Superset role to assume it):
+
+```json
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Principal": {
+        "AWS": "arn:aws:iam::111111111111:role/SupersetInstanceRole"
+      },
+      "Action": "sts:AssumeRole",
+      "Condition": {
+        "StringEquals": {
+          "sts:ExternalId": "superset-prod-12345"
+        }
+      }
+    }
+  ]
+}
+```
+
+**2. In Account A — grant Superset's role permission to assume the Account B role:**
+
+```json
+{
+  "Effect": "Allow",
+  "Action": "sts:AssumeRole",
+  "Resource": "arn:aws:iam::222222222222:role/SupersetDatabaseAccess"
+}
+```
+
+**3. Configure the database connection in Superset** using the `role_arn` and `external_id` from the trust policy (as shown in the configuration example above).
+
+## Credential Caching
+
+STS credentials are cached in memory keyed by `(role_arn, region, external_id)` with a 10-minute TTL. This reduces the number of STS API calls when multiple queries are executed with the same connection. Tokens are refreshed automatically before expiry.

docs/admin_docs_versioned_docs/version-6.1.0/configuration/cache.mdx

@@ -0,0 +1,276 @@
+---
+title: Caching
+hide_title: true
+sidebar_position: 3
+version: 1
+---
+
+# Caching
+
+:::note
+When a cache backend is configured, Superset expects it to remain available. Operations will
+fail if the configured backend becomes unavailable rather than silently degrading. This
+fail-fast behavior ensures operators are immediately aware of infrastructure issues.
+:::
+
+Superset uses [Flask-Caching](https://flask-caching.readthedocs.io/) for caching purposes.
+Flask-Caching supports various caching backends, including Redis (recommended), Memcached,
+SimpleCache (in-memory), or the local filesystem.
+[Custom cache backends](https://flask-caching.readthedocs.io/en/latest/#custom-cache-backends)
+are also supported.
+
+Caching can be configured by providing dictionaries in
+`superset_config.py` that comply with [the Flask-Caching config specifications](https://flask-caching.readthedocs.io/en/latest/#configuring-flask-caching).
+
+The following cache configurations can be customized in this way:
+
+- Dashboard filter state (required): `FILTER_STATE_CACHE_CONFIG`.
+- Explore chart form data (required): `EXPLORE_FORM_DATA_CACHE_CONFIG`
+- Metadata cache (optional): `CACHE_CONFIG`
+- Charting data queried from datasets (optional): `DATA_CACHE_CONFIG`
+
+For example, to configure the filter state cache using Redis:
+
+```python
+FILTER_STATE_CACHE_CONFIG = {
+    'CACHE_TYPE': 'RedisCache',
+    'CACHE_DEFAULT_TIMEOUT': 86400,
+    'CACHE_KEY_PREFIX': 'superset_filter_cache',
+    'CACHE_REDIS_URL': 'redis://localhost:6379/0'
+}
+```
+
+## Dependencies
+
+In order to use dedicated cache stores, additional python libraries must be installed
+
+- For Redis: we recommend the [redis](https://pypi.python.org/pypi/redis) Python package
+- Memcached: we recommend using [pylibmc](https://pypi.org/project/pylibmc/) client library as
+  `python-memcached` does not handle storing binary data correctly.
+
+These libraries can be installed using pip.
+
+## Fallback Metastore Cache
+
+Note, that some form of Filter State and Explore caching are required. If either of these caches
+are undefined, Superset falls back to using a built-in cache that stores data in the metadata
+database. While it is recommended to use a dedicated cache, the built-in cache can also be used
+to cache other data.
+
+For example, to use the built-in cache to store chart data, use the following config:
+
+```python
+DATA_CACHE_CONFIG = {
+    "CACHE_TYPE": "SupersetMetastoreCache",
+    "CACHE_KEY_PREFIX": "superset_results",  # make sure this string is unique to avoid collisions
+    "CACHE_DEFAULT_TIMEOUT": 86400,  # 60 seconds * 60 minutes * 24 hours
+}
+```
+
+## Chart Cache Timeout
+
+The cache timeout for charts may be overridden by the settings for an individual chart, dataset, or
+database. Each of these configurations will be checked in order before falling back to the default
+value defined in `DATA_CACHE_CONFIG`.
+
+Note, that by setting the cache timeout to `-1`, caching for charting data can be disabled, either
+per chart, dataset or database, or by default if set in `DATA_CACHE_CONFIG`.
+
+## SQL Lab Query Results
+
+Caching for SQL Lab query results is used when async queries are enabled and is configured using
+`RESULTS_BACKEND`.
+
+Note that this configuration does not use a flask-caching dictionary for its configuration, but
+instead requires a cachelib object.
+
+See [Async Queries via Celery](/admin-docs/configuration/async-queries-celery) for details.
+
+## Caching Thumbnails
+
+This is an optional feature that can be turned on by activating its [feature flag](/admin-docs/configuration/configuring-superset#feature-flags) on config:
+
+```
+FEATURE_FLAGS = {
+    "THUMBNAILS": True,
+    "THUMBNAILS_SQLA_LISTENERS": True,
+}
+```
+
+By default thumbnails are rendered per user, and will fall back to the Selenium user for anonymous users.
+To always render thumbnails as a fixed user (`admin` in this example), use the following configuration:
+
+```python
+from superset.tasks.types import FixedExecutor
+
+THUMBNAIL_EXECUTORS = [FixedExecutor("admin")]
+```
+
+For this feature you will need a cache system and celery workers. All thumbnails are stored on cache
+and are processed asynchronously by the workers.
+
+An example config where images are stored on S3 could be:
+
+```python
+from flask import Flask
+from s3cache.s3cache import S3Cache
+
+...
+
+class CeleryConfig(object):
+    broker_url = "redis://localhost:6379/0"
+    imports = (
+        "superset.sql_lab",
+        "superset.tasks.thumbnails",
+    )
+    result_backend = "redis://localhost:6379/0"
+    worker_prefetch_multiplier = 10
+    task_acks_late = True
+
+
+CELERY_CONFIG = CeleryConfig
+
+def init_thumbnail_cache(app: Flask) -> S3Cache:
+    return S3Cache("bucket_name", 'thumbs_cache/')
+
+
+THUMBNAIL_CACHE_CONFIG = init_thumbnail_cache
+```
+
+Using the above example cache keys for dashboards will be `superset_thumb__dashboard__{ID}`. You can
+override the base URL for Selenium using:
+
+```
+WEBDRIVER_BASEURL = "https://superset.company.com"
+```
+
+To control which user account is used for rendering thumbnails and warming up caches, configure
+`THUMBNAIL_EXECUTORS` and `CACHE_WARMUP_EXECUTORS`. Each accepts a list of executor types (which
+resolve to an owner, creator, modifier, or the currently-logged-in user) and/or a `FixedExecutor`
+pinned to a specific username. By default, thumbnails render as the current user
+(`ExecutorType.CURRENT_USER`) and cache warmup runs as the chart/dashboard owner
+(`ExecutorType.OWNER`).
+
+To force both to run as a dedicated service account (`admin` in this example):
+
+```python
+from superset.tasks.types import ExecutorType, FixedExecutor
+
+THUMBNAIL_EXECUTORS = [FixedExecutor("admin")]
+CACHE_WARMUP_EXECUTORS = [FixedExecutor("admin")]
+```
+
+Use a dedicated read-only service account here rather than a personal admin account, so that
+thumbnail rendering and cache warmup tasks don't fail if a specific user's credentials change.
+
+Additional Selenium WebDriver configuration can be set using `WEBDRIVER_CONFIGURATION`. You can
+implement a custom function to authenticate Selenium. The default function uses the `flask-login`
+session cookie. Here's an example of a custom function signature:
+
+```python
+def auth_driver(driver: WebDriver, user: "User") -> WebDriver:
+    pass
+```
+
+Then on configuration:
+
+```
+WEBDRIVER_AUTH_FUNC = auth_driver
+```
+
+## ETag Support for Thumbnails
+
+Thumbnail and screenshot endpoints return `ETag` response headers based on the cached content digest. Clients can use conditional requests to avoid downloading unchanged images:
+
+```
+GET /api/v1/chart/42/thumbnail/
+If-None-Match: "abc123..."
+
+→ 304 Not Modified  (if unchanged)
+→ 200 OK            (with new image if changed)
+```
+
+This is particularly useful for embedded dashboards and external integrations that periodically poll for updated screenshots — unchanged thumbnails return immediately with no payload.
+
+## Distributed Coordination Backend
+
+Superset supports an optional distributed coordination (`DISTRIBUTED_COORDINATION_CONFIG`) for
+high-performance distributed operations. This configuration enables:
+
+- **Distributed locking**: Moves lock operations from the metadata database to Redis, improving
+  performance and reducing metastore load
+- **Real-time event notifications**: Enables instant pub/sub messaging for task abort signals and
+  completion notifications instead of polling-based approaches
+
+:::note
+This requires Redis or Valkey specifically—it uses Redis-specific features (pub/sub, `SET NX EX`)
+that are not available in general Flask-Caching backends.
+:::
+
+### Configuration
+
+The distributed coordination uses Flask-Caching style configuration for consistency with other cache
+backends. Configure `DISTRIBUTED_COORDINATION_CONFIG` in `superset_config.py`:
+
+```python
+DISTRIBUTED_COORDINATION_CONFIG = {
+    "CACHE_TYPE": "RedisCache",
+    "CACHE_REDIS_HOST": "localhost",
+    "CACHE_REDIS_PORT": 6379,
+    "CACHE_REDIS_DB": 0,
+    "CACHE_REDIS_PASSWORD": "",  # Optional
+}
+```
+
+For Redis Sentinel deployments:
+
+```python
+DISTRIBUTED_COORDINATION_CONFIG = {
+    "CACHE_TYPE": "RedisSentinelCache",
+    "CACHE_REDIS_SENTINELS": [("sentinel1", 26379), ("sentinel2", 26379)],
+    "CACHE_REDIS_SENTINEL_MASTER": "mymaster",
+    "CACHE_REDIS_SENTINEL_PASSWORD": None,  # Sentinel password (if different)
+    "CACHE_REDIS_PASSWORD": "",  # Redis password
+    "CACHE_REDIS_DB": 0,
+}
+```
+
+For SSL/TLS connections:
+
+```python
+DISTRIBUTED_COORDINATION_CONFIG = {
+    "CACHE_TYPE": "RedisCache",
+    "CACHE_REDIS_HOST": "redis.example.com",
+    "CACHE_REDIS_PORT": 6380,
+    "CACHE_REDIS_SSL": True,
+    "CACHE_REDIS_SSL_CERTFILE": "/path/to/client.crt",
+    "CACHE_REDIS_SSL_KEYFILE": "/path/to/client.key",
+    "CACHE_REDIS_SSL_CA_CERTS": "/path/to/ca.crt",
+}
+```
+
+### Distributed Lock TTL
+
+You can configure the default lock TTL (time-to-live) in seconds. Locks automatically expire after
+this duration to prevent deadlocks from crashed processes:
+
+```python
+DISTRIBUTED_LOCK_DEFAULT_TTL = 30  # Default: 30 seconds
+```
+
+Individual lock acquisitions can override this value when needed.
+
+### Database-Only Mode
+
+When `DISTRIBUTED_COORDINATION_CONFIG` is not configured, Superset uses database-backed operations:
+
+- **Locking**: Uses the KeyValue table with periodic cleanup of expired entries
+- **Event notifications**: Uses database polling instead of pub/sub
+
+While database-backed operations work reliably, the Redis backend is recommended for production
+deployments where low latency and reduced database load are important.
+
+:::resources
+- [Blog: The Data Engineer's Guide to Lightning-Fast Superset Dashboards](https://preset.io/blog/the-data-engineers-guide-to-lightning-fast-apache-superset-dashboards/)
+- [Blog: Accelerating Dashboards with Materialized Views](https://preset.io/blog/accelerating-apache-superset-dashboards-with-materialized-views/)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/configuration/configuring-superset.mdx

@@ -0,0 +1,509 @@
+---
+title: Configuring Superset
+hide_title: true
+sidebar_position: 1
+version: 1
+---
+
+# Configuring Superset
+
+## superset_config.py
+
+Superset exposes hundreds of configurable parameters through its
+[config.py module](https://github.com/apache/superset/blob/master/superset/config.py). The
+variables and objects exposed act as a public interface of the bulk of what you may want
+to configure, alter and interface with. In this python module, you'll find all these
+parameters, sensible defaults, as well as rich documentation in the form of comments
+
+To configure your application, you need to create your own configuration module, which
+will allow you to override few or many of these parameters. Instead of altering the core module,
+you'll want to define your own module (typically a file named `superset_config.py`).
+Add this file to your `PYTHONPATH` or create an environment variable
+`SUPERSET_CONFIG_PATH` specifying the full path of the `superset_config.py`.
+
+For example, if deploying on Superset directly on a Linux-based system where your
+`superset_config.py` is under `/app` directory, you can run:
+
+```bash
+export SUPERSET_CONFIG_PATH=/app/superset_config.py
+```
+
+If you are using your own custom Dockerfile with the official Superset image as base image,
+then you can add your overrides as shown below:
+
+```bash
+COPY --chown=superset superset_config.py /app/
+ENV SUPERSET_CONFIG_PATH /app/superset_config.py
+```
+
+Docker compose deployments handle application configuration differently using specific conventions.
+Refer to the [docker compose tips & configuration](/admin-docs/installation/docker-compose#docker-compose-tips--configuration)
+for details.
+
+The following is an example of just a few of the parameters you can set in your `superset_config.py` file:
+
+```
+# Superset specific config
+ROW_LIMIT = 5000
+
+# Flask App Builder configuration
+# Your App secret key will be used for securely signing the session cookie
+# and encrypting sensitive information on the database
+# Make sure you are changing this key for your deployment with a strong key.
+# Alternatively you can set it with `SUPERSET_SECRET_KEY` environment variable.
+# You MUST set this for production environments or the server will refuse
+# to start and you will see an error in the logs accordingly.
+SECRET_KEY = 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY'
+
+# The SQLAlchemy connection string to your database backend
+# This connection defines the path to the database that stores your
+# superset metadata (slices, connections, tables, dashboards, ...).
+# Note that the connection information to connect to the datasources
+# you want to explore are managed directly in the web UI
+# The check_same_thread=false property ensures the sqlite client does not attempt
+# to enforce single-threaded access, which may be problematic in some edge cases
+SQLALCHEMY_DATABASE_URI = 'sqlite:////path/to/superset.db?check_same_thread=false'
+
+# Flask-WTF flag for CSRF
+WTF_CSRF_ENABLED = True
+# Add endpoints that need to be exempt from CSRF protection
+WTF_CSRF_EXEMPT_LIST = []
+# A CSRF token that expires in 1 year
+WTF_CSRF_TIME_LIMIT = 60 * 60 * 24 * 365
+
+# Set this API key to enable Mapbox visualizations
+MAPBOX_API_KEY = ''
+```
+
+:::tip
+Note that it is typical to copy and paste [only] the portions of the
+core [superset/config.py](https://github.com/apache/superset/blob/master/superset/config.py) that
+you want to alter, along with the related comments into your own `superset_config.py` file.
+:::
+
+All the parameters and default values defined
+in [superset/config.py](https://github.com/apache/superset/blob/master/superset/config.py)
+can be altered in your local `superset_config.py`. Administrators will want to read through the file
+to understand what can be configured locally as well as the default values in place.
+
+Since `superset_config.py` acts as a Flask configuration module, it can be used to alter the
+settings of Flask itself, as well as Flask extensions that Superset bundles like
+`flask-wtf`, `flask-caching`, `flask-migrate`,
+and `flask-appbuilder`. Each one of these extensions offers intricate configurability.
+Flask App Builder, the web framework used by Superset, also offers many
+configuration settings. Please consult the
+[Flask App Builder Documentation](https://flask-appbuilder.readthedocs.org/en/latest/config.html)
+for more information on how to configure it.
+
+At the very least, you'll want to change `SECRET_KEY` and `SQLALCHEMY_DATABASE_URI`. Continue reading for more about each of these.
+
+## Specifying a SECRET_KEY
+
+### Adding an initial SECRET_KEY
+
+Superset requires a user-specified SECRET_KEY to start up. This requirement was [added in version 2.1.0 to force secure configurations](https://preset.io/blog/superset-security-update-default-secret_key-vulnerability/). Add a strong SECRET_KEY to your `superset_config.py` file like:
+
+```python
+SECRET_KEY = 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY'
+```
+
+You can generate a strong secure key with `openssl rand -base64 42`.
+
+Alternatively, you can set the secret key using `SUPERSET_SECRET_KEY` environment variable:
+
+On a Unix-based system, such as Linux or macOS, you can do so by running the following command in your terminal:
+
+```bash
+export SUPERSET_SECRET_KEY=$(openssl rand -base64 42)
+```
+
+:::caution Use a strong secret key
+This key will be used for securely signing session cookies and encrypting sensitive information stored in Superset's application metadata database.
+Your deployment must use a complex, unique key.
+:::
+
+### Rotating to a newer SECRET_KEY
+
+If you wish to change your existing SECRET_KEY, add the existing SECRET_KEY to your `superset_config.py` file as
+`PREVIOUS_SECRET_KEY =`and provide your new key as `SECRET_KEY =`. You can find your current SECRET_KEY with these
+commands - if running Superset with Docker, execute from within the Superset application container:
+
+```python
+superset shell
+from flask import current_app; print(current_app.config["SECRET_KEY"])
+```
+
+Save your `superset_config.py` with these values and then run `superset re-encrypt-secrets`.
+
+## Setting up a production metadata database
+
+Superset needs a database to store the information it manages, like the definitions of
+charts, dashboards, and many other things.
+
+By default, Superset is configured to use [SQLite](https://www.sqlite.org/),
+a self-contained, single-file database that offers a simple and fast way to get started
+(without requiring any installation). However, for production environments,
+using SQLite is highly discouraged due to security, scalability, and data integrity reasons.
+It's important to use only the supported database engines and consider using a different
+database engine on a separate host or container.
+
+Superset supports the following database engines/versions:
+
+| Database Engine                           | Supported Versions                       |
+| ----------------------------------------- | ---------------------------------------- |
+| [PostgreSQL](https://www.postgresql.org/) | 10.X, 11.X, 12.X, 13.X, 14.X, 15.X, 16.X |
+| [MySQL](https://www.mysql.com/)           | 5.7, 8.X                                 |
+
+Use the following database drivers and connection strings:
+
+| Database                                  | PyPI package              | Connection String                                                      |
+| ----------------------------------------- | ------------------------- | ---------------------------------------------------------------------- |
+| [PostgreSQL](https://www.postgresql.org/) | `pip install psycopg2`    | `postgresql://<UserName>:<DBPassword>@<Database Host>/<Database Name>` |
+| [MySQL](https://www.mysql.com/)           | `pip install mysqlclient` | `mysql://<UserName>:<DBPassword>@<Database Host>/<Database Name>`      |
+
+:::tip
+Properly setting up metadata store is beyond the scope of this documentation. We recommend
+using a hosted managed service such as [Amazon RDS](https://aws.amazon.com/rds/) or
+[Google Cloud Databases](https://cloud.google.com/products/databases?hl=en) to handle
+service and supporting infrastructure and backup strategy.
+:::
+
+To configure Superset metastore set `SQLALCHEMY_DATABASE_URI` config key on `superset_config`
+to the appropriate connection string.
+
+## Running on a WSGI HTTP Server
+
+While you can run Superset on NGINX or Apache, we recommend using Gunicorn in async mode. This
+enables impressive concurrency even and is fairly easy to install and configure. Please refer to the
+documentation of your preferred technology to set up this Flask WSGI application in a way that works
+well in your environment. Here’s an async setup known to work well in production:
+
+```
+      -w 10 \
+      -k gevent \
+      --worker-connections 1000 \
+      --timeout 120 \
+      -b  0.0.0.0:6666 \
+      --limit-request-line 0 \
+      --limit-request-field_size 0 \
+      --statsd-host localhost:8125 \
+      "superset.app:create_app()"
+```
+
+Refer to the [Gunicorn documentation](https://docs.gunicorn.org/en/stable/design.html) for more
+information. _Note that the development web server (`superset run` or `flask run`) is not intended
+for production use._
+
+If you're not using Gunicorn, you may want to disable the use of `flask-compress` by setting
+`COMPRESS_REGISTER = False` in your `superset_config.py`.
+
+Currently, the Google BigQuery Python SDK is not compatible with `gevent`, due to some dynamic monkeypatching on python core library by `gevent`.
+So, when you use `BigQuery` datasource on Superset, you have to use `gunicorn` worker type except `gevent`.
+
+## HTTPS Configuration
+
+You can configure HTTPS upstream via a load balancer or a reverse proxy (such as nginx) and do SSL/TLS Offloading before traffic reaches the Superset application. In this setup, local traffic from a Celery worker taking a snapshot of a chart for Alerts & Reports can access Superset at a `http://` URL, from behind the ingress point.
+You can also configure [SSL in Gunicorn](https://docs.gunicorn.org/en/stable/settings.html#ssl) (the Python webserver) if you are using an official Superset Docker image.
+
+## Configuration Behind a Load Balancer
+
+If you are running superset behind a load balancer or reverse proxy (e.g. NGINX or ELB on AWS), you
+may need to utilize a healthcheck endpoint so that your load balancer knows if your superset
+instance is running. This is provided at `/health` which will return a 200 response containing “OK”
+if the webserver is running.
+
+If the load balancer is inserting `X-Forwarded-For/X-Forwarded-Proto` headers, you should set
+`ENABLE_PROXY_FIX = True` in the superset config file (`superset_config.py`) to extract and use the
+headers.
+
+In case the reverse proxy is used for providing SSL encryption, an explicit definition of the
+`X-Forwarded-Proto` may be required. For the Apache webserver this can be set as follows:
+
+```
+RequestHeader set X-Forwarded-Proto "https"
+```
+
+## Configuring the application root
+
+*Please be advised that this feature is in BETA.*
+
+Superset supports running the application under a non-root path. The root path
+prefix can be specified in one of three ways:
+
+- Customizing the [Flask entrypoint](https://github.com/apache/superset/blob/master/superset/app.py#L29)
+  by passing the `superset_app_root` variable; or
+- Setting the `SUPERSET_APP_ROOT` environment variable to the desired prefix; or
+- Setting the `APPLICATION_ROOT` config in your `superset_config.py` file.
+
+Note, the prefix should start with a `/`.
+
+### Customizing the Flask entrypoint
+
+To configure a prefix, e.g `/analytics`, pass the `superset_app_root` argument to
+`create_app` when calling flask run either through the `FLASK_APP`
+environment variable:
+
+```sh
+FLASK_APP="superset:create_app(superset_app_root='/analytics')"
+```
+
+or as part of the `--app` argument to `flask run`:
+
+```sh
+flask --app "superset.app:create_app(superset_app_root='/analytics')"
+```
+
+### Docker builds
+
+The [docker compose](/admin-docs/installation/docker-compose#configuring-further) developer
+configuration includes an additional environmental variable,
+[`SUPERSET_APP_ROOT`](https://github.com/apache/superset/blob/master/docker/.env),
+to simplify the process of setting up a non-default root path across the services.
+
+In `docker/.env-local` set `SUPERSET_APP_ROOT` to the desired prefix and then bring the
+services up with `docker compose up --detach`.
+
+## Custom OAuth2 Configuration
+
+Superset is built on Flask-AppBuilder (FAB), which supports many providers out of the box
+(GitHub, Twitter, LinkedIn, Google, Azure, etc). Beyond those, Superset can be configured to connect
+with other OAuth2 Authorization Server implementations that support “code” authorization.
+
+Make sure the pip package [`Authlib`](https://authlib.org/) is installed on the webserver.
+
+First, configure authorization in Superset `superset_config.py`.
+
+```python
+from flask_appbuilder.security.manager import AUTH_OAUTH
+
+# Set the authentication type to OAuth
+AUTH_TYPE = AUTH_OAUTH
+
+OAUTH_PROVIDERS = [
+    {   'name':'egaSSO',
+        'token_key':'access_token', # Name of the token in the response of access_token_url
+        'icon':'fa-address-card',   # Icon for the provider
+        'remote_app': {
+            'client_id':'myClientId',  # Client Id (Identify Superset application)
+            'client_secret':'MySecret', # Secret for this Client Id (Identify Superset application)
+            'client_kwargs':{
+                'scope': 'read'               # Scope for the Authorization
+            },
+            'access_token_method':'POST',    # HTTP Method to call access_token_url
+            'access_token_params':{        # Additional parameters for calls to access_token_url
+                'client_id':'myClientId'
+            },
+            'jwks_uri':'https://myAuthorizationServe/adfs/discovery/keys', # may be required to generate token
+            'access_token_headers':{    # Additional headers for calls to access_token_url
+                'Authorization': 'Basic Base64EncodedClientIdAndSecret'
+            },
+            'api_base_url':'https://myAuthorizationServer/oauth2AuthorizationServer/',
+            'access_token_url':'https://myAuthorizationServer/oauth2AuthorizationServer/token',
+            'authorize_url':'https://myAuthorizationServer/oauth2AuthorizationServer/authorize'
+        }
+    }
+]
+
+# Will allow user self registration, allowing to create Flask users from Authorized User
+AUTH_USER_REGISTRATION = True
+
+# The default user self registration role
+AUTH_USER_REGISTRATION_ROLE = "Public"
+```
+
+In case you want to assign the `Admin` role on new user registration, it can be assigned as follows:
+```python
+AUTH_USER_REGISTRATION_ROLE = "Admin"
+```
+If you encounter the [issue](https://github.com/apache/superset/issues/13243) of not being able to list users from the Superset main page settings, although a newly registered user has an `Admin` role, please re-run `superset init` to sync the required permissions. Below is the command to re-run `superset init` using docker compose.
+```
+docker-compose exec superset superset init
+```
+
+Then, create a `CustomSsoSecurityManager` that extends `SupersetSecurityManager` and overrides
+`oauth_user_info`:
+
+```python
+import logging
+from superset.security import SupersetSecurityManager
+
+class CustomSsoSecurityManager(SupersetSecurityManager):
+
+    def oauth_user_info(self, provider, response=None):
+        logging.debug("Oauth2 provider: {0}.".format(provider))
+        if provider == 'egaSSO':
+            # As example, this line request a GET to base_url + '/' + userDetails with Bearer  Authentication,
+    # and expects that authorization server checks the token, and response with user details
+            me = self.appbuilder.sm.oauth_remotes[provider].get('userDetails').data
+            logging.debug("user_data: {0}".format(me))
+            return { 'name' : me['name'], 'email' : me['email'], 'id' : me['user_name'], 'username' : me['user_name'], 'first_name':'', 'last_name':''}
+    ...
+```
+
+This file must be located in the same directory as `superset_config.py` with the name
+`custom_sso_security_manager.py`. Finally, add the following 2 lines to `superset_config.py`:
+
+```
+from custom_sso_security_manager import CustomSsoSecurityManager
+CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
+```
+
+**Notes**
+
+- The redirect URL will be `https://<superset-webserver>/oauth-authorized/<provider-name>`
+  When configuring an OAuth2 authorization provider if needed. For instance, the redirect URL will
+  be `https://<superset-webserver>/oauth-authorized/egaSSO` for the above configuration.
+
+- If an OAuth2 authorization server supports OpenID Connect 1.0, you could configure its configuration
+  document URL only without providing `api_base_url`, `access_token_url`, `authorize_url` and other
+  required options like user info endpoint, jwks uri etc. For instance:
+
+  ```python
+  OAUTH_PROVIDERS = [
+    {   'name':'egaSSO',
+        'token_key':'access_token', # Name of the token in the response of access_token_url
+        'icon':'fa-address-card',   # Icon for the provider
+        'remote_app': {
+            'client_id':'myClientId',  # Client Id (Identify Superset application)
+            'client_secret':'MySecret', # Secret for this Client Id (Identify Superset application)
+            'server_metadata_url': 'https://myAuthorizationServer/.well-known/openid-configuration'
+        }
+    }
+  ]
+  ```
+
+### PKCE Support
+
+For public OAuth2 clients that cannot securely store a client secret, enable Proof Key for Code Exchange (PKCE) by adding `code_challenge_method` to the `remote_app` configuration:
+
+```python
+OAUTH_PROVIDERS = [
+    {
+        'name': 'myProvider',
+        'remote_app': {
+            'client_id': 'myClientId',
+            'client_secret': 'mySecret',  # may be empty for pure public clients
+            'code_challenge_method': 'S256',  # enables PKCE
+            'server_metadata_url': 'https://myAuthorizationServer/.well-known/openid-configuration'
+        }
+    }
+]
+```
+
+PKCE (`S256`) is recommended for all OAuth2 flows, even when a client secret is present, as it protects against authorization code interception attacks.
+
+## LDAP Authentication
+
+FAB supports authenticating user credentials against an LDAP server.
+To use LDAP you must install the [python-ldap](https://www.python-ldap.org/en/latest/installing.html) package.
+See [FAB's LDAP documentation](https://flask-appbuilder.readthedocs.io/en/latest/security.html#authentication-ldap)
+for details.
+
+## Mapping LDAP or OAUTH groups to Superset roles
+
+AUTH_ROLES_MAPPING in Flask-AppBuilder is a dictionary that maps from LDAP/OAUTH group names to FAB roles.
+It is used to assign roles to users who authenticate using LDAP or OAuth.
+
+### Mapping OAUTH groups to Superset roles
+
+The following `AUTH_ROLES_MAPPING` dictionary would map the OAUTH group "superset_users" to the Superset roles "Gamma" as well as "Alpha", and the OAUTH group "superset_admins" to the Superset role "Admin".
+
+```python
+AUTH_ROLES_MAPPING = {
+"superset_users": ["Gamma","Alpha"],
+"superset_admins": ["Admin"],
+}
+```
+
+### Mapping LDAP groups to Superset roles
+
+The following `AUTH_ROLES_MAPPING` dictionary would map the LDAP DN "cn=superset_users,ou=groups,dc=example,dc=com" to the Superset roles "Gamma" as well as "Alpha", and the LDAP DN "cn=superset_admins,ou=groups,dc=example,dc=com" to the Superset role "Admin".
+
+```python
+AUTH_ROLES_MAPPING = {
+"cn=superset_users,ou=groups,dc=example,dc=com": ["Gamma","Alpha"],
+"cn=superset_admins,ou=groups,dc=example,dc=com": ["Admin"],
+}
+```
+
+Note: This requires `AUTH_LDAP_SEARCH` to be set. For more details, please see the [FAB Security documentation](https://flask-appbuilder.readthedocs.io/en/latest/security.html).
+
+### Syncing roles at login
+
+You can also use the `AUTH_ROLES_SYNC_AT_LOGIN` configuration variable to control how often Flask-AppBuilder syncs the user's roles with the LDAP/OAUTH groups. If `AUTH_ROLES_SYNC_AT_LOGIN` is set to True, Flask-AppBuilder will sync the user's roles each time they log in. If `AUTH_ROLES_SYNC_AT_LOGIN` is set to False, Flask-AppBuilder will only sync the user's roles when they first register.
+
+## Flask app Configuration Hook
+
+`FLASK_APP_MUTATOR` is a configuration function that can be provided in your environment, receives
+the app object and can alter it in any way. For example, add `FLASK_APP_MUTATOR` into your
+`superset_config.py` to setup session cookie expiration time to 24 hours:
+
+```python
+from flask import session
+from flask import Flask
+
+
+def make_session_permanent():
+    '''
+    Enable maxAge for the cookie 'session'
+    '''
+    session.permanent = True
+
+# Set up max age of session to 24 hours
+PERMANENT_SESSION_LIFETIME = timedelta(hours=24)
+def FLASK_APP_MUTATOR(app: Flask) -> None:
+    app.before_request_funcs.setdefault(None, []).append(make_session_permanent)
+```
+
+## Feature Flags
+
+To support a diverse set of users, Superset has some features that are not enabled by default. For
+example, some users have stronger security restrictions, while some others may not. So Superset
+allows users to enable or disable some features by config. For feature owners, you can add optional
+functionalities in Superset, but will be only affected by a subset of users.
+
+You can enable or disable features with flag from `superset_config.py`:
+
+```python
+FEATURE_FLAGS = {
+    'PRESTO_EXPAND_DATA': False,
+}
+```
+
+A current list of feature flags can be found in the [Feature Flags](/admin-docs/configuration/feature-flags) documentation.
+
+## Security Configuration
+
+### HASH_ALGORITHM
+
+Controls the hashing algorithm used for internal checksums and cache keys (thumbnails, cache keys, etc.). The default is `sha256`, which satisfies environments with stricter compliance requirements (e.g., FedRAMP). Set it to `md5` to retain the legacy behavior from older Superset deployments:
+
+```python
+HASH_ALGORITHM = "sha256"  # default; set to "md5" for legacy behavior
+```
+
+A companion `HASH_ALGORITHM_FALLBACKS` list (default: `["md5"]`) lets UUID lookups fall back to older algorithms, which enables gradual migration without breaking existing entries. Set it to `[]` for strict mode (use only `HASH_ALGORITHM`).
+
+:::note
+This setting affects internal Superset operations only, not user passwords or authentication tokens. Changing it in an existing deployment may invalidate cached values but does not require a database migration.
+:::
+
+## SQL Lab Query History Pruning
+
+SQL Lab query history is stored in the metadata database and is **not** pruned by default. To trim older rows, enable the `prune_query` Celery beat task by uncommenting it in `CELERY_BEAT_SCHEDULE` and choosing a retention window:
+
+```python
+CELERY_BEAT_SCHEDULE = {
+    "prune_query": {
+        "task": "prune_query",
+        "schedule": crontab(minute=0, hour=0, day_of_month=1),
+        "kwargs": {"retention_period_days": 180},
+    },
+}
+```
+
+Adjust `retention_period_days` to control how long query rows are kept. Companion opt-in tasks (`prune_logs`, `prune_tasks`) exist for pruning the logs and tasks tables; see the commented-out examples in `superset/config.py`. Without enabling these tasks, the metadata database will grow unbounded over time.
+
+:::resources
+- [Blog: Feature Flags in Apache Superset](https://preset.io/blog/feature-flags-in-apache-superset-and-preset/)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/configuration/country-map-tools.mdx

@@ -0,0 +1,40 @@
+---
+title: Country Map Tools
+sidebar_position: 10
+version: 1
+---
+
+import countriesData from '../_versioned_data/data/countries.json';
+
+# The Country Map Visualization
+
+The Country Map visualization allows you to plot lightweight choropleth maps of
+your countries by province, states, or other subdivision types. It does not rely
+on any third-party map services but would require you to provide the
+[ISO-3166-2](https://en.wikipedia.org/wiki/ISO_3166-2) codes of your country's
+top-level subdivisions. Comparing to a province or state's full names, the ISO
+code is less ambiguous and is unique to all regions in the world.
+
+## Included Maps
+
+The current list of countries can be found in the src
+[legacy-plugin-chart-country-map/src/countries.ts](https://github.com/apache/superset/blob/master/superset-frontend/plugins/legacy-plugin-chart-country-map/src/countries.ts)
+
+The Country Maps visualization already ships with the maps for the following countries:
+
+<ul style={{columns: 3}}>
+{countriesData.countries.map((country, index) => (
+  <li key={index}>{country}</li>
+))}
+</ul>
+
+## Adding a New Country
+
+To add a new country to the list, you'd have to edit files in
+[@superset-ui/legacy-plugin-chart-country-map](https://github.com/apache/superset/tree/master/superset-frontend/plugins/legacy-plugin-chart-country-map).
+
+1. Generate a new GeoJSON file for your country following the guide in [this Jupyter notebook](https://github.com/apache/superset/blob/master/superset-frontend/plugins/legacy-plugin-chart-country-map/scripts/Country%20Map%20GeoJSON%20Generator.ipynb).
+2. Edit the countries list in [legacy-plugin-chart-country-map/src/countries.ts](https://github.com/apache/superset/blob/master/superset-frontend/plugins/legacy-plugin-chart-country-map/src/countries.ts).
+3. Install superset-frontend dependencies: `cd superset-frontend && npm install`
+4. Verify your countries in Superset plugins storybook: `npm run plugins:storybook`.
+5. Build and install Superset from source code.

docs/admin_docs_versioned_docs/version-6.1.0/configuration/feature-flags.mdx

@@ -0,0 +1,107 @@
+---
+title: Feature Flags
+hide_title: true
+sidebar_position: 2
+version: 1
+---
+
+import featureFlags from '../_versioned_data/static/feature-flags.json';
+
+export const FlagTable = ({flags}) => (
+  <table>
+    <thead>
+      <tr>
+        <th>Flag</th>
+        <th>Default</th>
+        <th>Description</th>
+      </tr>
+    </thead>
+    <tbody>
+      {flags.map((flag) => (
+        <tr key={flag.name}>
+          <td><code>{flag.name}</code></td>
+          <td><code>{flag.default ? 'True' : 'False'}</code></td>
+          <td>
+            {flag.description}
+            {flag.docs && (
+              <> (<a href={flag.docs}>docs</a>)</>
+            )}
+          </td>
+        </tr>
+      ))}
+    </tbody>
+  </table>
+);
+
+# Feature Flags
+
+Superset uses feature flags to control the availability of features. Feature flags allow
+gradual rollout of new functionality and provide a way to enable experimental features.
+
+To enable a feature flag, add it to your `superset_config.py`:
+
+```python
+FEATURE_FLAGS = {
+    "ENABLE_TEMPLATE_PROCESSING": True,
+}
+```
+
+## Lifecycle
+
+Feature flags progress through lifecycle stages:
+
+| Stage | Description |
+|-------|-------------|
+| **Development** | Experimental features under active development. May be incomplete or unstable. |
+| **Testing** | Feature complete but undergoing testing. Usable but may contain bugs. |
+| **Stable** | Production-ready features. Safe for all deployments. |
+| **Deprecated** | Features scheduled for removal. Migrate away from these. |
+
+---
+
+## Development
+
+These features are experimental and under active development. Use only in development environments.
+
+<FlagTable flags={featureFlags.flags.development} />
+
+---
+
+## Testing
+
+These features are complete but still being tested. They are usable but may have bugs.
+
+<FlagTable flags={featureFlags.flags.testing} />
+
+---
+
+## Stable
+
+These features are production-ready and safe to enable.
+
+<FlagTable flags={featureFlags.flags.stable} />
+
+---
+
+## Deprecated
+
+These features are scheduled for removal. Plan to migrate away from them.
+
+<FlagTable flags={featureFlags.flags.deprecated} />
+
+---
+
+## Adding New Feature Flags
+
+When adding a new feature flag to `superset/config.py`, include the following annotations:
+
+```python
+# Description of what the feature does
+# @lifecycle: development | testing | stable | deprecated
+# @docs: https://superset.apache.org/docs/... (optional)
+# @category: runtime_config | path_to_deprecation (optional, for stable flags)
+"MY_NEW_FEATURE": False,
+```
+
+This documentation is auto-generated from the annotations in
+[config.py](https://github.com/apache/superset/blob/master/superset/config.py).

docs/admin_docs_versioned_docs/version-6.1.0/configuration/importing-exporting-datasources.mdx

@@ -0,0 +1,157 @@
+---
+title: Importing and Exporting Datasources
+hide_title: true
+sidebar_position: 11
+version: 1
+---
+
+# Importing and Exporting Datasources
+
+The superset cli allows you to import and export datasources from and to YAML. Datasources include
+databases. The data is expected to be organized in the following hierarchy:
+
+:::info
+Superset's ZIP-based import/export also covers **dashboards**, **charts**, and **saved queries**, exercised through the UI and REST API. The [Dashboard Import Overwrite Behavior](#dashboard-import-overwrite-behavior) and [UUIDs in API Responses](#uuids-in-api-responses) sections below document the behavior shared across all asset types.
+:::
+
+```text
+├──databases
+|  ├──database_1
+|  |  ├──table_1
+|  |  |  ├──columns
+|  |  |  |  ├──column_1
+|  |  |  |  ├──column_2
+|  |  |  |  └──... (more columns)
+|  |  |  └──metrics
+|  |  |     ├──metric_1
+|  |  |     ├──metric_2
+|  |  |     └──... (more metrics)
+|  |  └── ... (more tables)
+|  └── ... (more databases)
+```
+
+:::note
+When you export a database connection, the `masked_encrypted_extra` field (used for sensitive connection parameters such as service account JSON, OAuth tokens, and other encrypted credentials) is included in the export. When importing on another instance, these values are decrypted and re-encrypted using the destination instance's `SECRET_KEY`. Ensure the receiving instance has a valid `SECRET_KEY` configured before importing.
+:::
+
+## Exporting Datasources to YAML
+
+You can print your current datasources to stdout by running:
+
+```bash
+superset export_datasources
+```
+
+To save your datasources to a ZIP file run:
+
+```bash
+superset export_datasources -f <filename>
+```
+
+By default, default (null) values will be omitted. Use the -d flag to include them. If you want back
+references to be included (e.g. a column to include the table id it belongs to) use the -b flag.
+
+Alternatively, you can export datasources using the UI:
+
+1. Open **Sources -> Databases** to export all tables associated to a single or multiple databases.
+   (**Tables** for one or more tables)
+2. Select the items you would like to export.
+3. Click **Actions -> Export** to YAML
+4. If you want to import an item that you exported through the UI, you will need to nest it inside
+   its parent element, e.g. a database needs to be nested under databases a table needs to be nested
+   inside a database element.
+
+In order to obtain an **exhaustive list of all fields** you can import using the YAML import run:
+
+```bash
+superset export_datasource_schema
+```
+
+As a reminder, you can use the `-b` flag to include back references.
+
+## Importing Datasources
+
+In order to import datasources from a ZIP file, run:
+
+```bash
+superset import_datasources -p <path / filename>
+```
+
+The optional username flag **-u** sets the user used for the datasource import. The default is 'admin'. Example:
+
+```bash
+superset import_datasources -p <path / filename> -u 'admin'
+```
+
+## Dashboard Import Overwrite Behavior
+
+When importing a dashboard ZIP with the **overwrite** option enabled, any existing charts that are part of the dashboard are **replaced** rather than duplicated. This applies to:
+
+- Charts whose UUID matches a chart already present in the target instance
+- The full chart configuration (query, visualization type, columns, metrics) is replaced by the imported version
+
+If you import without the overwrite flag, existing charts with conflicting UUIDs are left unchanged and the import skips those objects. Use overwrite when you want to push a fully updated dashboard (including chart definitions) from a development or staging environment to production.
+
+## UUIDs in API Responses
+
+The REST API POST endpoints for **datasets**, **charts**, and **dashboards** include the auto-generated `uuid` field in the response body:
+
+```json
+{
+  "id": 42,
+  "uuid": "b8a8d5c3-1234-4abc-8def-0123456789ab",
+  ...
+}
+```
+
+UUIDs remain stable across import/export cycles and can be used for cross-environment workflows — for example, recording a UUID when creating a chart in development and using it to identify the matching chart after importing into production.
+
+## Legacy Importing Datasources
+
+### From older versions of Superset to current version
+
+When using Superset version 4.x.x to import from an older version (2.x.x or 3.x.x) importing is supported as the command `legacy_import_datasources` and expects a JSON or directory of JSONs. The options are `-r` for recursive and `-u` for specifying a user. Example of legacy import without options:
+
+```bash
+superset legacy_import_datasources -p <path or filename>
+```
+
+### From older versions of Superset to older versions
+
+When using an older Superset version (2.x.x & 3.x.x) of Superset, the command is `import_datasources`. ZIP and YAML files are supported and to switch between them the feature flag `VERSIONED_EXPORT` is used. When `VERSIONED_EXPORT` is `True`, `import_datasources` expects a ZIP file, otherwise YAML. Example:
+
+```bash
+superset import_datasources -p <path or filename>
+```
+
+When `VERSIONED_EXPORT` is `False`, if you supply a path all files ending with **yaml** or **yml** will be parsed. You can apply
+additional flags (e.g. to search the supplied path recursively):
+
+```bash
+superset import_datasources -p <path> -r
+```
+
+The sync flag **-s** takes parameters in order to sync the supplied elements with your file. Be
+careful this can delete the contents of your meta database. Example:
+
+```bash
+superset import_datasources -p <path / filename> -s columns,metrics
+```
+
+This will sync all metrics and columns for all datasources found in the `<path /filename>` in the
+Superset meta database. This means columns and metrics not specified in YAML will be deleted. If you
+would add tables to columns,metrics those would be synchronised as well.
+
+If you don’t supply the sync flag (**-s**) importing will only add and update (override) fields.
+E.g. you can add a verbose_name to the column ds in the table random_time_series from the example
+datasets by saving the following YAML to file and then running the **import_datasources** command.
+
+```yaml
+databases:
+- database_name: main
+  tables:
+  - table_name: random_time_series
+    columns:
+    - column_name: ds
+      verbose_name: datetime
+```

docs/admin_docs_versioned_docs/version-6.1.0/configuration/mcp-server.mdx

@@ -0,0 +1,845 @@
+---
+title: MCP Server Deployment & Authentication
+hide_title: true
+sidebar_position: 14
+version: 1
+---
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+# MCP Server Deployment & Authentication
+
+Superset includes a built-in [Model Context Protocol (MCP)](https://modelcontextprotocol.io/) server that lets AI assistants -- Claude, ChatGPT, and other MCP-compatible clients -- interact with your Superset instance. Through MCP, clients can list dashboards, query datasets, execute SQL, create charts, and more.
+
+This guide covers how to run, secure, and deploy the MCP server.
+
+:::tip Looking for user docs?
+See **[Using AI with Superset](/user-docs/using-superset/using-ai-with-superset)** for a guide on what AI can do with Superset and how to connect your AI client.
+:::
+
+```mermaid
+flowchart LR
+    A["AI Client<br/>(Claude, ChatGPT, etc.)"] -- "MCP protocol<br/>(HTTP + JSON-RPC)" --> B["MCP Server<br/>(:5008/mcp)"]
+    B -- "Superset context<br/>(app, db, RBAC)" --> C["Superset<br/>(:8088)"]
+    C --> D[("Database<br/>(Postgres)")]
+```
+
+---
+
+## Quick Start
+
+Get the MCP server running locally and connect an AI client in three steps.
+
+### 1. Start the MCP server
+
+The MCP server runs as a separate process alongside Superset:
+
+```bash
+superset mcp run --host 127.0.0.1 --port 5008
+```
+
+| Flag | Default | Description |
+|------|---------|-------------|
+| `--host` | `127.0.0.1` | Host to bind to |
+| `--port` | `5008` | Port to bind to |
+| `--debug` | off | Enable debug logging |
+
+The endpoint is available at `http://<host>:<port>/mcp`.
+
+### 2. Set a development user
+
+For local development, tell the MCP server which Superset user to impersonate (the user must already exist in your database):
+
+```python
+# superset_config.py
+MCP_DEV_USERNAME = "admin"
+```
+
+### 3. Connect an AI client
+
+Point your MCP client at the server. For **Claude Desktop**, edit the config file:
+
+- **macOS**: `~/Library/Application Support/Claude/claude_desktop_config.json`
+- **Windows**: `%APPDATA%\Claude\claude_desktop_config.json`
+- **Linux**: `~/.config/Claude/claude_desktop_config.json`
+
+```json
+{
+  "mcpServers": {
+    "superset": {
+      "url": "http://localhost:5008/mcp"
+    }
+  }
+}
+```
+
+Restart Claude Desktop. The hammer icon in the chat bar confirms the connection.
+
+See [Connecting AI Clients](#connecting-ai-clients) for Claude Code, Claude Web, ChatGPT, and raw HTTP examples.
+
+---
+
+## Prerequisites
+
+- Apache Superset 5.0+ running and accessible
+- Python 3.10+
+- The `fastmcp` package (`pip install fastmcp`)
+
+---
+
+## Authentication
+
+The MCP server supports multiple authentication methods depending on your deployment scenario.
+
+```mermaid
+flowchart TD
+    R["Incoming MCP Request"] --> F{"MCP_AUTH_FACTORY<br/>set?"}
+    F -- Yes --> CF["Custom Auth Provider"]
+    F -- No --> AE{"MCP_AUTH_ENABLED?"}
+    AE -- "True" --> JWT["JWT Validation"]
+    AE -- "False" --> DU["Dev Mode<br/>(MCP_DEV_USERNAME)"]
+
+    JWT --> ALG{"MCP_JWT_ALGORITHM"}
+    ALG -- "RS256 + JWKS" --> JWKS["Fetch keys from<br/>MCP_JWKS_URI"]
+    ALG -- "RS256 + static" --> PK["Use<br/>MCP_JWT_PUBLIC_KEY"]
+    ALG -- "HS256" --> SEC["Use<br/>MCP_JWT_SECRET"]
+
+    JWKS --> V["Validate token<br/>(exp, iss, aud, scopes)"]
+    PK --> V
+    SEC --> V
+    V --> UR["Resolve Superset user<br/>from token claims"]
+    UR --> OK["Authenticated request"]
+    CF --> OK
+    DU --> OK
+```
+
+### Development Mode (No Auth)
+
+Disable authentication and use a fixed user:
+
+```python
+# superset_config.py
+MCP_AUTH_ENABLED = False
+MCP_DEV_USERNAME = "admin"
+```
+
+All operations run as the configured user.
+
+:::warning
+Never use development mode in production. Always enable authentication for any internet-facing deployment.
+:::
+
+### JWT Authentication
+
+For production, enable JWT-based authentication. The MCP server validates a Bearer token on every request.
+
+#### Option A: RS256 with JWKS endpoint
+
+The most common setup for OAuth 2.0 / OIDC providers that publish a JWKS (JSON Web Key Set) endpoint:
+
+```python
+# superset_config.py
+MCP_AUTH_ENABLED = True
+MCP_JWT_ALGORITHM = "RS256"
+MCP_JWKS_URI = "https://your-identity-provider.com/.well-known/jwks.json"
+MCP_JWT_ISSUER = "https://your-identity-provider.com/"
+MCP_JWT_AUDIENCE = "your-superset-instance"
+```
+
+#### Option B: RS256 with static public key
+
+Use this when you have a fixed RSA key pair (e.g., self-signed tokens):
+
+```python
+# superset_config.py
+MCP_AUTH_ENABLED = True
+MCP_JWT_ALGORITHM = "RS256"
+MCP_JWT_PUBLIC_KEY = """-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...
+-----END PUBLIC KEY-----"""
+MCP_JWT_ISSUER = "your-issuer"
+MCP_JWT_AUDIENCE = "your-audience"
+```
+
+#### Option C: HS256 with shared secret
+
+Use this when both the token issuer and the MCP server share a symmetric secret:
+
+```python
+# superset_config.py
+MCP_AUTH_ENABLED = True
+MCP_JWT_ALGORITHM = "HS256"
+MCP_JWT_SECRET = "your-shared-secret-key"
+MCP_JWT_ISSUER = "your-issuer"
+MCP_JWT_AUDIENCE = "your-audience"
+```
+
+:::warning
+Store `MCP_JWT_SECRET` securely. Never commit it to version control. Use environment variables:
+```python
+import os
+MCP_JWT_SECRET = os.environ.get("MCP_JWT_SECRET")
+```
+:::
+
+#### JWT claims
+
+The MCP server validates these standard claims:
+
+| Claim | Config Key | Description |
+|-------|-----------|-------------|
+| `exp` | -- | Expiration time (always validated) |
+| `iss` | `MCP_JWT_ISSUER` | Token issuer (optional but recommended) |
+| `aud` | `MCP_JWT_AUDIENCE` | Token audience (optional but recommended) |
+| `sub` | -- | Subject -- primary claim used to resolve the Superset user |
+
+#### User resolution
+
+After validating the token, the MCP server resolves a Superset username from the claims. It checks these in order, using the first non-empty value:
+
+1. `subject` -- the standard `sub` claim (via the access token object)
+2. `client_id` -- for machine-to-machine tokens
+3. `payload["sub"]` -- fallback to raw payload
+4. `payload["email"]` -- email-based lookup
+5. `payload["username"]` -- explicit username claim
+
+The resolved value must match a `username` in the Superset `ab_user` table.
+
+#### Scoped access
+
+Require specific scopes in the JWT to limit what MCP operations a token can perform:
+
+```python
+# superset_config.py
+MCP_REQUIRED_SCOPES = ["mcp:read", "mcp:write"]
+```
+
+Only tokens that include **all** required scopes are accepted.
+
+### Custom Auth Provider
+
+For advanced scenarios (e.g., a proprietary auth system), provide a factory function. This takes precedence over all built-in JWT configuration:
+
+```python
+# superset_config.py
+def my_custom_auth_factory(app):
+    """Return a FastMCP auth provider instance."""
+    from fastmcp.server.auth.providers.jwt import JWTVerifier
+    return JWTVerifier(
+        jwks_uri="https://my-auth.example.com/.well-known/jwks.json",
+        issuer="https://my-auth.example.com/",
+        audience="superset-mcp",
+    )
+
+MCP_AUTH_FACTORY = my_custom_auth_factory
+```
+
+---
+
+## Connecting AI Clients
+
+### Claude Desktop
+
+**Local development (no auth):**
+
+```json
+{
+  "mcpServers": {
+    "superset": {
+      "url": "http://localhost:5008/mcp"
+    }
+  }
+}
+```
+
+**With JWT authentication:**
+
+```json
+{
+  "mcpServers": {
+    "superset": {
+      "command": "npx",
+      "args": [
+        "-y",
+        "mcp-remote@latest",
+        "http://your-superset-host:5008/mcp",
+        "--header",
+        "Authorization: Bearer YOUR_TOKEN"
+      ]
+    }
+  }
+}
+```
+
+### Claude Code (CLI)
+
+Add to your project's `.mcp.json`:
+
+```json
+{
+  "mcpServers": {
+    "superset": {
+      "type": "url",
+      "url": "http://localhost:5008/mcp"
+    }
+  }
+}
+```
+
+With authentication:
+
+```json
+{
+  "mcpServers": {
+    "superset": {
+      "type": "url",
+      "url": "http://localhost:5008/mcp",
+      "headers": {
+        "Authorization": "Bearer YOUR_TOKEN"
+      }
+    }
+  }
+}
+```
+
+### Claude Web (claude.ai)
+
+1. Open [claude.ai](https://claude.ai)
+2. Click the **+** button (or your profile icon)
+3. Select **Connectors**
+4. Click **Manage Connectors** > **Add custom connector**
+5. Enter a name and your MCP URL (e.g., `https://your-superset-host/mcp`)
+6. Click **Add**
+
+:::info
+Custom connectors on Claude Web require a Pro, Max, Team, or Enterprise plan.
+:::
+
+### ChatGPT
+
+1. Click your profile icon > **Settings** > **Apps and Connectors**
+2. Enable **Developer Mode** in Advanced Settings
+3. In the chat composer, press **+** > **Add sources** > **App** > **Connect more** > **Create app**
+4. Enter a name and your MCP server URL
+5. Click **I understand and continue**
+
+:::info
+ChatGPT MCP connectors require a Pro, Team, Enterprise, or Edu plan.
+:::
+
+### Direct HTTP requests
+
+Call the MCP server directly with any HTTP client:
+
+```bash
+curl -X POST http://localhost:5008/mcp \
+  -H 'Content-Type: application/json' \
+  -H 'Authorization: Bearer YOUR_JWT_TOKEN' \
+  -d '{"jsonrpc": "2.0", "method": "tools/list", "id": 1}'
+```
+
+---
+
+## Deployment
+
+### Single Process
+
+The simplest setup: run the MCP server alongside Superset on the same host.
+
+```mermaid
+flowchart TD
+    subgraph host["Host / VM"]
+        direction TB
+        S["Superset<br/>:8088"] --> DB[("Postgres")]
+        M["MCP Server<br/>:5008"] --> DB
+    end
+    C["AI Client"] -- "HTTPS" --> P["Reverse Proxy<br/>(Nginx / Caddy)"]
+    U["Browser"] -- "HTTPS" --> P
+    P -- ":8088" --> S
+    P -- ":5008/mcp" --> M
+```
+
+**superset_config.py:**
+
+```python
+MCP_SERVICE_HOST = "0.0.0.0"
+MCP_SERVICE_PORT = 5008
+MCP_DEV_USERNAME = "admin"  # or enable JWT auth
+
+# If behind a reverse proxy, set the public-facing URL so
+# MCP-generated links (chart previews, SQL Lab URLs) resolve correctly:
+MCP_SERVICE_URL = "https://superset.example.com"
+```
+
+**Start both processes:**
+
+```bash
+# Terminal 1 -- Superset web server
+superset run -h 0.0.0.0 -p 8088
+
+# Terminal 2 -- MCP server
+superset mcp run --host 0.0.0.0 --port 5008
+```
+
+**Nginx reverse proxy with TLS:**
+
+```nginx
+server {
+    listen 443 ssl;
+    server_name superset.example.com;
+
+    ssl_certificate     /path/to/cert.pem;
+    ssl_certificate_key /path/to/key.pem;
+
+    # Superset web UI
+    location / {
+        proxy_pass http://127.0.0.1:8088;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+
+    # MCP endpoint
+    location /mcp {
+        proxy_pass http://127.0.0.1:5008/mcp;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header Authorization $http_authorization;
+    }
+}
+```
+
+### Docker Compose
+
+Run Superset and the MCP server as separate containers sharing the same config:
+
+```yaml
+# docker-compose.yml
+services:
+  superset:
+    image: apache/superset:latest
+    ports:
+      - "8088:8088"
+    volumes:
+      - ./superset_config.py:/app/superset_config.py
+    environment:
+      - SUPERSET_CONFIG_PATH=/app/superset_config.py
+
+  mcp:
+    image: apache/superset:latest
+    command: ["superset", "mcp", "run", "--host", "0.0.0.0", "--port", "5008"]
+    ports:
+      - "5008:5008"
+    volumes:
+      - ./superset_config.py:/app/superset_config.py
+    environment:
+      - SUPERSET_CONFIG_PATH=/app/superset_config.py
+    depends_on:
+      - superset
+```
+
+Both containers share the same `superset_config.py`, so authentication settings, database connections, and feature flags stay in sync.
+
+### Multi-Pod (Kubernetes)
+
+For high-availability deployments, configure Redis so that replicas share session state:
+
+```mermaid
+flowchart TD
+    LB["Load Balancer"] --> M1["MCP Pod 1"]
+    LB --> M2["MCP Pod 2"]
+    LB --> M3["MCP Pod 3"]
+    M1 --> R[("Redis<br/>(session store)")]
+    M2 --> R
+    M3 --> R
+    M1 --> DB[("Postgres")]
+    M2 --> DB
+    M3 --> DB
+```
+
+**superset_config.py:**
+
+```python
+MCP_STORE_CONFIG = {
+    "enabled": True,
+    "CACHE_REDIS_URL": "redis://redis-host:6379/0",
+    "event_store_max_events": 100,
+    "event_store_ttl": 3600,
+}
+```
+
+When `CACHE_REDIS_URL` is set, the MCP server uses a Redis-backed EventStore for session management, allowing replicas to share state. Without Redis, each pod manages its own in-memory sessions and stateful MCP interactions may fail when requests hit different replicas.
+
+---
+
+## Configuration Reference
+
+All MCP settings go in `superset_config.py`. Defaults are defined in `superset/mcp_service/mcp_config.py`.
+
+### Core
+
+| Setting | Default | Description |
+|---------|---------|-------------|
+| `MCP_SERVICE_HOST` | `"localhost"` | Host the MCP server binds to |
+| `MCP_SERVICE_PORT` | `5008` | Port the MCP server binds to |
+| `MCP_SERVICE_URL` | `None` | Public base URL for MCP-generated links (set this when behind a reverse proxy) |
+| `MCP_DEBUG` | `False` | Enable debug logging |
+| `MCP_DEV_USERNAME` | -- | Superset username for development mode (no auth) |
+| `MCP_RBAC_ENABLED` | `True` | Enforce Superset's role-based access control on MCP tool calls. When `True`, each tool checks that the authenticated user has the required FAB permission before executing. Disable only for testing or trusted-network deployments. |
+
+### Authentication
+
+| Setting | Default | Description |
+|---------|---------|-------------|
+| `MCP_AUTH_ENABLED` | `False` | Enable JWT authentication |
+| `MCP_JWT_ALGORITHM` | `"RS256"` | JWT signing algorithm (`RS256` or `HS256`) |
+| `MCP_JWKS_URI` | `None` | JWKS endpoint URL (RS256) |
+| `MCP_JWT_PUBLIC_KEY` | `None` | Static RSA public key string (RS256) |
+| `MCP_JWT_SECRET` | `None` | Shared secret string (HS256) |
+| `MCP_JWT_ISSUER` | `None` | Expected `iss` claim |
+| `MCP_JWT_AUDIENCE` | `None` | Expected `aud` claim |
+| `MCP_REQUIRED_SCOPES` | `[]` | Required JWT scopes |
+| `MCP_JWT_DEBUG_ERRORS` | `False` | Log detailed JWT errors server-side (never exposed in HTTP responses per RFC 6750) |
+| `MCP_AUTH_FACTORY` | `None` | Custom auth provider factory `(flask_app) -> auth_provider`. Takes precedence over built-in JWT |
+| `MCP_USER_RESOLVER` | `None` | Custom function `(app, access_token) -> username` to extract a Superset username from a validated JWT token. When `None`, the default resolver checks `preferred_username`, `username`, `email`, and `sub` claims in that order. |
+
+### Response Size Guard
+
+Limits response sizes to prevent exceeding LLM context windows:
+
+```python
+MCP_RESPONSE_SIZE_CONFIG = {
+    "enabled": True,
+    "token_limit": 25000,
+    "warn_threshold_pct": 80,
+    "excluded_tools": [
+        "health_check",
+        "get_chart_preview",
+        "generate_explore_link",
+        "open_sql_lab_with_context",
+    ],
+}
+```
+
+| Key | Default | Description |
+|-----|---------|-------------|
+| `enabled` | `True` | Enable response size checking |
+| `token_limit` | `25000` | Maximum estimated token count per response |
+| `warn_threshold_pct` | `80` | Warn when response exceeds this percentage of the limit |
+| `excluded_tools` | See above | Tools exempt from size checking (e.g., tools that return URLs, not data) |
+
+### Caching
+
+Optional response caching for read-heavy workloads. Requires Redis when used with multiple replicas.
+
+```python
+MCP_CACHE_CONFIG = {
+    "enabled": False,
+    "CACHE_KEY_PREFIX": None,
+    "list_tools_ttl": 300,       # 5 min
+    "list_resources_ttl": 300,
+    "list_prompts_ttl": 300,
+    "read_resource_ttl": 3600,   # 1 hour
+    "get_prompt_ttl": 3600,
+    "call_tool_ttl": 3600,
+    "max_item_size": 1048576,    # 1 MB
+    "excluded_tools": [
+        "execute_sql",
+        "generate_dashboard",
+        "generate_chart",
+        "update_chart",
+    ],
+}
+```
+
+| Key | Default | Description |
+|-----|---------|-------------|
+| `enabled` | `False` | Enable response caching |
+| `CACHE_KEY_PREFIX` | `None` | Optional prefix for cache keys (useful for shared Redis) |
+| `list_tools_ttl` | `300` | Cache TTL in seconds for `tools/list` |
+| `list_resources_ttl` | `300` | Cache TTL for `resources/list` |
+| `list_prompts_ttl` | `300` | Cache TTL for `prompts/list` |
+| `read_resource_ttl` | `3600` | Cache TTL for `resources/read` |
+| `get_prompt_ttl` | `3600` | Cache TTL for `prompts/get` |
+| `call_tool_ttl` | `3600` | Cache TTL for `tools/call` |
+| `max_item_size` | `1048576` | Maximum cached item size in bytes (1 MB) |
+| `excluded_tools` | See above | Tools that are never cached (mutating or non-deterministic) |
+
+### Redis Store (Multi-Pod)
+
+Enables Redis-backed session and event storage for multi-replica deployments:
+
+```python
+MCP_STORE_CONFIG = {
+    "enabled": False,
+    "CACHE_REDIS_URL": None,
+    "event_store_max_events": 100,
+    "event_store_ttl": 3600,
+}
+```
+
+| Key | Default | Description |
+|-----|---------|-------------|
+| `enabled` | `False` | Enable Redis-backed store |
+| `CACHE_REDIS_URL` | `None` | Redis connection URL (e.g., `redis://redis-host:6379/0`) |
+| `event_store_max_events` | `100` | Maximum events retained per session |
+| `event_store_ttl` | `3600` | Event TTL in seconds |
+
+### Tool Search
+
+By default the MCP server exposes a lightweight tool-search interface instead of advertising every tool at once. This reduces the initial context sent to the LLM by ~70%, which lowers cost and latency. The AI client discovers tools on demand by calling `search_tools` and then invokes them via `call_tool`.
+
+```python
+MCP_TOOL_SEARCH_CONFIG = {
+    "enabled": True,
+    "strategy": "bm25",        # "bm25" (natural language) or "regex"
+    "max_results": 5,
+    "always_visible": [        # Tools always listed (pinned)
+        "health_check",
+        "get_instance_info",
+    ],
+    "search_tool_name": "search_tools",
+    "call_tool_name": "call_tool",
+    "include_schemas": False,  # False=summary mode (name + parameters_hint)
+    "compact_schemas": True,   # Strip $defs (only applies when include_schemas=True)
+    "max_description_length": 300,
+}
+```
+
+| Key | Default | Description |
+|-----|---------|-------------|
+| `enabled` | `True` | Enable tool search. When `False`, all tools are listed upfront |
+| `strategy` | `"bm25"` | Search ranking algorithm. `"bm25"` supports natural language; `"regex"` supports pattern matching |
+| `max_results` | `5` | Maximum tools returned per search query |
+| `always_visible` | See above | Tools that always appear in `list_tools`, regardless of search |
+| `include_schemas` | `False` | When `False` (default, "summary mode"), search results omit `inputSchema` entirely and include a lightweight `parameters_hint` listing top-level parameter names. Set to `True` to include the full `inputSchema` in search results. Full schemas are always used when a tool is actually invoked via `call_tool`. |
+| `compact_schemas` | `True` | Strip `$defs` / `$ref` and replace with `{"type": "object"}` in search results to reduce token cost. Only takes effect when `include_schemas=True` — ignored in summary mode. |
+| `max_description_length` | `300` | Truncate tool descriptions in search results (0 = no truncation). Applies in both summary and full-schema modes. |
+
+:::tip
+Set `enabled: False` to revert to the traditional "show all tools at once" behavior, which some clients or workflows may prefer.
+:::
+
+Tool search reduces the initial token cost from ~15–20K tokens (full catalog) down to ~4–5K tokens (pinned tools + search interface) — roughly 85% savings at the start of each conversation.
+
+### Session & CSRF
+
+These values are flat-merged into the Flask app config used by the MCP server process:
+
+```python
+MCP_SESSION_CONFIG = {
+    "SESSION_COOKIE_HTTPONLY": True,
+    "SESSION_COOKIE_SECURE": False,
+    "SESSION_COOKIE_SAMESITE": "Lax",
+    "SESSION_COOKIE_NAME": "superset_session",
+    "PERMANENT_SESSION_LIFETIME": 86400,
+}
+
+MCP_CSRF_CONFIG = {
+    "WTF_CSRF_ENABLED": True,
+    "WTF_CSRF_TIME_LIMIT": None,
+}
+```
+
+---
+
+## Access Control
+
+### RBAC Enforcement
+
+The MCP server respects Superset's full role-based access control (RBAC). Every authenticated user can only access the data and operations their Superset roles permit — the same rules that apply in the Superset UI apply through MCP.
+
+Each tool declares one or more required FAB permissions. The table below maps tool groups to their permission requirements:
+
+| Tool group | Required FAB permission |
+|------------|------------------------|
+| `list_charts`, `get_chart_info`, `get_chart_data`, `get_chart_preview`, `generate_chart`, `update_chart` | `can_read` on `Chart` (read), `can_write` on `Chart` (mutate) |
+| `list_dashboards`, `get_dashboard_info`, `generate_dashboard`, `add_chart_to_existing_dashboard` | `can_read` on `Dashboard` (read), `can_write` on `Dashboard` (mutate) |
+| `list_datasets`, `get_dataset_info`, `create_virtual_dataset` | `can_read` on `Dataset` (read), `can_write` on `Dataset` (mutate) |
+| `list_databases`, `get_database_info` | `can_read` on `Database` |
+| `execute_sql` | `can_execute_sql_query` on `SQLLab` |
+| `open_sql_lab_with_context` | `can_read` on `SQLLab` |
+| `save_sql_query` | `can_write` on `SavedQuery` |
+| `health_check` | None (public) |
+
+To disable RBAC checking globally (for trusted-network deployments or testing), set:
+
+```python
+# superset_config.py
+MCP_RBAC_ENABLED = False
+```
+
+:::warning
+Disabling RBAC removes all permission checks from MCP tool calls. Only do this on isolated, internal deployments where all MCP users are trusted admins.
+:::
+
+### Audit Log
+
+All MCP tool calls are recorded in Superset's action log. You can view them at **Settings → Action Log** (admin only). Each log entry records:
+
+- The tool name (e.g., `mcp.generate_chart.db_write`)
+- The authenticated user
+- A timestamp
+
+This makes MCP activity fully auditable alongside regular Superset activity. The action log uses the same event logger as the rest of Superset, so existing log ingestion pipelines (e.g., sending logs to Elasticsearch or a SIEM) capture MCP events automatically.
+
+### Middleware Pipeline
+
+Every MCP request passes through a middleware stack before reaching the tool function. The default stack (assembled in `build_middleware_list()` in `server.py`) is:
+
+| Middleware | Purpose | Default |
+|------------|---------|---------|
+| `StructuredContentStripperMiddleware` | Strips `structuredContent` from responses for Claude.ai bridge compatibility | Enabled |
+| `LoggingMiddleware` | Logs each tool call with user, parameters, and duration | Enabled |
+| `GlobalErrorHandlerMiddleware` | Catches unhandled exceptions and sanitizes sensitive data before it reaches the client | Enabled |
+| `ResponseSizeGuardMiddleware` | Estimates token count, warns at 80% of limit, blocks at limit | Enabled (configurable via `MCP_RESPONSE_SIZE_CONFIG`) |
+| `ResponseCachingMiddleware` | Caches read-heavy tool responses (in-memory or Redis) | Disabled (enable via `MCP_CACHE_CONFIG`) |
+
+Additional middleware classes (`RateLimitMiddleware`, `FieldPermissionsMiddleware`, `PrivateToolMiddleware`) are implemented in `superset/mcp_service/middleware.py` but are not added to the default pipeline. They are available for operators who want to layer them in via a custom startup path.
+
+### Error Sanitization
+
+The `GlobalErrorHandlerMiddleware` automatically redacts sensitive information from all error messages before they reach the LLM client. The following are replaced with generic messages:
+
+- **Database connection strings** — replaced with a generic connection error message
+- **API keys and tokens** — redacted from error traces
+- **File system paths** — stripped to prevent information disclosure
+- **IP addresses** — removed from error context
+
+This ensures that a misconfigured database connection or an unexpected exception never leaks credentials or internal topology to the LLM or its users. All regex patterns used for redaction are bounded to prevent ReDoS attacks.
+
+---
+
+## Performance
+
+### Connection Pooling
+
+Each MCP server process maintains its own SQLAlchemy connection pool to the database. For multi-worker deployments, total open connections = **workers × pool size**.
+
+```python
+# superset_config.py
+SQLALCHEMY_POOL_SIZE = 5
+SQLALCHEMY_MAX_OVERFLOW = 10
+SQLALCHEMY_POOL_TIMEOUT = 30
+SQLALCHEMY_POOL_RECYCLE = 3600  # Recycle connections after 1 hour
+```
+
+For a 3-pod Kubernetes deployment with the defaults above, expect up to 3 × (5 + 10) = 45 connections. Size your database's `max_connections` accordingly.
+
+### Response Caching
+
+Enable response caching for read-heavy workloads (dashboards/datasets that don't change frequently). With the in-memory backend (default when `MCP_STORE_CONFIG` is disabled), caching is per-process. Use Redis-backed caching for consistent cache hits across multiple pods:
+
+```python
+MCP_CACHE_CONFIG = {"enabled": True, "call_tool_ttl": 3600}
+MCP_STORE_CONFIG = {"enabled": True, "CACHE_REDIS_URL": "redis://redis:6379/0"}
+```
+
+Mutating tools (`generate_chart`, `update_chart`, `execute_sql`, `generate_dashboard`) are always excluded from caching regardless of this setting.
+
+---
+
+## Troubleshooting
+
+### Server won't start
+
+- Verify `fastmcp` is installed: `pip install fastmcp`
+- Check that `MCP_DEV_USERNAME` is set if auth is disabled -- the server requires a user identity
+- Confirm the port is not already in use: `lsof -i :5008`
+
+### 401 Unauthorized
+
+- Verify your JWT token has not expired (`exp` claim)
+- Check that `MCP_JWT_ISSUER` and `MCP_JWT_AUDIENCE` match the token's `iss` and `aud` claims exactly
+- For RS256 with JWKS: confirm the JWKS URI is reachable from the MCP server
+- For RS256 with static key: confirm the public key string includes the `BEGIN`/`END` markers
+- For HS256: confirm the secret matches between the token issuer and `MCP_JWT_SECRET`
+- Enable `MCP_JWT_DEBUG_ERRORS = True` for detailed server-side logging (errors are never leaked to the client)
+
+### Tool not found
+
+- Ensure the MCP server and Superset share the same `superset_config.py`
+- Check server logs at startup -- tool registration errors are logged with the tool name and reason
+
+### Client can't connect
+
+- Verify the MCP server URL is reachable from the client machine
+- For Claude Desktop: fully quit the app (not just close the window) and restart after config changes
+- For remote access: ensure your firewall and reverse proxy allow traffic to the MCP port
+- Confirm the URL path ends with `/mcp` (e.g., `http://localhost:5008/mcp`)
+
+### Permission errors on tool calls
+
+- The MCP server enforces Superset's RBAC permissions -- the authenticated user must have the required roles
+- In development mode, ensure `MCP_DEV_USERNAME` maps to a user with appropriate roles (e.g., Admin)
+- Check `superset/security/manager.py` for the specific permission tuples required by each tool domain (e.g., `("can_execute_sql_query", "SQLLab")`)
+
+### Response too large
+
+- If a tool call returns an error about exceeding token limits, the response size guard is blocking an oversized result
+- Reduce `page_size` or `limit` parameters, use `select_columns` to exclude large fields, or add filters to narrow results
+- To adjust the threshold, change `token_limit` in `MCP_RESPONSE_SIZE_CONFIG`
+- To disable the guard entirely, set `MCP_RESPONSE_SIZE_CONFIG = {"enabled": False}`
+
+---
+
+## Audit Events
+
+All MCP tool calls are logged to Superset's event logger, the same system used by the web UI (viewable at **Settings → Action Log**). Each event captures:
+
+- **Action**: `mcp.<tool_name>.<phase>` (e.g., `mcp.list_databases.query`)
+- **User**: the resolved Superset username from the JWT or dev config
+- **Timestamp**: when the operation ran
+
+This means MCP activity is auditable alongside normal user activity. No additional configuration is required — logging is on by default whenever the event logger is enabled in your Superset deployment.
+
+## Tool Pagination
+
+MCP list tools (`list_datasets`, `list_charts`, `list_dashboards`, `list_databases`) use **offset pagination** via `page` (1-based) and `page_size` parameters. Responses include `page`, `page_size`, `total_count`, `total_pages`, `has_previous`, and `has_next`. To iterate through all results:
+
+```python
+# Example: fetch all charts across pages
+all_charts = []
+page = 1
+while True:
+    result = mcp.list_charts(page=page, page_size=50)
+    all_charts.extend(result["charts"])
+    if not result.get("has_next"):
+        break
+    page += 1
+```
+
+## Security Best Practices
+
+- **Use TLS** for all production MCP endpoints -- place the server behind a reverse proxy with HTTPS
+- **Enable JWT authentication** for any internet-facing deployment
+- **RBAC enforcement** -- The MCP server respects Superset's role-based access control. Users can only access data their roles permit
+- **Secrets management** -- Store `MCP_JWT_SECRET`, database credentials, and API keys in environment variables or a secrets manager, never in config files committed to version control
+- **Scoped tokens** -- Use `MCP_REQUIRED_SCOPES` to limit what operations a token can perform
+- **Network isolation** -- In Kubernetes, restrict MCP pod network policies to only allow traffic from your AI client endpoints
+- Review the **[Security documentation](/developer-docs/extensions/security)** for additional extension security guidance
+
+---
+
+## Next Steps
+
+- **[Using AI with Superset](/user-docs/using-superset/using-ai-with-superset)** -- What AI can do with Superset and how to get started
+- **[MCP Integration](/developer-docs/extensions/mcp)** -- Build custom MCP tools and prompts via Superset extensions
+- **[Security](/developer-docs/extensions/security)** -- Security best practices for extensions
+- **[Deployment](/developer-docs/extensions/deployment)** -- Package and deploy Superset extensions

docs/admin_docs_versioned_docs/version-6.1.0/configuration/networking-settings.mdx

@@ -0,0 +1,171 @@
+---
+title: Network and Security Settings
+sidebar_position: 7
+version: 1
+---
+
+# Network and Security Settings
+
+## CORS
+
+
+:::note
+In Superset versions prior to `5.x` you have to install to install `flask-cors` with `pip install flask-cors` to enable CORS support.
+:::
+
+
+The following keys in `superset_config.py` can be specified to configure CORS:
+
+- `ENABLE_CORS`: Must be set to `True` in order to enable CORS
+- `CORS_OPTIONS`: options passed to Flask-CORS
+  ([documentation](https://flask-cors.readthedocs.io/en/latest/api.html#extension))
+
+## HTTP headers
+
+Note that Superset bundles [flask-talisman](https://pypi.org/project/talisman/)
+Self-described as a small Flask extension that handles setting HTTP headers that can help
+protect against a few common web application security issues.
+
+## HTML Embedding of Dashboards and Charts
+
+There are two ways to embed a dashboard: Using the [SDK](https://www.npmjs.com/package/@superset-ui/embedded-sdk) or embedding a direct link. Note that in the latter case everybody who knows the link is able to access the dashboard.
+
+### Embedding a Public Direct Link to a Dashboard
+
+This works by first changing the content security policy (CSP) of [flask-talisman](https://github.com/GoogleCloudPlatform/flask-talisman) to allow for certain domains to display Superset content. Then a dashboard can be made publicly accessible, i.e. **bypassing authentication**. Once made public, the dashboard's URL can be added to an iframe in another website's HTML code.
+
+#### Changing flask-talisman CSP
+
+Add to `superset_config.py` the entire `TALISMAN_CONFIG` section from `config.py` and include a `frame-ancestors` section:
+
+```python
+TALISMAN_ENABLED = True
+TALISMAN_CONFIG = {
+    "content_security_policy": {
+    ...
+ "frame-ancestors": ["*.my-domain.com", "*.another-domain.com"],
+    ...
+```
+
+Restart Superset for this configuration change to take effect.
+
+#### Making a Dashboard Public
+
+There are two approaches to making dashboards publicly accessible:
+
+**Option 1: Dataset-based access (simpler)**
+1. Set `PUBLIC_ROLE_LIKE = "Public"` in `superset_config.py`
+2. Grant the Public role access to the relevant datasets (Menu → Security → List Roles → Public)
+3. All published dashboards using those datasets become visible to anonymous users
+
+**Option 2: Dashboard-level access (selective control)**
+1. Set `PUBLIC_ROLE_LIKE = "Public"` in `superset_config.py`
+2. Add the `'DASHBOARD_RBAC': True` [Feature Flag](/admin-docs/configuration/feature-flags)
+3. Edit each dashboard's properties and add the "Public" role
+4. Only dashboards with the Public role explicitly assigned are visible to anonymous users
+
+See the [Public role documentation](/admin-docs/security/#public) for more details.
+
+#### Embedding a Public Dashboard
+
+Now anybody can directly access the dashboard's URL. You can embed it in an iframe like so:
+
+```html
+<iframe
+  width="600"
+  height="400"
+  seamless
+  frameBorder="0"
+  scrolling="no"
+  src="https://superset.my-domain.com/superset/dashboard/10/?standalone=1&height=400"
+>
+</iframe>
+```
+
+#### Embedding a Chart
+
+A chart's embed code can be generated by going to a chart's edit view and then clicking at the top right on `...` > `Share` > `Embed code`
+
+### Enabling Embedding via the SDK
+
+Clicking on `...` next to `EDIT DASHBOARD` on the top right of the dashboard's overview page should yield a drop-down menu including the entry "Embed dashboard".
+
+To enable this entry, add the following line to the `.env` file:
+
+```text
+SUPERSET_FEATURE_EMBEDDED_SUPERSET=true
+```
+
+### Hiding the Logout Button in Embedded Contexts
+
+When Superset is embedded in an application that manages authentication via SSO (OAuth2, SAML, or JWT), the logout button should be hidden since session management is handled by the parent application.
+
+To hide the logout button in embedded contexts, add to `superset_config.py`:
+
+```python
+FEATURE_FLAGS = {
+    "DISABLE_EMBEDDED_SUPERSET_LOGOUT": True,
+}
+```
+
+This flag only hides the logout button when Superset detects it is running inside an iframe. Users accessing Superset directly (not embedded) will still see the logout button regardless of this setting.
+
+:::note
+When embedding with SSO, also set `SESSION_COOKIE_SAMESITE = 'None'` and `SESSION_COOKIE_SECURE = True`. See [Security documentation](/admin-docs/security/securing_superset) for details.
+:::
+
+## CSRF settings
+
+Similarly, [flask-wtf](https://flask-wtf.readthedocs.io/en/0.15.x/config/) is used to manage
+some CSRF configurations. If you need to exempt endpoints from CSRF (e.g. if you are
+running a custom auth postback endpoint), you can add the endpoints to `WTF_CSRF_EXEMPT_LIST`:
+
+## SSH Tunneling
+
+1. Turn on feature flag
+    - Change [`SSH_TUNNELING`](https://github.com/apache/superset/blob/eb8386e3f0647df6d1bbde8b42073850796cc16f/superset/config.py#L489) to `True`
+    - If you want to add more security when establishing the tunnel we allow users to overwrite the `SSHTunnelManager` class [here](https://github.com/apache/superset/blob/eb8386e3f0647df6d1bbde8b42073850796cc16f/superset/config.py#L507)
+    - You can also set the [`SSH_TUNNEL_LOCAL_BIND_ADDRESS`](https://github.com/apache/superset/blob/eb8386e3f0647df6d1bbde8b42073850796cc16f/superset/config.py#L508) this the host address where the tunnel will be accessible on your VPC
+
+2. Create database w/ ssh tunnel enabled
+    - With the feature flag enabled you should now see ssh tunnel toggle.
+    - Click the toggle to enable SSH tunneling and add your credentials accordingly.
+        - Superset allows for two different types of authentication (Basic + Private Key). These credentials should come from your service provider.
+
+3. Verify data is flowing
+    - Once SSH tunneling has been enabled, go to SQL Lab and write a query to verify data is properly flowing.
+
+## Domain Sharding
+
+:::note
+Domain Sharding is deprecated as of Superset 5.0.0, and will be removed in Superset 6.0.0. Please Enable HTTP2 to keep more open connections per domain.
+:::
+
+Chrome allows up to 6 open connections per domain at a time. When there are more than 6 slices in
+dashboard, a lot of time fetch requests are queued up and wait for next available socket.
+[PR 5039](https://github.com/apache/superset/pull/5039) adds domain sharding to Superset,
+and this feature will be enabled by configuration only (by default Superset doesn’t allow
+cross-domain request).
+
+Add the following setting in your `superset_config.py` file:
+
+- `SUPERSET_WEBSERVER_DOMAINS`: list of allowed hostnames for domain sharding feature.
+
+Please create your domain shards as subdomains of your main domain for authorization to
+work properly on new domains. For Example:
+
+- `SUPERSET_WEBSERVER_DOMAINS=['superset-1.mydomain.com','superset-2.mydomain.com','superset-3.mydomain.com','superset-4.mydomain.com']`
+
+or add the following setting in your `superset_config.py` file if domain shards are not subdomains of main domain.
+
+- `SESSION_COOKIE_DOMAIN = '.mydomain.com'`
+
+## Middleware
+
+Superset allows you to add your own middleware. To add your own middleware, update the
+`ADDITIONAL_MIDDLEWARE` key in your `superset_config.py`. `ADDITIONAL_MIDDLEWARE` should be a list
+of your additional middleware classes.
+
+For example, to use `AUTH_REMOTE_USER` from behind a proxy server like nginx, you have to add a
+simple middleware class to add the value of `HTTP_X_PROXY_REMOTE_USER` (or any other custom header
+from the proxy) to Gunicorn’s `REMOTE_USER` environment variable.

docs/admin_docs_versioned_docs/version-6.1.0/configuration/sql-templating.mdx

@@ -0,0 +1,629 @@
+---
+title: SQL Templating
+hide_title: true
+sidebar_position: 5
+version: 1
+---
+
+# SQL Templating
+
+:::tip Looking to use SQL templating?
+For a user-focused guide on writing Jinja templates in SQL Lab and virtual datasets, see the [SQL Templating User Guide](/user-docs/using-superset/sql-templating). This page covers administrator configuration options.
+:::
+
+## Jinja Templates
+
+SQL Lab and Explore supports [Jinja templating](https://jinja.palletsprojects.com/en/2.11.x/) in queries.
+To enable templating, the `ENABLE_TEMPLATE_PROCESSING` [feature flag](/admin-docs/configuration/configuring-superset#feature-flags) needs to be enabled in `superset_config.py`.
+
+:::warning[Security Warning]
+
+While powerful, this feature executes template code on the server. Within the Superset security model, this is **intended functionality**, as users with permissions to edit charts and virtual datasets are considered **trusted users**.
+
+If you grant these permissions to untrusted users, this feature can be exploited as a **Server-Side Template Injection (SSTI)** vulnerability. Do not enable `ENABLE_TEMPLATE_PROCESSING` unless you fully understand and accept the associated security risks.
+
+Additionally:
+
+- The `url_param()` macro allows URL parameters to influence the rendered SQL. Always validate or restrict `url_param()` values in your templates rather than interpolating them directly.
+- `filter.get('val')` returns raw filter values without escaping. Use the safe helpers described below (`|where_in`, `| replace("'", "''")`) rather than concatenating values directly into SQL strings.
+
+:::
+
+:::tip
+`ENABLE_TEMPLATE_PROCESSING` defaults to `False`. Only enable it if your deployment requires Jinja templates and all users with dataset/chart edit access are administrators or fully trusted internal users.
+:::
+
+When templating is enabled, python code can be embedded in virtual datasets and
+in Custom SQL in the filter and metric controls in Explore. By default, the following variables are
+made available in the Jinja context:
+
+- `columns`: columns which to group by in the query
+- `filter`: filters applied in the query
+- `from_dttm`: start `datetime` value from the selected time range (`None` if undefined). **Note:** Only available in virtual datasets when a time range filter is applied in Explore/Chart views—not available in standalone SQL Lab queries. (deprecated beginning in version 5.0, use `get_time_filter` instead)
+- `to_dttm`: end `datetime` value from the selected time range (`None` if undefined). **Note:** Only available in virtual datasets when a time range filter is applied in Explore/Chart views—not available in standalone SQL Lab queries. (deprecated beginning in version 5.0, use `get_time_filter` instead)
+- `groupby`: columns which to group by in the query (deprecated)
+- `metrics`: aggregate expressions in the query
+- `row_limit`: row limit of the query
+- `row_offset`: row offset of the query
+- `table_columns`: columns available in the dataset
+- `time_column`: temporal column of the query (`None` if undefined)
+- `time_grain`: selected time grain (`None` if undefined)
+
+For example, to add a time range to a virtual dataset, you can write the following:
+
+```sql
+SELECT *
+FROM tbl
+WHERE dttm_col > '{{ from_dttm }}' and dttm_col < '{{ to_dttm }}'
+```
+
+You can also use [Jinja's logic](https://jinja.palletsprojects.com/en/2.11.x/templates/#tests)
+to make your query robust to clearing the timerange filter:
+
+```sql
+SELECT *
+FROM tbl
+WHERE (
+    {% if from_dttm is not none %}
+        dttm_col > '{{ from_dttm }}' AND
+    {% endif %}
+    {% if to_dttm is not none %}
+        dttm_col < '{{ to_dttm }}' AND
+    {% endif %}
+    1 = 1
+)
+```
+
+The `1 = 1` at the end ensures a value is present for the `WHERE` clause even when
+the time filter is not set. For many database engines, this could be replaced with `true`.
+
+Note that the Jinja parameters are called within _double_ brackets in the query and with
+_single_ brackets in the logic blocks.
+
+### Understanding Context Availability
+
+Some Jinja variables like `from_dttm`, `to_dttm`, and `filter` are **only available when a chart or dashboard provides them**. They are populated from:
+
+- Time range filters applied in Explore/Chart views
+- Dashboard native filters
+- Filter components
+
+**These variables are NOT available in standalone SQL Lab queries** because there's no filter context. If you try to use `{{ from_dttm }}` directly in SQL Lab, you'll get an "undefined parameter" error.
+
+#### Testing Time-Filtered Queries in SQL Lab
+
+To test queries that use time variables in SQL Lab, you have several options:
+
+**Option 1: Use Jinja defaults (recommended)**
+
+```sql
+SELECT *
+FROM tbl
+WHERE dttm_col > '{{ from_dttm | default("2024-01-01", true) }}'
+  AND dttm_col < '{{ to_dttm | default("2024-12-31", true) }}'
+```
+
+**Option 2: Use SQL Lab Parameters**
+
+Set parameters in the SQL Lab UI (Parameters menu):
+```json
+{
+  "from_dttm": "2024-01-01",
+  "to_dttm": "2024-12-31"
+}
+```
+
+**Option 3: Use `{% set %}` for testing**
+
+```sql
+{% set from_dttm = "2024-01-01" %}
+{% set to_dttm = "2024-12-31" %}
+SELECT *
+FROM tbl
+WHERE dttm_col > '{{ from_dttm }}' AND dttm_col < '{{ to_dttm }}'
+```
+
+:::tip
+When you save a SQL Lab query as a virtual dataset and use it in a chart with time filters,
+the actual filter values will override any defaults or test values you set.
+:::
+
+To add custom functionality to the Jinja context, you need to overload the default Jinja
+context in your environment by defining the `JINJA_CONTEXT_ADDONS` in your superset configuration
+(`superset_config.py`). Objects referenced in this dictionary are made available for users to use
+where the Jinja context is made available.
+
+```python
+JINJA_CONTEXT_ADDONS = {
+    'my_crazy_macro': lambda x: x*2,
+}
+```
+
+Default values for jinja templates can be specified via `Parameters` menu in the SQL Lab user interface.
+In the UI you can assign a set of parameters as JSON
+
+```json
+{
+  "my_table": "foo"
+}
+```
+
+The parameters become available in your SQL (example: `SELECT * FROM {{ my_table }}` ) by using Jinja templating syntax.
+SQL Lab template parameters are stored with the dataset as `TEMPLATE PARAMETERS`.
+
+There is a special ``_filters`` parameter which can be used to test filters used in the jinja template.
+
+```json
+{
+  "_filters": [
+    {
+      "col": "action_type",
+      "op": "IN",
+      "val": ["sell", "buy"]
+    }
+  ]
+}
+```
+
+```sql
+SELECT action, count(*) as times
+FROM logs
+WHERE action in {{ filter_values('action_type')|where_in }}
+GROUP BY action
+```
+
+Note ``_filters`` is not stored with the dataset. It's only used within the SQL Lab UI.
+
+Besides default Jinja templating, SQL lab also supports self-defined template processor by setting
+the `CUSTOM_TEMPLATE_PROCESSORS` in your superset configuration. The values in this dictionary
+overwrite the default Jinja template processors of the specified database engine. The example below
+configures a custom presto template processor which implements its own logic of processing macro
+template with regex parsing. It uses the `$` style macro instead of `{{ }}` style in Jinja
+templating.
+
+By configuring it with `CUSTOM_TEMPLATE_PROCESSORS`, a SQL template on a presto database is
+processed by the custom one rather than the default one.
+
+```python
+def DATE(
+    ts: datetime, day_offset: SupportsInt = 0, hour_offset: SupportsInt = 0
+) -> str:
+    """Current day as a string."""
+    day_offset, hour_offset = int(day_offset), int(hour_offset)
+    offset_day = (ts + timedelta(days=day_offset, hours=hour_offset)).date()
+    return str(offset_day)
+
+class CustomPrestoTemplateProcessor(PrestoTemplateProcessor):
+    """A custom presto template processor."""
+
+    engine = "presto"
+
+    def process_template(self, sql: str, **kwargs) -> str:
+        """Processes a sql template with $ style macro using regex."""
+        # Add custom macros functions.
+        macros = {
+            "DATE": partial(DATE, datetime.utcnow())
+        }  # type: Dict[str, Any]
+        # Update with macros defined in context and kwargs.
+        macros.update(self.context)
+        macros.update(kwargs)
+
+        def replacer(match):
+            """Expand $ style macros with corresponding function calls."""
+            macro_name, args_str = match.groups()
+            args = [a.strip() for a in args_str.split(",")]
+            if args == [""]:
+                args = []
+            f = macros[macro_name[1:]]
+            return f(*args)
+
+        macro_names = ["$" + name for name in macros.keys()]
+        pattern = r"(%s)\s*\(([^()]*)\)" % "|".join(map(re.escape, macro_names))
+        return re.sub(pattern, replacer, sql)
+
+CUSTOM_TEMPLATE_PROCESSORS = {
+    CustomPrestoTemplateProcessor.engine: CustomPrestoTemplateProcessor
+}
+```
+
+SQL Lab also includes a live query validation feature with pluggable backends. You can configure
+which validation implementation is used with which database engine by adding a block like the
+following to your configuration file:
+
+```python
+FEATURE_FLAGS = {
+    'SQL_VALIDATORS_BY_ENGINE': {
+        'presto': 'PrestoDBSQLValidator',
+    }
+}
+```
+
+The available validators and names can be found in
+[sql_validators](https://github.com/apache/superset/tree/master/superset/sql_validators).
+
+## Available Macros
+
+In this section, we'll walkthrough the pre-defined Jinja macros in Superset.
+
+### Current Username
+
+The `{{ current_username() }}` macro returns the `username` of the currently logged in user.
+
+If you have caching enabled in your Superset configuration, then by default the `username` value will be used
+by Superset when calculating the cache key. A cache key is a unique identifier that determines if there's a
+cache hit in the future and Superset can retrieve cached data.
+
+You can disable the inclusion of the `username` value in the calculation of the
+cache key by adding the following parameter to your Jinja code:
+
+```python
+{{ current_username(add_to_cache_keys=False) }}
+```
+
+### Current User ID
+
+The `{{ current_user_id() }}` macro returns the account ID of the currently logged in user.
+
+If you have caching enabled in your Superset configuration, then by default the account `id` value will be used
+by Superset when calculating the cache key. A cache key is a unique identifier that determines if there's a
+cache hit in the future and Superset can retrieve cached data.
+
+You can disable the inclusion of the account `id` value in the calculation of the
+cache key by adding the following parameter to your Jinja code:
+
+```python
+{{ current_user_id(add_to_cache_keys=False) }}
+```
+
+### Current User Email
+
+The `{{ current_user_email() }}` macro returns the email address of the currently logged in user.
+
+If you have caching enabled in your Superset configuration, then by default the email address value will be used
+by Superset when calculating the cache key. A cache key is a unique identifier that determines if there's a
+cache hit in the future and Superset can retrieve cached data.
+
+You can disable the inclusion of the email value in the calculation of the
+cache key by adding the following parameter to your Jinja code:
+
+```python
+{{ current_user_email(add_to_cache_keys=False) }}
+```
+
+### Current User Roles
+
+The `{{ current_user_roles() }}` macro returns an array of roles for the logged in user.
+
+If you have caching enabled in your Superset configuration, then by default the roles value will be used
+by Superset when calculating the cache key. A cache key is a unique identifier that determines if there's a
+cache hit in the future and Superset can retrieve cached data.
+
+You can disable the inclusion of the roles value in the calculation of the
+cache key by adding the following parameter to your Jinja code:
+
+```python
+{{ current_user_roles(add_to_cache_keys=False) }}
+```
+
+You can json-stringify the array by adding `|tojson` to your Jinja code:
+```python
+{{ current_user_roles()|tojson }}
+```
+
+You can use the `|where_in` filter to use your roles in a SQL statement. For example, if `current_user_roles()` returns `['admin', 'viewer']`, the following template:
+```python
+SELECT * FROM users WHERE role IN {{ current_user_roles()|where_in }}
+```
+
+Will be rendered as:
+```sql
+SELECT * FROM users WHERE role IN ('admin', 'viewer')
+```
+
+### Current User RLS Rules
+
+The `{{ current_user_rls_rules() }}` macro returns an array of RLS rules applied to the current dataset for the logged in user.
+
+If you have caching enabled in your Superset configuration, then the list of RLS Rules will be used
+by Superset when calculating the cache key. A cache key is a unique identifier that determines if there's a
+cache hit in the future and Superset can retrieve cached data.
+
+### Custom URL Parameters
+
+The `{{ url_param('custom_variable') }}` macro lets you define arbitrary URL
+parameters and reference them in your SQL code.
+
+:::warning
+Always treat `url_param()` values as untrusted input. Escaping behaviour varies by context and configuration, so do not rely on it. Restrict values to an explicit allowlist before using them in SQL:
+
+```sql
+{% set cc = url_param('countrycode') %}
+{% if cc not in ('US', 'ES', 'FR') %}{% set cc = 'US' %}{% endif %}
+WHERE country_code = '{{ cc }}'
+```
+:::
+
+Here's a concrete example:
+
+- You write the following query in SQL Lab:
+
+  ```sql
+  SELECT count(*)
+  FROM ORDERS
+  WHERE country_code = '{{ url_param('countrycode') }}'
+  ```
+
+- You're hosting Superset at the domain www.example.com and you send your
+  coworker in Spain the following SQL Lab URL `www.example.com/superset/sqllab?countrycode=ES`
+  and your coworker in the USA the following SQL Lab URL `www.example.com/superset/sqllab?countrycode=US`
+- For your coworker in Spain, the SQL Lab query will be rendered as:
+
+  ```sql
+  SELECT count(*)
+  FROM ORDERS
+  WHERE country_code = 'ES'
+  ```
+
+- For your coworker in the USA, the SQL Lab query will be rendered as:
+
+  ```sql
+  SELECT count(*)
+  FROM ORDERS
+  WHERE country_code = 'US'
+  ```
+
+### Explicitly Including Values in Cache Key
+
+The `{{ cache_key_wrapper() }}` function explicitly instructs Superset to add a value to the
+accumulated list of values used in the calculation of the cache key.
+
+This function is only needed when you want to wrap your own custom function return values
+in the cache key. You can gain more context
+[here](https://github.com/apache/superset/blob/efd70077014cbed62e493372d33a2af5237eaadf/superset/jinja_context.py#L133-L148).
+
+Note that this function powers the caching of the `user_id` and `username` values
+in the `current_user_id()` and `current_username()` function calls (if you have caching enabled).
+
+### Filter Values
+
+You can retrieve the value for a specific filter as a list using `{{ filter_values() }}`.
+
+This is useful if:
+
+- You want to use a filter component to filter a query where the name of filter component column doesn't match the one in the select statement
+- You want to have the ability to filter inside the main query for performance purposes
+
+Here's a concrete example:
+
+```sql
+SELECT action, count(*) as times
+FROM logs
+WHERE
+    action in {{ filter_values('action_type')|where_in }}
+GROUP BY action
+```
+
+There `where_in` filter converts the list of values from `filter_values('action_type')` into a string suitable for an `IN` expression.
+
+### Filters for a Specific Column
+
+The `{{ get_filters() }}` macro returns the filters applied to a given column. In addition to
+returning the values (similar to how `filter_values()` does), the `get_filters()` macro
+returns the operator specified in the Explore UI.
+
+This is useful if:
+
+- You want to handle more than the IN operator in your SQL clause
+- You want to handle generating custom SQL conditions for a filter
+- You want to have the ability to filter inside the main query for speed purposes
+
+:::warning
+`filter.get('val')` returns the raw filter value without escaping. For multi-value filters, use the `|where_in` Jinja filter, which handles quoting safely. For single-value operators like `LIKE`, escape single quotes before interpolating:
+
+```sql
+{%- if filter.get('op') == 'LIKE' -%}
+    AND full_name LIKE '{{ filter.get('val') | replace("'", "''") }}'
+{%- endif -%}
+```
+:::
+
+Here's a concrete example:
+
+```sql
+ WITH RECURSIVE
+    superiors(employee_id, manager_id, full_name, level, lineage) AS (
+    SELECT
+        employee_id,
+        manager_id,
+        full_name,
+    1 as level,
+    employee_id as lineage
+    FROM
+        employees
+    WHERE
+    1=1
+
+    {# Render a blank line #}
+    {%- for filter in get_filters('full_name', remove_filter=True) -%}
+
+    {%- if filter.get('op') == 'IN' -%}
+        AND
+        full_name IN {{ filter.get('val')|where_in }}
+    {%- endif -%}
+
+    {%- if filter.get('op') == 'LIKE' -%}
+        AND
+        full_name LIKE '{{ filter.get('val') | replace("'", "''") }}'
+    {%- endif -%}
+
+    {%- endfor -%}
+    UNION ALL
+        SELECT
+            e.employee_id,
+            e.manager_id,
+            e.full_name,
+    s.level + 1 as level,
+    s.lineage
+        FROM
+            employees e,
+        superiors s
+        WHERE s.manager_id = e.employee_id
+    )
+
+    SELECT
+    employee_id, manager_id, full_name, level, lineage
+    FROM
+    superiors
+    order by lineage, level
+```
+
+### Time Filter
+
+The `{{ get_time_filter() }}` macro returns the time filter applied to a specific column. This is useful if you want
+to handle time filters inside the virtual dataset, as by default the time filter is placed on the outer query. This can
+considerably improve performance, as many databases and query engines are able to optimize the query better
+if the temporal filter is placed on the inner query, as opposed to the outer query.
+
+The macro takes the following parameters:
+
+- `column`: Name of the temporal column. Leave undefined to reference the time range from a Dashboard Native Time Range
+  filter (when present).
+- `default`: The default value to fall back to if the time filter is not present, or has the value `No filter`
+- `target_type`: The target temporal type as recognized by the target  database (e.g. `TIMESTAMP`, `DATE` or
+  `DATETIME`). If `column` is defined, the format will default to the type of the column. This is used to produce
+  the format of the `from_expr` and `to_expr` properties of the returned `TimeFilter` object.
+- `strftime`: format using the `strftime` method of `datetime` for custom time formatting.
+  ([see docs for valid format codes](https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes)).
+  When defined `target_type` will be ignored.
+- `remove_filter`: When set to true, mark the filter as processed, removing it from the outer query. Useful when a
+  filter should only apply to the inner query.
+
+The return type has the following properties:
+
+- `from_expr`: the start of the time filter (if any)
+- `to_expr`: the end of the time filter (if any)
+- `time_range`: The applied time range
+
+Here's a concrete example using the `logs` table from the Superset metastore:
+
+```
+{% set time_filter = get_time_filter("dttm", remove_filter=True) %}
+{% set from_expr = time_filter.from_expr %}
+{% set to_expr = time_filter.to_expr %}
+{% set time_range = time_filter.time_range %}
+SELECT
+  *,
+  '{{ time_range }}' as time_range
+FROM logs
+{% if from_expr or to_expr %}WHERE 1 = 1
+{% if from_expr %}AND dttm >= {{ from_expr }}{% endif %}
+{% if to_expr %}AND dttm < {{ to_expr }}{% endif %}
+{% endif %}
+```
+
+Assuming we are creating a table chart with a simple `COUNT(*)` as the metric with a time filter `Last week` on the
+`dttm` column, this would render the following query on Postgres (note the formatting of the temporal filters, and
+the absence of time filters on the outer query):
+
+```
+SELECT COUNT(*) AS count
+FROM
+  (SELECT *,
+          'Last week' AS time_range
+   FROM public.logs
+   WHERE 1 = 1
+     AND dttm >= TO_TIMESTAMP('2024-08-27 00:00:00.000000', 'YYYY-MM-DD HH24:MI:SS.US')
+     AND dttm < TO_TIMESTAMP('2024-09-03 00:00:00.000000', 'YYYY-MM-DD HH24:MI:SS.US')) AS virtual_table
+ORDER BY count DESC
+LIMIT 1000;
+```
+
+When using the `default` parameter, the templated query can be simplified, as the endpoints will always be defined
+(to use a fixed time range, you can also use something like `default="2024-08-27 : 2024-09-03"`)
+
+```
+{% set time_filter = get_time_filter("dttm", default="Last week", remove_filter=True) %}
+SELECT
+  *,
+  '{{ time_filter.time_range }}' as time_range
+FROM logs
+WHERE
+  dttm >= {{ time_filter.from_expr }}
+  AND dttm < {{ time_filter.to_expr }}
+```
+
+### Datasets
+
+It's possible to query physical and virtual datasets using the `dataset` macro. This is useful if you've defined computed columns and metrics on your datasets, and want to reuse the definition in adhoc SQL Lab queries.
+
+To use the macro, first you need to find the ID of the dataset. This can be done by going to the view showing all the datasets, hovering over the dataset you're interested in, and looking at its URL. For example, if the URL for a dataset is https://superset.example.org/explore/?dataset_type=table&dataset_id=42 its ID is 42.
+
+Once you have the ID you can query it as if it were a table:
+
+```sql
+SELECT * FROM {{ dataset(42) }} LIMIT 10
+```
+
+If you want to select the metric definitions as well, in addition to the columns, you need to pass an additional keyword argument:
+
+```sql
+SELECT * FROM {{ dataset(42, include_metrics=True) }} LIMIT 10
+```
+
+Since metrics are aggregations, the resulting SQL expression will be grouped by all non-metric columns. You can specify a subset of columns to group by instead:
+
+```sql
+SELECT * FROM {{ dataset(42, include_metrics=True, columns=["ds", "category"]) }} LIMIT 10
+```
+
+### Metrics
+
+The `{{ metric('metric_key', dataset_id) }}` macro can be used to retrieve the metric SQL syntax from a dataset. This can be useful for different purposes:
+
+- Override the metric label in the chart level
+- Combine multiple metrics in a calculation
+- Retrieve a metric syntax in SQL lab
+- Re-use metrics across datasets
+
+This macro avoids copy/paste, allowing users to centralize the metric definition in the dataset layer.
+
+The `dataset_id` parameter is optional, and if not provided Superset will use the current dataset from context (for example, when using this macro in the Chart Builder, by default the `macro_key` will be searched in the dataset powering the chart).
+The parameter can be used in SQL Lab, or when fetching a metric from another dataset.
+
+## Available Filters
+
+Superset supports [builtin filters from the Jinja2 templating package](https://jinja.palletsprojects.com/en/stable/templates/#builtin-filters). Custom filters have also been implemented:
+
+### Where In
+Parses a list into a SQL-compatible statement. This is useful with macros that return an array (for example the `filter_values` macro):
+
+```
+Dashboard filter with "First", "Second" and "Third" options selected
+{{ filter_values('column') }} => ["First", "Second", "Third"]
+{{ filter_values('column')|where_in }} => ('First', 'Second', 'Third')
+```
+
+By default, this filter returns `()` (as a string) in case the value is null. The `default_to_none` parameter can be se to `True` to return null in this case:
+
+```
+Dashboard filter without any value applied
+{{ filter_values('column') }} => ()
+{{ filter_values('column')|where_in(default_to_none=True) }} => None
+```
+
+### To Datetime
+
+Loads a string as a `datetime` object. This is useful when performing date operations. For example:
+```
+{% set from_expr = get_time_filter("dttm", strftime="%Y-%m-%d").from_expr %}
+{% set to_expr = get_time_filter("dttm", strftime="%Y-%m-%d").to_expr %}
+{% if (to_expr|to_datetime(format="%Y-%m-%d") - from_expr|to_datetime(format="%Y-%m-%d")).days > 100 %}
+   do something
+{% else %}
+   do something else
+{% endif %}
+```
+
+:::resources
+- [Blog: Intro to Jinja Templating in Apache Superset](https://preset.io/blog/intro-jinja-templating-apache-superset/)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/configuration/theming.mdx

@@ -0,0 +1,463 @@
+---
+title: Theming
+hide_title: true
+sidebar_position: 12
+version: 1
+---
+# Theming Superset
+
+:::note
+`apache-superset>=6.0`
+:::
+
+Superset now rides on **Ant Design v5's token-based theming**.
+Every Antd token works, plus a handful of Superset-specific ones for charts and dashboard chrome.
+
+## Managing Themes via UI
+
+Superset includes a built-in **Theme Management** interface accessible from the admin menu under **Settings > Themes**.
+
+### Creating a New Theme
+
+1. Navigate to **Settings > Themes** in the Superset interface
+2. Click **+ Theme** to create a new theme
+3. Use the [Ant Design Theme Editor](https://ant.design/theme-editor) to design your theme:
+   - Design your palette, typography, and component overrides
+   - Open the `CONFIG` modal and copy the JSON configuration
+4. Paste the JSON into the theme definition field in Superset
+5. Give your theme a descriptive name and save
+
+You can also extend with Superset-specific tokens (documented in the default theme object) before you import.
+
+### System Theme Administration
+
+When `ENABLE_UI_THEME_ADMINISTRATION = True` is configured, administrators can manage system-wide themes directly from the UI:
+
+#### Setting System Themes
+- **System Default Theme**: Click the sun icon on any theme to set it as the system-wide default
+- **System Dark Theme**: Click the moon icon on any theme to set it as the system dark mode theme
+- **Automatic OS Detection**: When both default and dark themes are set, Superset automatically detects and applies the appropriate theme based on OS preferences
+
+#### Managing System Themes
+- System themes are indicated with special badges in the theme list
+- Only administrators with write permissions can modify system theme settings
+- Removing a system theme designation reverts to configuration file defaults
+
+### Applying Themes to Dashboards
+
+Once created, themes can be applied to individual dashboards:
+- Edit any dashboard and select your custom theme from the theme dropdown
+- Each dashboard can have its own theme, allowing for branded or context-specific styling
+
+## Configuration Options
+
+### Python Configuration
+
+Configure theme behavior via `superset_config.py`:
+
+```python
+# Enable UI-based theme administration for admins
+ENABLE_UI_THEME_ADMINISTRATION = True
+
+# Optional: Set initial default themes via configuration
+# These can be overridden via the UI when ENABLE_UI_THEME_ADMINISTRATION = True
+THEME_DEFAULT = {
+    "token": {
+        "colorPrimary": "#2893B3",
+        "colorSuccess": "#5ac189",
+        # ... your theme JSON configuration
+    }
+}
+
+# Optional: Dark theme configuration
+THEME_DARK = {
+    "algorithm": "dark",
+    "token": {
+        "colorPrimary": "#2893B3",
+        # ... your dark theme overrides
+    }
+}
+
+# To force a single theme on all users, set THEME_DARK = None
+# When both themes are defined (via UI or config):
+# - Users can manually switch between themes
+# - OS preference detection is automatically enabled
+```
+
+### App Branding
+
+The application name shown in the browser title bar and navigation can be
+set via the `brandAppName` theme token:
+
+```python
+THEME_DEFAULT = {
+    "token": {
+        "brandAppName": "Acme Analytics",
+        # ... other tokens
+    }
+}
+```
+
+Or in the theme CRUD UI JSON editor:
+
+```json
+{
+  "token": {
+    "brandAppName": "Acme Analytics"
+  }
+}
+```
+
+The existing `APP_NAME` Python config key continues to work for backward compatibility.
+`brandAppName` takes precedence when both are set, and allows different themes to carry different brand names.
+Email and alert/report notification subjects are driven by backend settings such as
+`EMAIL_REPORTS_SUBJECT_PREFIX` and `APP_NAME`, not by this theme token.
+
+### Migration from Configuration to UI
+
+When `ENABLE_UI_THEME_ADMINISTRATION = True`:
+
+1. System themes set via the UI take precedence over configuration file settings
+2. The UI shows which themes are currently set as system defaults
+3. Administrators can change system themes without restarting Superset
+4. Configuration file themes serve as fallbacks when no UI themes are set
+
+### Theme Validation and Fallback
+
+Superset validates theme JSON when it is saved, either through the UI or via configuration. If a theme contains invalid tokens or an unrecognized structure, Superset logs a warning and falls back to the built-in default theme rather than applying a broken configuration. This prevents a bad theme from rendering the application unusable.
+
+The fallback order is:
+1. **UI-configured system theme** (highest priority, if `ENABLE_UI_THEME_ADMINISTRATION = True`)
+2. **`THEME_DEFAULT` / `THEME_DARK`** from `superset_config.py`
+3. **Built-in Superset default theme** (always present as a safety net)
+
+If you see unexpected styling after a config change, check the Superset server logs for theme validation warnings.
+
+### Copying Themes Between Systems
+
+To export a theme for use in configuration files or another instance:
+
+1. Navigate to **Settings > Themes** and click the export icon on your desired theme
+2. Extract the JSON configuration from the exported YAML file
+3. Use this JSON in your `superset_config.py` or import it into another Superset instance
+
+## Theme Development Workflow
+
+1. **Design**: Use the [Ant Design Theme Editor](https://ant.design/theme-editor) to iterate on your design
+2. **Test**: Create themes in Superset's CRUD interface for testing
+3. **Apply**: Assign themes to specific dashboards or configure instance-wide
+4. **Iterate**: Modify theme JSON directly in the CRUD interface or re-import from the theme editor
+
+## Custom Fonts
+
+Superset supports custom fonts through the theme configuration, allowing you to use branded or custom typefaces without rebuilding the application.
+
+### Default Fonts
+
+By default, Superset uses **Inter** for UI text and **IBM Plex Mono** for code (SQL editors, JSON fields, and other monospace contexts). Both fonts are bundled with the application via `@fontsource` packages and work offline without any external network calls.
+
+:::note
+IBM Plex Mono replaced Fira Code as the default code font in Superset 6.1. If you have an existing theme that explicitly sets `fontFamilyCode: "Fira Code, ..."`, you may want to update it.
+:::
+
+### Configuring Custom Fonts
+
+To use custom fonts, add font URLs to your theme configuration using the `fontUrls` token:
+
+```python
+THEME_DEFAULT = {
+    "token": {
+        # Load fonts from external sources (e.g., Google Fonts, Adobe Fonts)
+        "fontUrls": [
+            "https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700&display=swap",
+            "https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500&display=swap",
+        ],
+        # Reference the loaded fonts
+        "fontFamily": "Roboto, -apple-system, BlinkMacSystemFont, sans-serif",
+        "fontFamilyCode": "JetBrains Mono, Monaco, monospace",
+        # ... other theme tokens
+    }
+}
+
+# Update CSP to allow font sources
+TALISMAN_CONFIG = {
+    "content_security_policy": {
+        "font-src": ["'self'", "https://fonts.googleapis.com", "https://fonts.gstatic.com"],
+        "style-src": ["'self'", "'unsafe-inline'", "https://fonts.googleapis.com"],
+    }
+}
+```
+
+Or in the CRUD interface theme JSON:
+
+```json
+{
+  "token": {
+    "fontUrls": [
+      "https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700&display=swap"
+    ],
+    "fontFamily": "Roboto, -apple-system, BlinkMacSystemFont, sans-serif",
+    "fontFamilyCode": "JetBrains Mono, Monaco, monospace"
+  }
+}
+```
+
+:::note
+Font URLs are validated against a configurable allowlist. By default, fonts from `fonts.googleapis.com`, `fonts.gstatic.com`, and `use.typekit.net` are allowed. Configure `THEME_FONT_URL_ALLOWED_DOMAINS` to customize the allowed domains.
+:::
+
+### Font Sources
+
+- **Google Fonts**: Free, CDN-hosted fonts with wide variety
+- **Adobe Fonts**: Premium fonts (requires subscription and kit ID)
+- **Self-hosted**: Place font files in `/static/assets/fonts/` and reference via CSS
+
+This feature works with the stock Docker image - no custom build required!
+
+## ECharts Configuration Overrides
+
+:::note
+Available since Superset 6.0
+:::
+
+Superset provides fine-grained control over ECharts visualizations through theme-level configuration overrides. This allows you to customize the appearance and behavior of all ECharts-based charts without modifying individual chart configurations.
+
+### Global ECharts Overrides
+
+Apply settings to all ECharts visualizations using `echartsOptionsOverrides`:
+
+```python
+THEME_DEFAULT = {
+    "token": {
+        "colorPrimary": "#2893B3",
+        # ... other Ant Design tokens
+    },
+    "echartsOptionsOverrides": {
+        "grid": {
+            "left": "10%",
+            "right": "10%",
+            "top": "15%",
+            "bottom": "15%"
+        },
+        "tooltip": {
+            "backgroundColor": "rgba(0, 0, 0, 0.8)",
+            "borderColor": "#ccc",
+            "textStyle": {
+                "color": "#fff"
+            }
+        },
+        "legend": {
+            "textStyle": {
+                "fontSize": 14,
+                "fontWeight": "bold"
+            }
+        }
+    }
+}
+```
+
+### Chart-Specific Overrides
+
+Target specific chart types using `echartsOptionsOverridesByChartType`:
+
+```python
+THEME_DEFAULT = {
+    "token": {
+        "colorPrimary": "#2893B3",
+        # ... other tokens
+    },
+    "echartsOptionsOverridesByChartType": {
+        "echarts_pie": {
+            "legend": {
+                "orient": "vertical",
+                "right": 10,
+                "top": "center"
+            }
+        },
+        "echarts_timeseries": {
+            "xAxis": {
+                "axisLabel": {
+                    "rotate": 45,
+                    "fontSize": 12
+                }
+            },
+            "dataZoom": [{
+                "type": "slider",
+                "show": True,
+                "start": 0,
+                "end": 100
+            }]
+        },
+        "echarts_bubble": {
+            "grid": {
+                "left": "15%",
+                "bottom": "20%"
+            }
+        }
+    }
+}
+```
+
+### UI Configuration
+
+You can also configure ECharts overrides through the theme CRUD interface:
+
+```json
+{
+  "token": {
+    "colorPrimary": "#2893B3"
+  },
+  "echartsOptionsOverrides": {
+    "grid": {
+      "left": "10%",
+      "right": "10%"
+    },
+    "tooltip": {
+      "backgroundColor": "rgba(0, 0, 0, 0.8)"
+    }
+  },
+  "echartsOptionsOverridesByChartType": {
+    "echarts_pie": {
+      "legend": {
+        "orient": "vertical",
+        "right": 10
+      }
+    }
+  }
+}
+```
+
+### Override Precedence
+
+The system applies overrides in the following order (last wins):
+
+1. **Base ECharts theme** - Default Superset styling
+2. **Plugin options** - Chart-specific configurations
+3. **Global overrides** - `echartsOptionsOverrides`
+4. **Chart-specific overrides** - `echartsOptionsOverridesByChartType[chartType]`
+
+This ensures chart-specific overrides take precedence over global ones.
+
+### Common Chart Types
+
+Available chart types for `echartsOptionsOverridesByChartType`:
+
+- `echarts_timeseries` - Time series/line charts
+- `echarts_pie` - Pie and donut charts
+- `echarts_bubble` - Bubble/scatter charts
+- `echarts_funnel` - Funnel charts
+- `echarts_gauge` - Gauge charts
+- `echarts_radar` - Radar charts
+- `echarts_boxplot` - Box plot charts
+- `echarts_treemap` - Treemap charts
+- `echarts_sunburst` - Sunburst charts
+- `echarts_graph` - Network/graph charts
+- `echarts_sankey` - Sankey diagrams
+- `echarts_heatmap` - Heatmaps
+- `echarts_mixed_timeseries` - Mixed time series
+
+### Array Property Overrides
+
+Array properties (such as color palettes) are fully supported in overrides. Arrays are **replaced entirely** rather than merged, so specify the complete array:
+
+```python
+THEME_DEFAULT = {
+    "token": { ... },
+    "echartsOptionsOverrides": {
+        # Replace the default color palette for all ECharts visualizations
+        "color": ["#1f77b4", "#ff7f0e", "#2ca02c", "#d62728", "#9467bd", "#8c564b"]
+    }
+}
+```
+
+### Best Practices
+
+1. **Start with global overrides** for consistent styling across all charts
+2. **Use chart-specific overrides** for unique requirements per visualization type
+3. **Test thoroughly** as overrides use deep merge for objects, but arrays are completely replaced — always specify the full array value
+4. **Document your overrides** to help team members understand custom styling
+5. **Consider performance** - complex overrides may impact chart rendering speed
+
+### Example: Corporate Branding
+
+```python
+# Complete corporate theme with ECharts customization
+THEME_DEFAULT = {
+    "token": {
+        "colorPrimary": "#1B4D3E",
+        "fontFamily": "Corporate Sans, Arial, sans-serif"
+    },
+    "echartsOptionsOverrides": {
+        "grid": {
+            "left": "8%",
+            "right": "8%",
+            "top": "12%",
+            "bottom": "12%"
+        },
+        "textStyle": {
+            "fontFamily": "Corporate Sans, Arial, sans-serif"
+        },
+        "title": {
+            "textStyle": {
+                "color": "#1B4D3E",
+                "fontSize": 18,
+                "fontWeight": "bold"
+            }
+        }
+    },
+    "echartsOptionsOverridesByChartType": {
+        "echarts_timeseries": {
+            "xAxis": {
+                "axisLabel": {
+                    "color": "#666",
+                    "fontSize": 11
+                }
+            }
+        },
+        "echarts_pie": {
+            "legend": {
+                "textStyle": {
+                    "fontSize": 12
+                },
+                "itemGap": 20
+            }
+        }
+    }
+}
+```
+
+This feature provides powerful theming capabilities while maintaining the flexibility of ECharts' extensive configuration options.
+
+## Advanced Features
+
+- **System Themes**: Manage system-wide default and dark themes via UI or configuration
+- **Per-Dashboard Theming**: Each dashboard can have its own visual identity
+- **JSON Editor**: Edit theme configurations directly within Superset's interface
+- **Custom Fonts**: Load external fonts via configuration without rebuilding
+- **OS Dark Mode Detection**: Automatically switches themes based on system preferences
+- **Theme Import/Export**: Share themes between instances via YAML files
+
+## API Access
+
+For programmatic theme management, Superset provides REST endpoints:
+
+- `GET /api/v1/theme/` - List all themes
+- `POST /api/v1/theme/` - Create a new theme
+- `PUT /api/v1/theme/{id}` - Update a theme
+- `DELETE /api/v1/theme/{id}` - Delete a theme
+- `PUT /api/v1/theme/{id}/set_system_default` - Set as system default theme (admin only)
+- `PUT /api/v1/theme/{id}/set_system_dark` - Set as system dark theme (admin only)
+- `DELETE /api/v1/theme/unset_system_default` - Remove system default designation
+- `DELETE /api/v1/theme/unset_system_dark` - Remove system dark designation
+- `GET /api/v1/theme/export/` - Export themes as YAML
+- `POST /api/v1/theme/import/` - Import themes from YAML
+
+These endpoints require appropriate permissions and are subject to RBAC controls.
+
+:::resources
+- [Video: Live Demo — Theming Apache Superset](https://www.youtube.com/watch?v=XsZAsO9tC3o)
+- [CSS and Theming](https://docs.preset.io/docs/css-and-theming) - Additional theming techniques and CSS customization
+- [Blog: Customizing Apache Superset Dashboards with CSS](https://preset.io/blog/customizing-superset-dashboards-with-css/)
+- [Blog: Customizing Dashboards with CSS — Tips and Tricks](https://preset.io/blog/customizing-apache-superset-dashboards-with-css-additional-tips-and-tricks/)
+- [Blog: Customizing Chart Colors](https://preset.io/blog/customizing-chart-colors-with-superset-and-preset/)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/configuration/timezones.mdx

@@ -0,0 +1,50 @@
+---
+title: Timezones
+hide_title: true
+sidebar_position: 6
+version: 1
+---
+
+# Timezones
+
+There are four distinct timezone components which relate to Apache Superset,
+
+1. The timezone that the underlying data is encoded in.
+2. The timezone of the database engine.
+3. The timezone of the Apache Superset backend.
+4. The timezone of the Apache Superset client.
+
+where if a temporal field (`DATETIME`, `TIME`, `TIMESTAMP`, etc.) does not explicitly define a timezone it defaults to the underlying timezone of the component.
+
+To help make the problem somewhat tractable—given that Apache Superset has no control on either how the data is ingested (1) or the timezone of the client (4)—from a consistency standpoint it is highly recommended that both (2) and (3) are configured to use the same timezone with a strong preference given to [UTC](https://en.wikipedia.org/wiki/Coordinated_Universal_Time) to ensure temporal fields without an explicit timestamp are not incorrectly coerced into the wrong timezone. Actually Apache Superset currently has implicit assumptions that timestamps are in UTC and thus configuring (3) to a non-UTC timezone could be problematic.
+
+To strive for data consistency (regardless of the timezone of the client) the Apache Superset backend tries to ensure that any timestamp sent to the client has an explicit (or semi-explicit as in the case with [Epoch time](https://en.wikipedia.org/wiki/Unix_time) which is always in reference to UTC) timezone encoded within.
+
+The challenge however lies with the slew of [database engines](/user-docs/databases#installing-drivers-in-docker) which Apache Superset supports and various inconsistencies between their [Python Database API (DB-API)](https://www.python.org/dev/peps/pep-0249/) implementations combined with the fact that we use [Pandas](https://pandas.pydata.org/) to read SQL into a DataFrame prior to serializing to JSON. Regrettably Pandas ignores the DB-API [type_code](https://www.python.org/dev/peps/pep-0249/#type-objects) relying by default on the underlying Python type returned by the DB-API. Currently only a subset of the supported database engines work correctly with Pandas, i.e., ensuring timestamps without an explicit timestamp are serialized to JSON with the server timezone, thus guaranteeing the client will display timestamps in a consistent manner irrespective of the client's timezone.
+
+For example the following is a comparison of MySQL and Presto,
+
+```python
+import pandas as pd
+from sqlalchemy import create_engine
+
+pd.read_sql_query(
+    sql="SELECT TIMESTAMP('2022-01-01 00:00:00') AS ts",
+    con=create_engine("mysql://root@localhost:3360"),
+).to_json()
+
+pd.read_sql_query(
+    sql="SELECT TIMESTAMP '2022-01-01 00:00:00' AS ts",
+    con=create_engine("presto://localhost:8080"),
+).to_json()
+```
+
+which outputs `{"ts":{"0":1640995200000}}` (which infers the UTC timezone per the Epoch time definition) and `{"ts":{"0":"2022-01-01 00:00:00.000"}}` (without an explicit timezone) respectively and thus are treated differently in JavaScript:
+
+```js
+new Date(1640995200000)
+> Sat Jan 01 2022 13:00:00 GMT+1300 (New Zealand Daylight Time)
+
+new Date("2022-01-01 00:00:00.000")
+> Sat Jan 01 2022 00:00:00 GMT+1300 (New Zealand Daylight Time)
+```

docs/admin_docs_versioned_docs/version-6.1.0/index.md

@@ -0,0 +1,42 @@
+---
+title: Admin Documentation
+description: Administrator guides for installing, configuring, and managing Apache Superset
+---
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+# Admin Documentation
+
+This section contains documentation for system administrators and operators who deploy and manage Apache Superset installations.
+
+## What's in this section
+
+- **[Installation](/admin-docs/installation/installation-methods)** - Deploy Superset using Docker, Kubernetes, or PyPI
+- **[Configuration](/admin-docs/configuration/configuring-superset)** - Configure authentication, caching, feature flags, and more
+- **[Security](/admin-docs/security/)** - Set up roles, permissions, and secure your deployment
+
+## Related
+
+- **[Database Drivers](/user-docs/databases/)** - See User Docs for database connection setup (admins may need to install drivers)
+
+## Looking for something else?
+
+- **[User Documentation](/user-docs/)** - Guides for analysts and business users
+- **[Developer Documentation](/developer-docs)** - Contributing, extensions, and development guides

docs/admin_docs_versioned_docs/version-6.1.0/installation/architecture.mdx

@@ -0,0 +1,72 @@
+---
+title: Architecture
+hide_title: true
+sidebar_position: 1
+version: 1
+---
+
+import useBaseUrl from "@docusaurus/useBaseUrl";
+
+# Architecture
+
+This page is meant to give new administrators an understanding of Superset's components.
+
+## Components
+
+A Superset installation is made up of these components:
+
+1. The Superset application itself
+2. A metadata database
+3. A caching layer (optional, but necessary for some features)
+4. A worker & beat (optional, but necessary for some features)
+
+### Optional components and associated features
+
+The optional components above are necessary to enable these features:
+
+- [Alerts and Reports](/admin-docs/configuration/alerts-reports)
+- [Caching](/admin-docs/configuration/cache)
+- [Async Queries](/admin-docs/configuration/async-queries-celery/)
+- [Dashboard Thumbnails](/admin-docs/configuration/cache/#caching-thumbnails)
+
+If you install with Kubernetes or Docker Compose, all of these components will be created.
+
+However, installing from PyPI only creates the application itself. Users installing from PyPI will need to configure a caching layer, worker, and beat on their own if they wish to enable the above features. Configuration of those components for a PyPI install is not currently covered in this documentation.
+
+Here are further details on each component.
+
+### The Superset Application
+
+This is the core application. Superset operates like this:
+
+- A user visits a chart or dashboard
+- That triggers a SQL query to the data warehouse holding the underlying dataset
+- The resulting data is served up in a data visualization
+- The Superset application is comprised of the Python (Flask) backend application (server), API layer, and the React frontend, built via Webpack, and static assets needed for the application to work
+
+### Metadata Database
+
+This is where chart and dashboard definitions, user information, logs, etc. are stored. Superset is tested to work with PostgreSQL and MySQL databases as the metadata database (not be confused with a data source like your data warehouse, which could be a much greater variety of options like Snowflake, Redshift, etc.).
+
+Some installation methods like our Quickstart and PyPI come configured by default to use a SQLite on-disk database. And in a Docker Compose installation, the data would be stored in a PostgreSQL container volume. Neither of these cases are recommended for production instances of Superset.
+
+For production, a properly-configured, managed, standalone database is recommended. No matter what database you use, you should plan to back it up regularly.
+
+### Caching Layer
+
+The caching layer serves two main functions:
+
+- Store the results of queries to your data warehouse so that when a chart is loaded twice, it pulls from the cache the second time, speeding up the application and reducing load on your data warehouse.
+- Act as a message broker for the worker, enabling the Alerts & Reports, async queries, and thumbnail caching features.
+
+Most people use Redis for their cache, but Superset supports other options too. See the [cache docs](/admin-docs/configuration/cache/) for more.
+
+### Worker and Beat
+
+This is one or more workers who execute tasks like run async queries or take snapshots of reports and send emails, and a "beat" that acts as the scheduler and tells workers when to perform their tasks. Most installations use Celery for these components.
+
+## Other components
+
+Other components can be incorporated into Superset. The best place to learn about additional configurations is the [Configuration page](/admin-docs/configuration/configuring-superset). For instance, you could set up a load balancer or reverse proxy to implement HTTPS in front of your Superset application, or specify a Mapbox URL to enable geospatial charts, etc.
+
+Superset won't even start without certain configuration settings established, so it's essential to review that page.

docs/admin_docs_versioned_docs/version-6.1.0/installation/docker-builds.mdx

@@ -0,0 +1,173 @@
+---
+title: Docker Builds
+hide_title: true
+sidebar_position: 7
+version: 1
+---
+
+# Docker builds, images and tags
+
+The Apache Superset community extensively uses Docker for development, release,
+and productionizing Superset. This page details our Docker builds and tag naming
+schemes to help users navigate our offerings.
+
+Images are built and pushed to the [Superset Docker Hub repository](
+https://hub.docker.com/r/apache/superset) using GitHub Actions.
+Different sets of images are built and/or published at different times:
+
+- **Published releases** (`release`): published using
+  tags like `5.0.0` and the `latest` tag.
+- **Pull request iterations** (`pull_request`): for each pull request, while
+  we actively build the docker to validate the build, we do
+  not publish those images for security reasons, we simply `docker build --load`
+- **Merges to the main branch** (`push`): resulting in new SHAs, with tags
+  prefixed with `master` for the latest `master` version.
+
+## Build presets
+
+We have a set of build "presets" that each represent a combination of
+parameters for the build, mostly pointing to either different target layer
+for the build, and/or base image.
+
+Here are the build presets that are exposed through the `supersetbot docker` utility:
+
+- `lean`: The default Docker image, including both frontend and backend. Tags
+  without a build_preset are lean builds (ie: `latest`, `5.0.0`, `4.1.2`, ...). `lean`
+  builds do not contain database
+  drivers, meaning you need to install your own. That applies to analytics databases **AND
+  the metadata database**. You'll likely want to layer either `mysqlclient` or `psycopg2-binary`
+  depending on the metadata database you choose for your installation, plus the required
+  drivers to connect to your analytics database(s).
+- `dev`: For development, with a headless browser, dev-related utilities and root access. This
+  includes some commonly used database drivers like `mysqlclient`, `psycopg2-binary` and
+  some other used for development/CI
+- `py311`, e.g., Py311: Similar to lean but with a different Python version (in this example, 3.11).
+- `ci`: For certain CI workloads.
+- `websocket`: For Superset clusters supporting advanced features.
+- `dockerize`: Used by Helm in initContainers to wait for database dependencies to be available.
+
+## Key tags examples
+
+- `latest`: The latest official release build
+- `latest-dev`: the `-dev` image of the latest official release build, with a
+  headless browser and root access.
+- `master`: The latest build from the `master` branch, implicitly the lean build
+  preset
+- `master-dev`: Similar to `master` but includes a headless browser and root access.
+- `pr-5252`: The latest commit in PR 5252.
+- `30948dc401b40982cb7c0dbf6ebbe443b2748c1b-dev`: A build for
+  this specific SHA, which could be from a `master` merge, or release.
+- `websocket-latest`: The WebSocket image for use in a Superset cluster.
+
+For insights or modifications to the build matrix and tagging conventions,
+check the [supersetbot docker](https://github.com/apache-superset/supersetbot)
+subcommand and the [docker.yml](https://github.com/apache/superset/blob/master/.github/workflows/docker.yml)
+GitHub action.
+
+## Building your own production Docker image
+
+Every Superset deployment will require its own set of drivers depending on the data warehouse(s),
+etc. so we recommend that users build their own Docker image by extending the `lean` image.
+
+Here's an example Dockerfile that does this. Follow the in-line comments to customize it for
+your desired Superset version and database drivers. The comments also note that a certain feature flag will
+have to be enabled in your config file.
+
+You would build the image with `docker build -t mysuperset:latest .` or `docker build -t ourcompanysuperset:5.0.0 .`
+
+```Dockerfile
+# change this to apache/superset:5.0.0 or whatever version you want to build from;
+# otherwise the default is the latest commit on GitHub master branch
+FROM apache/superset:master
+
+USER root
+
+# Set environment variable for Playwright
+ENV PLAYWRIGHT_BROWSERS_PATH=/usr/local/share/playwright-browsers
+
+# Install packages using uv into the virtual environment
+RUN . /app/.venv/bin/activate && \
+    uv pip install \
+    # install psycopg2 for using PostgreSQL metadata store - could be a MySQL package if using that backend:
+    psycopg2-binary \
+    # add the driver(s) for your data warehouse(s), in this example we're showing for Microsoft SQL Server:
+    pymssql \
+    # package needed for using single-sign on authentication:
+    Authlib \
+    # openpyxl to be able to upload Excel files
+    openpyxl \
+    # Pillow for Alerts & Reports to generate PDFs of dashboards
+    Pillow \
+    # install Playwright for taking screenshots for Alerts & Reports. This assumes the feature flag PLAYWRIGHT_REPORTS_AND_THUMBNAILS is enabled
+    # That feature flag will default to True starting in 6.0.0
+    # Playwright works only with Chrome.
+    # If you are still using Selenium instead of Playwright, you would instead install here the selenium package and a headless browser & webdriver
+    playwright \
+    && playwright install-deps \
+    && PLAYWRIGHT_BROWSERS_PATH=/usr/local/share/playwright-browsers playwright install chromium
+
+# Switch back to the superset user
+USER superset
+
+CMD ["/app/docker/entrypoints/run-server.sh"]
+```
+
+## Key ARGs in Dockerfile
+
+- `BUILD_TRANSLATIONS`: whether to build the translations into the image. For the
+  frontend build this tells webpack to strip out all locales other than `en` from
+  the `moment-timezone` library. For the backendthis skips compiling the
+  `*.po` translation files
+- `DEV_MODE`: whether to skip the frontend build, this is used by our `docker-compose` dev setup
+  where we mount the local volume and build using `webpack` in `--watch` mode, meaning as you
+  alter the code in the local file system, webpack, from within a docker image used for this
+  purpose, will constantly rebuild the frontend as you go. This ARG enables the initial
+  `docker-compose` build to take much less time and resources
+- `INCLUDE_CHROMIUM`: whether to include chromium in the backend build so that it can be
+  used as a headless browser for workloads related to "Alerts & Reports" and thumbnail generation
+- `INCLUDE_FIREFOX`: same as above, but for firefox
+- `PY_VER`: specifying the base image for the python backend, we don't recommend altering
+  this setting if you're not working on forwards or backwards compatibility
+
+## Caching
+
+To accelerate builds, we follow Docker best practices and use `apache/superset-cache`.
+
+## About database drivers
+
+Our docker images come with little to zero database driver support since
+each environment requires different drivers, and maintaining a build with
+wide database support would be both challenging (dozens of databases,
+python drivers, and os dependencies) and inefficient (longer
+build times, larger images, lower layer cache hit rate, ...).
+
+For production use cases, we recommend that you derive our `lean` image(s) and
+add database support for the database you need.
+
+## On supporting different platforms (namely arm64 AND amd64)
+
+Currently all automated builds are multi-platform, supporting both `linux/arm64`
+and `linux/amd64`. This enables higher level constructs like `helm` and
+`docker compose` to point to these images and effectively be multi-platform
+as well.
+
+Pull requests and master builds
+are one-image-per-platform so that they can be parallelized and the
+build matrix for those is more sparse as we don't need to build every
+build preset on every platform, and generally can be more selective here.
+For those builds, we suffix tags with `-arm` where it applies.
+
+### Working with Apple silicon
+
+Apple's current generation of computers uses ARM-based CPUs, and Docker
+running on MACs seem to require `linux/arm64/v8` (at least one user's M2 was
+configured in that way). Setting the environment
+variable `DOCKER_DEFAULT_PLATFORM` to `linux/amd64` seems to function in
+term of leveraging, and building upon the Superset builds provided here.
+
+```bash
+export DOCKER_DEFAULT_PLATFORM=linux/amd64
+```
+
+Presumably, `linux/arm64/v8` would be more optimized for this generation
+of chips, but less compatible across the ARM ecosystem.

docs/admin_docs_versioned_docs/version-6.1.0/installation/docker-compose.mdx

@@ -0,0 +1,286 @@
+---
+title: Docker Compose
+hide_title: true
+sidebar_position: 5
+version: 1
+---
+
+import useBaseUrl from "@docusaurus/useBaseUrl";
+
+# Using Docker Compose
+
+<img src={useBaseUrl("/img/docker-compose.webp" )} width="150" />
+<br /><br />
+
+:::caution
+Since `docker compose` is primarily designed to run a set of containers on **a single host**
+and can't support requirements for **high availability**, we do not support nor recommend
+using our `docker compose` constructs to support production-type use-cases. For single host
+environments, we recommend using [minikube](https://minikube.sigs.k8s.io/docs/start/) along
+with our [installing on k8s](https://superset.apache.org/admin-docs/installation/running-on-kubernetes)
+documentation.
+:::
+
+As mentioned in our [quickstart guide](/user-docs/quickstart), the fastest way to try
+Superset locally is using Docker Compose on a Linux or Mac OSX
+computer. Superset does not have official support for Windows. It's also the easiest
+way to launch a fully functioning **development environment** quickly.
+
+Note that there are 4 major ways we support to run `docker compose`:
+
+1. **docker-compose.yml:** for interactive development, where we mount your local folder with the
+  frontend/backend files that you can edit and experience the changes you
+  make in the app in real time
+1. **docker-compose-light.yml:** a lightweight configuration with minimal services (database,
+  Superset app, and frontend dev server) for development. Uses in-memory caching instead of Redis
+  and is designed for running multiple instances simultaneously
+1. **docker-compose-non-dev.yml** where we just build a more immutable image based on the
+  local branch and get all the required images running. Changes in the local branch
+  at the time you fire this up will be reflected, but changes to the code
+  while `up` won't be reflected in the app
+1. **docker-compose-image-tag.yml** where we fetch an image from docker-hub say for the
+  `5.0.0` release for instance, and fire it up so you can try it. Here what's in
+  the local branch has no effects on what's running, we just fetch and run
+  pre-built images from docker-hub. For `docker compose` to work along with the
+  Postgres image it boots up, you'll want to point to a `-dev`-suffixed TAG, as in
+  `export TAG=5.0.0-dev` or `export TAG=4.1.2-dev`, with `latest-dev` being the default.
+  The `dev` builds include the `psycopg2-binary` required to connect
+  to the Postgres database launched as part of the `docker compose` builds.
+
+More on these approaches after setting up the requirements for either.
+
+## Requirements
+
+Note that this documentation assumes that you have [Docker](https://www.docker.com) and
+[git](https://git-scm.com/) installed. Note also that we used to use `docker-compose` but that
+is on the path to deprecation so we now use `docker compose` instead.
+
+## 1. Clone Superset's GitHub repository
+
+[Clone Superset's repo](https://github.com/apache/superset) in your terminal with the
+following command:
+
+```bash
+git clone --depth=1  https://github.com/apache/superset.git
+```
+
+Once that command completes successfully, you should see a new `superset` folder in your
+current directory.
+
+## 2. Launch Superset Through Docker Compose
+
+First let's assume you're familiar with `docker compose` mechanics. Here we'll refer generally
+to `docker compose up` even though in some cases you may want to force a check for newer remote
+images using `docker compose pull`, force a build with `docker compose build` or force a build
+on latest base images using `docker compose build --pull`. In most cases though, the simple
+`up` command should do just fine. Refer to docker compose docs for more information on the topic.
+
+### Option #1 - for an interactive development environment
+
+```bash
+# The --build argument insures all the layers are up-to-date
+docker compose up --build
+```
+
+:::tip
+When running in development mode the `superset-node`
+container needs to finish building assets in order for the UI to render properly. If you would just
+like to try out Superset without making any code changes follow the steps documented for
+`production` or a specific version below.
+:::
+
+:::tip
+By default, we mount the local superset-frontend folder here and run `npm install` as well
+as `npm run dev` which triggers webpack to compile/bundle the frontend code. Depending
+on your local setup, especially if you have less than 16GB of memory,  it may be very slow to
+perform those operations. In this case, we recommend you set the env var
+`BUILD_SUPERSET_FRONTEND_IN_DOCKER` to `false`, and to run this locally instead in a terminal.
+Simply trigger `npm i && npm run dev`, this should be MUCH faster.
+:::
+
+:::tip
+Sometimes, your npm-related state can get out-of-wack, running `npm run prune` from
+the `superset-frontend/` folder will nuke the various' packages `node_module/` folders
+and help you start fresh. In the context of `docker compose` setting
+`export NPM_RUN_PRUNE=true` prior to running `docker compose up` will trigger that
+from within docker. This will slow down the startup, but will fix various npm-related issues.
+:::
+
+### Option #2 - lightweight development with multiple instances
+
+For a lighter development setup that uses fewer resources and supports running multiple instances:
+
+```bash
+# Single lightweight instance (default port 9001)
+docker compose -f docker-compose-light.yml up
+
+# Multiple instances with different ports
+NODE_PORT=9001 docker compose -p superset-1 -f docker-compose-light.yml up
+NODE_PORT=9002 docker compose -p superset-2 -f docker-compose-light.yml up
+NODE_PORT=9003 docker compose -p superset-3 -f docker-compose-light.yml up
+```
+
+This configuration includes:
+- PostgreSQL database (internal network only)
+- Superset application server
+- Frontend development server with webpack hot reloading
+- In-memory caching (no Redis)
+- Isolated volumes and networks per instance
+
+Access each instance at `http://localhost:{NODE_PORT}` (e.g., `http://localhost:9001`).
+
+### Option #3 - build a set of immutable images from the local branch
+
+```bash
+docker compose -f docker-compose-non-dev.yml up
+```
+
+### Option #4 - boot up an official release
+
+```bash
+# Set the version you want to run
+export TAG=5.0.0
+# Fetch the tag you're about to check out (assuming you shallow-cloned the repo)
+git fetch --depth=1 origin tag $TAG
+# Could also fetch all tags too if you've got bandwidth to spare
+# git fetch --tags
+# Checkout the corresponding git ref
+git checkout $TAG
+# Fire up docker compose
+docker compose -f docker-compose-image-tag.yml up
+```
+
+Here various release tags, github SHA, and latest `master` can be referenced by the TAG env var.
+Refer to the docker-related documentation to learn more about existing tags you can point to
+from Docker Hub.
+
+:::note
+For option #2 and #3, we recommend checking out the release tag from the git repository
+(ie: `git checkout 5.0.0`) for more guaranteed results. This ensures that the `docker-compose.*.yml`
+configurations and that the mounted `docker/` scripts are in sync with the image you are
+looking to fire up.
+:::
+
+## `docker compose` tips & configuration
+
+:::caution
+All of the content belonging to a Superset instance - charts, dashboards, users, etc. - is stored in
+its metadata database. In production, this database should be backed up.  The default installation
+with docker compose will store that data in a PostgreSQL database contained in a Docker
+[volume](https://docs.docker.com/storage/volumes/), which is not backed up.
+
+Again, **THE DOCKER-COMPOSE INSTALLATION IS NOT PRODUCTION-READY OUT OF THE BOX.**
+
+:::
+
+You should see a stream of logging output from the containers being launched on your machine. Once
+this output slows, you should have a running instance of Superset on your local machine!  To avoid
+the wall of text on future runs, add the `-d` option to the end of the `docker compose up` command.
+
+### Configuring Further
+
+The following is for users who want to configure how Superset runs in Docker Compose; otherwise, you
+can skip to the next section.
+
+You can install additional python packages and apply config overrides by following the steps
+mentioned in [docker/README.md](https://github.com/apache/superset/tree/master/docker#configuration)
+
+Note that `docker/.env` sets the default environment variables for all the docker images
+used by `docker compose`, and that `docker/.env-local` can be used to override those defaults.
+Also note that `docker/.env-local` is referenced in our `.gitignore`,
+preventing developers from risking committing potentially sensitive configuration to the repository.
+
+One important variable is `SUPERSET_LOAD_EXAMPLES` which determines whether the `superset_init`
+container will populate example data and visualizations into the metadata database. These examples
+are helpful for learning and testing out Superset but unnecessary for experienced users and
+production deployments. The loading process can sometimes take a few minutes and a good amount of
+CPU, so you may want to disable it on a resource-constrained device.
+
+For more advanced or dynamic configurations that are typically managed in a `superset_config.py` file
+located in your `PYTHONPATH`, note that it can be done by providing a
+`docker/pythonpath_dev/superset_config_docker.py` that will be ignored by git
+(preventing you to commit/push your local configuration back to the repository).
+The mechanics of this are in `docker/pythonpath_dev/superset_config.py` where you can see
+that the logic runs a `from superset_config_docker import *`
+
+:::note
+Users often want to connect to other databases from Superset. Currently, the easiest way to
+do this is to modify the `docker-compose-non-dev.yml` file and add your database as a service that
+the other services depend on (via `x-superset-depends-on`). Others have attempted to set
+`network_mode: host` on the Superset services, but these generally break the installation,
+because the configuration requires use of the Docker Compose DNS resolver for the service names.
+If you have a good solution for this, let us know!
+:::
+
+:::note
+Superset uses [Scarf Gateway](https://about.scarf.sh/scarf-gateway) to collect telemetry
+data. Knowing the installation counts for different Superset versions informs the project's
+decisions about patching and long-term support. Scarf purges personally identifiable information
+(PII) and provides only aggregated statistics.
+
+To opt-out of this data collection for packages downloaded through the Scarf Gateway by your docker
+compose based installation, edit the `x-superset-image:` line in your `docker-compose.yml` and
+`docker-compose-non-dev.yml` files, replacing `apachesuperset.docker.scarf.sh/apache/superset` with
+`apache/superset` to pull the image directly from Docker Hub.
+
+To disable the Scarf telemetry pixel, set the `SCARF_ANALYTICS` environment variable to `False` in
+your terminal and/or in your `docker/.env` file.
+:::
+
+## 3. Log in to Superset
+
+Your local Superset instance also includes a Postgres server to store your data and is already
+pre-loaded with some example datasets that ship with Superset. You can access Superset now via your
+web browser by visiting `http://localhost:8088`. Note that many browsers now default to `https` - if
+yours is one of them, please make sure it uses `http`.
+
+Log in with the default username and password:
+
+```bash
+username: admin
+```
+
+```bash
+password: admin
+```
+
+## 4. Connecting Superset to your local database instance
+
+When running Superset using `docker` or `docker compose` it runs in its own docker container, as if
+the Superset was running in a separate machine entirely. Therefore attempts to connect to your local
+database with the hostname `localhost` won't work as `localhost` refers to the docker container
+Superset is running in, and not your actual host machine. Fortunately, docker provides an easy way
+to access network resources in the host machine from inside a container, and we will leverage this
+capability to connect to our local database instance.
+
+Here the instructions are for connecting to postgresql (which is running on your host machine) from
+Superset (which is running in its docker container). Other databases may have slightly different
+configurations but gist would be same and boils down to 2 steps -
+
+1. **(Mac users may skip this step)** Configuring the local postgresql/database instance to accept
+public incoming connections. By default, postgresql only allows incoming connections from
+`localhost` and under Docker, unless you use `--network=host`, `localhost` will refer to different
+endpoints on the host machine and in a docker container respectively. Allowing postgresql to accept
+connections from the Docker involves making one-line changes to the files `postgresql.conf` and
+`pg_hba.conf`; you can find helpful links tailored to your OS / PG version on the web easily for
+this task. For Docker it suffices to only whitelist IPs `172.0.0.0/8` instead of `*`, but in any
+case you are _warned_ that doing this in a production database _may_ have disastrous consequences as
+you are opening your database to the public internet.
+1. Instead of `localhost`, try using `host.docker.internal` (Mac users, Ubuntu) or `172.18.0.1`
+(Linux users) as the hostname when attempting to connect to the database. This is a Docker internal
+detail -- what is happening is that, in Mac systems, Docker Desktop creates a dns entry for the
+hostname `host.docker.internal` which resolves to the correct address for the host machine, whereas
+in Linux this is not the case (at least by default). If neither of these 2 hostnames work then you
+may want to find the exact hostname you want to use, for that you can do `ifconfig` or
+`ip addr show` and look at the IP address of `docker0` interface that must have been created by
+Docker for you. Alternately if you don't even see the `docker0` interface try (if needed with sudo)
+`docker network inspect bridge` and see if there is an entry for `"Gateway"` and note the IP
+address.
+
+## 4. To build or not to build
+
+When running `docker compose up`, docker will build what is required behind the scene, but
+may use the docker cache if assets already exist. Running `docker compose build` prior to
+`docker compose up` or the equivalent shortcut `docker compose up --build` ensures that your
+docker images match the definition in the repository. This should only apply to the main
+docker-compose.yml file (default) and not to the alternative methods defined above.

docs/admin_docs_versioned_docs/version-6.1.0/installation/installation-methods.mdx

@@ -0,0 +1,56 @@
+---
+title: Installation Methods
+hide_title: true
+sidebar_position: 2
+version: 1
+---
+
+import useBaseUrl from "@docusaurus/useBaseUrl";
+
+# Installation Methods
+
+How should you install Superset? Here's a comparison of the different options. It will help if you've first read the [Architecture](/admin-docs/installation/architecture) page to understand Superset's different components.
+
+The fundamental trade-off is between you needing to do more of the detail work yourself vs. using a more complex deployment route that handles those details.
+
+## [Docker Compose](/admin-docs/installation/docker-compose)
+
+**Summary:** This takes advantage of containerization while remaining simpler than Kubernetes. This is the best way to try out Superset; it's also useful for developing & contributing back to Superset.
+
+If you're not just demoing the software, you'll need a moderate understanding of Docker to customize your deployment and avoid a few risks. Even when fully-optimized this is not as robust a method as Kubernetes when it comes to large-scale production deployments.
+
+You manage a superset-config.py file and a docker-compose.yml file. Docker Compose brings up all the needed services - the Superset application, a Postgres metadata DB, Redis cache, Celery worker and beat. They are automatically connected to each other.
+
+**Responsibilities**
+
+You will need to back up your metadata DB. That could mean backing up the service running as a Docker container and its volume; ideally you are running Postgres as a service outside of that container and backing up that service.
+
+You will also need to extend the Superset docker image. The default `lean` images do not contain drivers needed to access your metadata database (Postgres or MySQL), nor to access your data warehouse, nor the headless browser needed for Alerts & Reports. You could run a `-dev` image while demoing Superset, which has some of this, but you'll still need to install the driver for your data warehouse. The `-dev` images run as root, which is not recommended for production.
+
+Ideally you will build your own image of Superset that extends `lean`, adding what your deployment needs. See [Building your own production Docker image](/admin-docs/installation/docker-builds/#building-your-own-production-docker-image).
+
+## [Kubernetes (K8s)](/admin-docs/installation/kubernetes)
+
+**Summary:** This is the best-practice way to deploy a production instance of Superset, but has the steepest skill requirement - someone who knows Kubernetes.
+
+You will deploy Superset into a K8s cluster. The most common method is using the community-maintained Helm chart, though work is now underway to implement [SIP-149 - a Kubernetes Operator for Superset](https://github.com/apache/superset/issues/31408).
+
+A K8s deployment can scale up and down based on usage and deploy rolling updates with zero downtime - features that big deployments appreciate.
+
+**Responsibilities**
+
+You will need to build your own Docker image, and back up your metadata DB, both as described in Docker Compose above. You'll also need to customize your Helm chart values and deploy and maintain your Kubernetes cluster.
+
+## [PyPI (Python)](/admin-docs/installation/pypi)
+
+**Summary:** This is the only method that requires no knowledge of containers. It requires the most hands-on work to deploy, connect, and maintain each component.
+
+You install Superset as a Python package and run it that way, providing your own metadata database. Superset has documentation on how to install this way, but it is updated infrequently.
+
+If you want caching, you'll set up Redis or RabbitMQ. If you want Alerts & Reports, you'll set up Celery.
+
+**Responsibilities**
+
+You will need to get the component services running and communicating with each other. You'll need to arrange backups of your metadata database.
+
+When upgrading, you'll need to manage the system environment and packages and ensure all components have functional dependencies.

docs/admin_docs_versioned_docs/version-6.1.0/installation/kubernetes.mdx

@@ -0,0 +1,451 @@
+---
+title:  Kubernetes
+hide_title: true
+sidebar_position: 3
+version: 1
+---
+
+import useBaseUrl from "@docusaurus/useBaseUrl";
+
+# Installing on Kubernetes
+
+<img src={useBaseUrl("/img/k8s.png" )} width="150" />
+<br /><br />
+
+Running Superset on Kubernetes is supported with the provided [Helm](https://helm.sh/) chart
+found in the official [Superset helm repository](https://apache.github.io/superset/index.yaml).
+
+## Prerequisites
+
+- A Kubernetes cluster
+- Helm installed
+
+:::note
+For simpler, single host environments, we recommend using
+[minikube](https://minikube.sigs.k8s.io/docs/start/) which is easy to setup on many platforms
+and works fantastically well with the Helm chart referenced here.
+:::
+
+## Running
+
+1. Add the Superset helm repository
+
+```sh
+helm repo add superset https://apache.github.io/superset
+"superset" has been added to your repositories
+```
+
+2. View charts in repo
+
+```sh
+helm search repo superset
+NAME                    CHART VERSION   APP VERSION     DESCRIPTION
+superset/superset       0.1.1           1.0             Apache Superset is a modern, enterprise-ready b...
+```
+
+3. Configure your setting overrides
+
+Just like any typical Helm chart, you'll need to craft a `values.yaml` file that would define/override any of the values exposed into the default [values.yaml](https://github.com/apache/superset/tree/master/helm/superset/values.yaml), or from any of the dependent charts it depends on:
+
+- [bitnami/redis](https://artifacthub.io/packages/helm/bitnami/redis)
+- [bitnami/postgresql](https://artifacthub.io/packages/helm/bitnami/postgresql)
+
+More info down below on some important overrides you might need.
+
+4. Install and run
+
+```sh
+helm upgrade --install --values my-values.yaml superset superset/superset
+```
+
+You should see various pods popping up, such as:
+
+```sh
+kubectl get pods
+NAME                                    READY   STATUS      RESTARTS   AGE
+superset-celerybeat-7cdcc9575f-k6xmc    1/1     Running     0          119s
+superset-f5c9c667-dw9lp                 1/1     Running     0          4m7s
+superset-f5c9c667-fk8bk                 1/1     Running     0          4m11s
+superset-init-db-zlm9z                  0/1     Completed   0          111s
+superset-postgresql-0                   1/1     Running     0          6d20h
+superset-redis-master-0                 1/1     Running     0          6d20h
+superset-worker-75b48bbcc-jmmjr         1/1     Running     0          4m8s
+superset-worker-75b48bbcc-qrq49         1/1     Running     0          4m12s
+```
+
+The exact list will depend on some of your specific configuration overrides but you should generally expect:
+
+- N `superset-xxxx-yyyy` and `superset-worker-xxxx-yyyy` pods (depending on your `supersetNode.replicaCount` and `supersetWorker.replicaCount` values)
+- 1 `superset-postgresql-0` depending on your postgres settings
+- 1 `superset-redis-master-0` depending on your redis settings
+- 1 `superset-celerybeat-xxxx-yyyy` pod if you have `supersetCeleryBeat.enabled = true` in your values overrides
+
+1. Access it
+
+The chart will publish appropriate services to expose the Superset UI internally within your k8s cluster. To access it externally you will have to either:
+
+- Configure the Service as a `LoadBalancer` or `NodePort`
+- Set up an `Ingress` for it - the chart includes a definition, but will need to be tuned to your needs (hostname, tls, annotations etc...)
+- Run `kubectl port-forward superset-xxxx-yyyy :8088` to directly tunnel one pod's port into your localhost
+
+Depending how you configured external access, the URL will vary. Once you've identified the appropriate URL you can log in with:
+
+- user: `admin`
+- password: `admin`
+
+## Important settings
+
+### Security settings
+
+Default security settings and passwords are included but you **MUST** update them to run `prod` instances, in particular:
+
+```yaml
+postgresql:
+  postgresqlPassword: superset
+```
+
+Make sure, you set a unique strong complex alphanumeric string for your SECRET_KEY and use a tool to help you generate
+a sufficiently random sequence.
+
+- To generate a good key you can run, `openssl rand -base64 42`
+
+```yaml
+configOverrides:
+  secret: |
+    SECRET_KEY = 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY'
+```
+
+If you want to change the previous secret key then you should rotate the keys.
+Default secret key for kubernetes deployment is `thisISaSECRET_1234`
+
+```yaml
+configOverrides:
+  my_override: |
+    PREVIOUS_SECRET_KEY = 'YOUR_PREVIOUS_SECRET_KEY'
+    SECRET_KEY = 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY'
+init:
+  command:
+    - /bin/sh
+    - -c
+    - |
+      . {{ .Values.configMountPath }}/superset_bootstrap.sh
+      superset re-encrypt-secrets
+      . {{ .Values.configMountPath }}/superset_init.sh
+```
+
+:::note
+Superset uses [Scarf Gateway](https://about.scarf.sh/scarf-gateway) to collect telemetry data.  Knowing the installation counts for different Superset versions informs the  project's decisions about patching and long-term support. Scarf purges personally identifiable information (PII) and provides only aggregated statistics.
+
+To opt-out of this data collection in your Helm-based installation, edit the `repository:` line in your `helm/superset/values.yaml` file, replacing `apachesuperset.docker.scarf.sh/apache/superset` with `apache/superset` to pull the image directly from Docker Hub.
+:::
+
+### Dependencies
+
+Install additional packages and do any other bootstrap configuration in the bootstrap script.
+For production clusters it's recommended to build own image with this step done in CI.
+
+:::note
+
+Superset requires a Python DB-API database driver and a SQLAlchemy
+dialect to be installed for each datastore you want to connect to.
+
+See [Install Database Drivers](/user-docs/databases#installing-database-drivers) for more information.
+It is recommended that you refer to versions listed in
+[pyproject.toml](https://github.com/apache/superset/blob/master/pyproject.toml)
+instead of hard-coding them in your bootstrap script, as seen below.
+
+:::
+
+The following example installs the drivers for BigQuery and Elasticsearch, allowing you to connect to these data sources within your Superset setup:
+
+```yaml
+bootstrapScript: |
+  #!/bin/bash
+  uv pip install .[postgres] \
+    .[bigquery] \
+    .[elasticsearch] &&\
+  if [ ! -f ~/bootstrap ]; then echo "Running Superset with uid {{ .Values.runAsUser }}" > ~/bootstrap; fi
+```
+
+### superset_config.py
+
+The default `superset_config.py` is fairly minimal and you will very likely need to extend it. This is done by specifying one or more key/value entries in `configOverrides`, e.g.:
+
+```yaml
+configOverrides:
+  my_override: |
+    # This will make sure the redirect_uri is properly computed, even with SSL offloading
+    ENABLE_PROXY_FIX = True
+    FEATURE_FLAGS = {
+        "DYNAMIC_PLUGINS": True
+    }
+```
+
+Those will be evaluated as Helm templates and therefore will be able to reference other `values.yaml` variables e.g. `{{ .Values.ingress.hosts[0] }}` will resolve to your ingress external domain.
+
+The entire `superset_config.py` will be installed as a secret, so it is safe to pass sensitive parameters directly... however it might be more readable to use secret env variables for that.
+
+Full python files can be provided by running `helm upgrade --install --values my-values.yaml --set-file configOverrides.oauth=set_oauth.py`
+
+### Environment Variables
+
+Those can be passed as key/values either with `extraEnv` or `extraSecretEnv` if they're sensitive. They can then be referenced from `superset_config.py` using e.g. `os.environ.get("VAR")`.
+
+```yaml
+extraEnv:
+  SMTP_HOST: smtp.gmail.com
+  SMTP_USER: user@gmail.com
+  SMTP_PORT: "587"
+  SMTP_MAIL_FROM: user@gmail.com
+
+extraSecretEnv:
+  SMTP_PASSWORD: xxxx
+
+configOverrides:
+  smtp: |
+    import ast
+    SMTP_HOST = os.getenv("SMTP_HOST","localhost")
+    SMTP_STARTTLS = ast.literal_eval(os.getenv("SMTP_STARTTLS", "True"))
+    SMTP_SSL = ast.literal_eval(os.getenv("SMTP_SSL", "False"))
+    SMTP_USER = os.getenv("SMTP_USER","superset")
+    SMTP_PORT = os.getenv("SMTP_PORT",25)
+    SMTP_PASSWORD = os.getenv("SMTP_PASSWORD","superset")
+```
+
+### System packages
+
+If new system packages are required, they can be installed before application startup by overriding the container's `command`, e.g.:
+
+```yaml
+supersetWorker:
+  command:
+    - /bin/sh
+    - -c
+    - |
+      apt update
+      apt install -y somepackage
+      apt autoremove -yqq --purge
+      apt clean
+
+      # Run celery worker
+      . {{ .Values.configMountPath }}/superset_bootstrap.sh; celery --app=superset.tasks.celery_app:app worker
+```
+
+### Data sources
+
+Data source definitions can be automatically declared by providing key/value yaml definitions in `extraConfigs`:
+
+```yaml
+extraConfigs:
+  import_datasources.yaml: |
+    databases:
+    - allow_file_upload: true
+      allow_ctas: true
+      allow_cvas: true
+      database_name: example-db
+      extra: "{\r\n    \"metadata_params\": {},\r\n    \"engine_params\": {},\r\n    \"\
+        metadata_cache_timeout\": {},\r\n    \"schemas_allowed_for_file_upload\": []\r\n\
+        }"
+      sqlalchemy_uri: example://example-db.local
+      tables: []
+```
+
+Those will also be mounted as secrets and can include sensitive parameters.
+
+## Configuration Examples
+
+### Setting up OAuth
+
+:::note
+
+OAuth setup requires that the [authlib](https://authlib.org/) Python library is installed. This can
+be done using `pip` by updating the `bootstrapScript`. See the [Dependencies](#dependencies) section
+for more information.
+
+:::
+
+```yaml
+extraEnv:
+  AUTH_DOMAIN: example.com
+
+extraSecretEnv:
+  GOOGLE_KEY: xxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com
+  GOOGLE_SECRET: xxxxxxxxxxxxxxxxxxxxxxxx
+
+configOverrides:
+  enable_oauth: |
+    # This will make sure the redirect_uri is properly computed, even with SSL offloading
+    ENABLE_PROXY_FIX = True
+
+    from flask_appbuilder.security.manager import AUTH_OAUTH
+    AUTH_TYPE = AUTH_OAUTH
+    OAUTH_PROVIDERS = [
+        {
+            "name": "google",
+            "icon": "fa-google",
+            "token_key": "access_token",
+            "remote_app": {
+                "client_id": os.getenv("GOOGLE_KEY"),
+                "client_secret": os.getenv("GOOGLE_SECRET"),
+                "api_base_url": "https://www.googleapis.com/oauth2/v2/",
+                "client_kwargs": {"scope": "email profile"},
+                "request_token_url": None,
+                "access_token_url": "https://accounts.google.com/o/oauth2/token",
+                "authorize_url": "https://accounts.google.com/o/oauth2/auth",
+                "authorize_params": {"hd": os.getenv("AUTH_DOMAIN", "")}
+            },
+        }
+    ]
+
+    # Map Authlib roles to superset roles
+    AUTH_ROLE_ADMIN = 'Admin'
+    AUTH_ROLE_PUBLIC = 'Public'
+
+    # Will allow user self registration, allowing to create Flask users from Authorized User
+    AUTH_USER_REGISTRATION = True
+
+    # The default user self registration role
+    AUTH_USER_REGISTRATION_ROLE = "Admin"
+```
+
+### Enable Alerts and Reports
+
+For this, as per the [Alerts and Reports doc](/admin-docs/configuration/alerts-reports), you will need to:
+
+#### Install a supported webdriver in the Celery worker
+
+This is done either by using a custom image that has the webdriver pre-installed, or installing at startup time by overriding the `command`. Here's a working example for `chromedriver`:
+
+```yaml
+supersetWorker:
+  command:
+    - /bin/sh
+    - -c
+    - |
+      # Install chrome webdriver
+      # See https://github.com/apache/superset/blob/4fa3b6c7185629b87c27fc2c0e5435d458f7b73d/docs/src/pages/admin-docs/installation/email_reports.mdx
+      apt-get update
+      apt-get install -y wget
+      wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
+      apt-get install -y --no-install-recommends ./google-chrome-stable_current_amd64.deb
+      wget https://chromedriver.storage.googleapis.com/88.0.4324.96/chromedriver_linux64.zip
+      apt-get install -y zip
+      unzip chromedriver_linux64.zip
+      chmod +x chromedriver
+      mv chromedriver /usr/bin
+      apt-get autoremove -yqq --purge
+      apt-get clean
+      rm -f google-chrome-stable_current_amd64.deb chromedriver_linux64.zip
+
+      # Run
+      . {{ .Values.configMountPath }}/superset_bootstrap.sh; celery --app=superset.tasks.celery_app:app worker
+```
+
+#### Run the Celery beat
+
+This pod will trigger the scheduled tasks configured in the alerts and reports UI section:
+
+```yaml
+supersetCeleryBeat:
+  enabled: true
+```
+
+#### Configure the appropriate Celery jobs and SMTP/Slack settings
+
+```yaml
+extraEnv:
+  SMTP_HOST: smtp.gmail.com
+  SMTP_USER: user@gmail.com
+  SMTP_PORT: "587"
+  SMTP_MAIL_FROM: user@gmail.com
+
+extraSecretEnv:
+  SLACK_API_TOKEN: xoxb-xxxx-yyyy
+  SMTP_PASSWORD: xxxx-yyyy
+
+configOverrides:
+  feature_flags: |
+    import ast
+
+    FEATURE_FLAGS = {
+        "ALERT_REPORTS": True
+    }
+
+    SMTP_HOST = os.getenv("SMTP_HOST","localhost")
+    SMTP_STARTTLS = ast.literal_eval(os.getenv("SMTP_STARTTLS", "True"))
+    SMTP_SSL = ast.literal_eval(os.getenv("SMTP_SSL", "False"))
+    SMTP_USER = os.getenv("SMTP_USER","superset")
+    SMTP_PORT = os.getenv("SMTP_PORT",25)
+    SMTP_PASSWORD = os.getenv("SMTP_PASSWORD","superset")
+    SMTP_MAIL_FROM = os.getenv("SMTP_MAIL_FROM","superset@superset.com")
+
+    SLACK_API_TOKEN = os.getenv("SLACK_API_TOKEN",None)
+  celery_conf: |
+    from celery.schedules import crontab
+
+    class CeleryConfig:
+      broker_url = f"redis://{env('REDIS_HOST')}:{env('REDIS_PORT')}/0"
+      imports = (
+          "superset.sql_lab",
+          "superset.tasks.cache",
+          "superset.tasks.scheduler",
+      )
+      result_backend = f"redis://{env('REDIS_HOST')}:{env('REDIS_PORT')}/0"
+      task_annotations = {
+          "sql_lab.get_sql_results": {
+              "rate_limit": "100/s",
+          },
+      }
+      beat_schedule = {
+          "reports.scheduler": {
+              "task": "reports.scheduler",
+              "schedule": crontab(minute="*", hour="*"),
+          },
+          "reports.prune_log": {
+              "task": "reports.prune_log",
+              'schedule': crontab(minute=0, hour=0),
+          },
+          'cache-warmup-hourly': {
+              "task": "cache-warmup",
+              "schedule": crontab(minute="*/30", hour="*"),
+              "kwargs": {
+                  "strategy_name": "top_n_dashboards",
+                  "top_n": 10,
+                  "since": "7 days ago",
+              },
+          }
+      }
+
+    CELERY_CONFIG = CeleryConfig
+  reports: |
+    EMAIL_PAGE_RENDER_WAIT = 60
+    WEBDRIVER_BASEURL = "http://{{ template "superset.fullname" . }}:{{ .Values.service.port }}/"
+    WEBDRIVER_BASEURL_USER_FRIENDLY = "https://www.example.com/"
+    WEBDRIVER_TYPE= "chrome"
+    WEBDRIVER_OPTION_ARGS = [
+        "--force-device-scale-factor=2.0",
+        "--high-dpi-support=2.0",
+        "--headless",
+        "--disable-gpu",
+        "--disable-dev-shm-usage",
+        # This is required because our process runs as root (in order to install pip packages)
+        "--no-sandbox",
+        "--disable-setuid-sandbox",
+        "--disable-extensions",
+    ]
+```
+
+### Load the Examples data and dashboards
+
+If you are trying Superset out and want some data and dashboards to explore, you can load some examples by creating a `my_values.yaml` and deploying it as described above in the **Configure your setting overrides** step of the **Running** section.
+To load the examples, add the following to the `my_values.yaml` file:
+
+```yaml
+init:
+  loadExamples: true
+```
+
+:::resources
+- [Tutorial: Mastering Data Visualization — Installing Superset on Kubernetes with Helm Chart](https://mahira-technology.medium.com/mastering-data-visualization-installing-superset-on-kubernetes-cluster-using-helm-chart-e4ec99199e1e)
+- [Tutorial: Installing Apache Superset in Kubernetes](https://aws.plainenglish.io/installing-apache-superset-in-kubernetes-1aec192ac495)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/installation/pypi.mdx

@@ -0,0 +1,164 @@
+---
+title: PyPI
+hide_title: true
+sidebar_position: 4
+version: 1
+---
+
+import useBaseUrl from "@docusaurus/useBaseUrl";
+
+# Installing Superset from PyPI
+
+<img src={useBaseUrl("/img/pypi.png" )} width="150" />
+<br /><br />
+
+This page describes how to install Superset using the `apache_superset` package [published on PyPI](https://pypi.org/project/apache_superset/).
+
+## OS Dependencies
+
+Superset stores database connection information in its metadata database. For that purpose, we use
+the cryptography Python library to encrypt connection passwords. Unfortunately, this library has OS
+level dependencies.
+
+**Debian and Ubuntu**
+
+Ubuntu **24.04** uses python 3.12 per default, which currently is not supported by Superset. You need to add a second python installation of 3.11 and install the required additional dependencies.
+```bash
+sudo add-apt-repository ppa:deadsnakes/ppa
+sudo apt update
+sudo apt install python3.11 python3.11-dev python3.11-venv build-essential libssl-dev libffi-dev libsasl2-dev libldap2-dev default-libmysqlclient-dev
+```
+
+In Ubuntu **20.04 and 22.04** the following command will ensure that the required dependencies are installed:
+
+```bash
+sudo apt-get install build-essential libssl-dev libffi-dev python3-dev python3-pip libsasl2-dev libldap2-dev default-libmysqlclient-dev
+```
+
+In Ubuntu **before 20.04** the following command will ensure that the required dependencies are installed:
+
+```bash
+sudo apt-get install build-essential libssl-dev libffi-dev python-dev python-pip libsasl2-dev libldap2-dev default-libmysqlclient-dev
+```
+
+**Fedora and RHEL-derivative Linux distributions**
+
+Install the following packages using the `yum` package manager:
+
+```bash
+sudo yum install gcc gcc-c++ libffi-devel python-devel python-pip python-wheel openssl-devel cyrus-sasl-devel openldap-devel
+```
+
+In more recent versions of CentOS and Fedora, you may need to install a slightly different set of packages using `dnf`:
+
+```bash
+sudo dnf install gcc gcc-c++ libffi-devel python3-devel python3-pip python3-wheel openssl-devel cyrus-sasl-devel openldap-devel
+```
+
+Also, on CentOS, you may need to upgrade pip for the install to work:
+
+```bash
+pip3 install --upgrade pip
+```
+
+**Mac OS X**
+
+If you're not on the latest version of OS X, we recommend upgrading because we've found that many
+issues people have run into are linked to older versions of Mac OS X. After updating, install the
+latest version of XCode command line tools:
+
+```bash
+xcode-select --install
+```
+
+We don't recommend using the system installed Python. Instead, first install the
+[homebrew](https://brew.sh/) manager and then run the following commands:
+
+```bash
+brew install readline pkg-config libffi openssl mysql postgresql@14
+```
+
+You should install a recent version of Python. Refer to the
+[pyproject.toml](https://github.com/apache/superset/blob/master/pyproject.toml) file for a list of Python
+versions officially supported by Superset. We'd recommend using a Python version manager
+like [pyenv](https://github.com/pyenv/pyenv)
+(and also [pyenv-virtualenv](https://github.com/pyenv/pyenv-virtualenv)).
+
+Let's also make sure we have the latest version of `pip` and `setuptools`:
+
+```bash
+pip install --upgrade setuptools pip
+```
+
+Lastly, you may need to set LDFLAGS and CFLAGS for certain Python packages to properly build. You can export these variables with:
+
+```bash
+export LDFLAGS="-L$(brew --prefix openssl)/lib"
+export CFLAGS="-I$(brew --prefix openssl)/include"
+```
+
+These will now be available when pip installing requirements.
+
+## Python Virtual Environment
+
+We highly recommend installing Superset inside of a virtual environment.
+
+You can create and activate a virtual environment using the following commands. Ensure you are using a compatible version of python. You might have to explicitly use for example `python3.11` instead of `python3`.
+
+```bash
+# virtualenv is shipped in Python 3.6+ as venv instead of pyvenv.
+# See https://docs.python.org/3.6/library/venv.html
+python3 -m venv venv
+. venv/bin/activate
+```
+
+Or with pyenv-virtualenv:
+
+```bash
+# Here we name the virtual env 'superset'
+pyenv virtualenv superset
+pyenv activate superset
+```
+
+Once you activated your virtual environment, all of the Python packages you install or uninstall
+will be confined to this environment. You can exit the environment by running `deactivate` on the
+command line.
+
+### Installing and Initializing Superset
+
+First, start by installing `apache_superset`:
+
+```bash
+pip install apache_superset
+```
+
+Then, define mandatory configurations, SECRET_KEY and FLASK_APP:
+```bash
+export SUPERSET_SECRET_KEY=YOUR-SECRET-KEY # For production use, make sure this is a strong key, for example generated using `openssl rand -base64 42`. See https://superset.apache.org/admin-docs/configuration/configuring-superset#specifying-a-secret_key
+export FLASK_APP=superset
+```
+
+Then, you need to initialize the database:
+
+```bash
+superset db upgrade
+```
+
+Finish installing by running through the following commands:
+
+```bash
+# Create an admin user in your metadata database (use `admin` as username to be able to load the examples)
+superset fab create-admin
+
+# Load some data to play with
+superset load_examples
+
+# Create default roles and permissions
+superset init
+
+# To start a development web server on port 8088, use -p to bind to another port
+superset run -p 8088 --with-threads --reload --debugger
+```
+
+If everything worked, you should be able to navigate to `hostname:port` in your browser (e.g.
+locally by default at `localhost:8088`) and login using the username and password you created.

docs/admin_docs_versioned_docs/version-6.1.0/installation/upgrading-superset.mdx

@@ -0,0 +1,61 @@
+---
+title: Upgrading Superset
+hide_title: true
+sidebar_position: 6
+version: 1
+---
+
+# Upgrading Superset
+
+## Docker Compose
+
+First, make sure to shut down the running containers in Docker Compose:
+
+```bash
+docker compose down
+```
+
+Next, update the folder that mirrors the `superset` repo through git:
+
+```bash
+git pull origin master
+```
+
+Then, restart the containers and any changed Docker images will be automatically pulled down:
+
+```bash
+docker compose up
+```
+
+## Updating Superset Manually
+
+To upgrade superset in a native installation, run the following commands:
+
+```bash
+pip install apache_superset --upgrade
+```
+
+## Upgrading the Metadata Database
+
+Migrate the metadata database by running:
+
+```bash
+superset db upgrade
+superset init
+```
+
+While upgrading superset should not delete your charts and dashboards, we recommend following best
+practices and to backup your metadata database before upgrading. Before upgrading production, we
+recommend upgrading in a staging environment and upgrading production finally during off-peak usage.
+
+## Breaking Changes
+
+For a detailed list of breaking changes and migration notes for each version, see
+[UPDATING.md](https://github.com/apache/superset/blob/master/UPDATING.md).
+
+This file documents backwards-incompatible changes and provides guidance for migrating between
+major versions, including:
+- Configuration changes
+- API changes
+- Database migrations
+- Deprecated features

docs/admin_docs_versioned_docs/version-6.1.0/security/cves.mdx

@@ -0,0 +1,140 @@
+---
+title: CVEs fixed by release
+sidebar_position: 2
+---
+#### Version 6.0.0
+
+| CVE            | Title                                                                              | Affected |
+|:---------------|:-----------------------------------------------------------------------------------|---------:|
+| CVE-2026-23980 | Improper Neutralization of Special Elements used in a SQL Command                  |  < 6.0.0 |
+| CVE-2026-23982 | Improper Authorization in Dataset Creation Allows Access Control Bypass            |  < 6.0.0 |
+| CVE-2026-23983 | Information Disclosure of sensitive user info via Tags                             |  < 6.0.0 |
+| CVE-2026-23984 | SQLLab Read-Only Bypass on PostgreSQL (DML execution)                              |  < 6.0.0 |
+
+#### Version 5.0.0
+
+| CVE            | Title                                                                              | Affected |
+|:---------------|:-----------------------------------------------------------------------------------|---------:|
+| CVE-2025-55673 | Exposure of Sensitive Information to an Unauthorized Actor                         |  < 5.0.0 |
+| CVE-2025-55674 | Improper Neutralization of Special Elements used in an SQL Command                 |  < 5.0.0 |
+| CVE-2025-55675 | Improper Access Control leading to Information Disclosure                          |  < 5.0.0 |
+
+#### Version 4.1.3
+
+| CVE            | Title                                                                              | Affected |
+|:---------------|:-----------------------------------------------------------------------------------|---------:|
+| CVE-2025-55672 | Improper Neutralization of Input During Web Page Generation                        |  < 4.1.3 |
+
+#### Version 4.1.2
+
+| CVE            | Title                                                                              | Affected |
+|:---------------|:-----------------------------------------------------------------------------------|---------:|
+| CVE-2025-27696 | Improper authorization leading to resource ownership takeover                      |  < 4.1.2 |
+| CVE-2025-48912 | Improper authorization bypass on row level security via SQL Injection              |  < 4.1.2 |
+| CVE-2026-23969 | Exposure of Sensitive Information via Incomplete ClickHouse Function Filtering     |  < 4.1.2 |
+
+#### Version 4.1.0
+
+| CVE            | Title                                                                              | Affected |
+|:---------------|:-----------------------------------------------------------------------------------|---------:|
+| CVE-2024-53947 | Improper SQL authorisation, parse for specific postgres functions                  |  < 4.1.0 |
+| CVE-2024-53948 | Error verbosity exposes metadata in analytics databases                            |  < 4.1.0 |
+| CVE-2024-53949 | Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled |  < 4.1.0 |
+| CVE-2024-55633 | SQLLab Improper readonly query validation allows unauthorized write access         |  < 4.1.0 |
+
+#### Version 4.0.2
+
+| CVE            | Title                       | Affected |
+|:---------------|:----------------------------|---------:|
+| CVE-2024-39887 | Improper SQL authorization  |  < 4.0.1 |
+
+#### Version 3.1.3, 4.0.1
+
+| CVE            | Title                       |                    Affected |
+|:---------------|:----------------------------|----------------------------:|
+| CVE-2024-34693 | Server arbitrary file read  |  < 3.1.3, >= 4.0.0, < 4.0.1 |
+
+#### Version 3.1.2
+
+| CVE            | Title                                                   | Affected |
+|:---------------|:--------------------------------------------------------|---------:|
+| CVE-2024-28148 | Incorrect datasource authorization on explore REST API  |  < 3.1.2 |
+
+#### Version 3.0.4, 3.1.1
+
+| CVE            | Title                                                                        |                    Affected |
+|:---------------|:-----------------------------------------------------------------------------|----------------------------:|
+| CVE-2024-27315 | Improper error handling on alerts                                            |  < 3.0.4, >= 3.1.0, < 3.1.1 |
+| CVE-2024-24773 | Improper validation of SQL statements allows for unauthorized access to data |  < 3.0.4, >= 3.1.0, < 3.1.1 |
+| CVE-2024-24772 | Improper Neutralisation of custom SQL on embedded context                    |  < 3.0.4, >= 3.1.0, < 3.1.1 |
+| CVE-2024-24779 | Improper data authorization when creating a new dataset                      |  < 3.0.4, >= 3.1.0, < 3.1.1 |
+| CVE-2024-26016 | Improper authorization validation on dashboards and charts import            |  < 3.0.4, >= 3.1.0, < 3.1.1 |
+
+#### Version 3.0.3
+
+| CVE            | Title                                         | Affected |
+|:---------------|:----------------------------------------------|---------:|
+| CVE-2023-49657 | Stored XSS in Dashboard Title and Chart Title |  < 3.0.3 |
+
+#### Version 3.0.2, 2.1.3
+
+| CVE            | Title                                                       |                   Affected |
+|:---------------|:------------------------------------------------------------|---------------------------:|
+| CVE-2023-46104 | Allows for uncontrolled resource consumption via a ZIP bomb | < 2.1.3, >= 3.0.0, < 3.0.2 |
+| CVE-2023-49736 | SQL Injection on where_in JINJA macro                       | < 2.1.3, >= 3.0.0, < 3.0.2 |
+| CVE-2023-49734 | Privilege Escalation Vulnerability                          | < 2.1.3, >= 3.0.0, < 3.0.2 |
+
+#### Version 3.0.0
+
+| CVE            | Title                                                                   | Affected |
+|:---------------|:------------------------------------------------------------------------|---------:|
+| CVE-2023-42502 | Open Redirect Vulnerability                                             |  < 3.0.0 |
+| CVE-2023-42505 | Sensitive information disclosure on db connection details               |  < 3.0.0 |
+
+#### Version 2.1.3
+
+| CVE            | Title                                                                   | Affected |
+|:---------------|:------------------------------------------------------------------------|---------:|
+| CVE-2023-42504 | Lack of rate limiting allows for possible denial of service             |  < 2.1.3 |
+
+#### Version 2.1.2
+
+| CVE            | Title                                                                   | Affected |
+|:---------------|:------------------------------------------------------------------------|---------:|
+| CVE-2023-40610 | Privilege escalation with default examples database                     |  < 2.1.2 |
+| CVE-2023-42501 | Unnecessary read permissions within the Gamma role                      |  < 2.1.2 |
+| CVE-2023-43701 | Stored XSS on API endpoint                                              |  < 2.1.2 |
+
+#### Version 2.1.1
+
+| CVE            | Title                                                                   | Affected |
+|:---------------|:------------------------------------------------------------------------|---------:|
+| CVE-2023-36387 | Improper API permission for low privilege users                         |  < 2.1.1 |
+| CVE-2023-36388 | Improper API permission for low privilege users allows for SSRF         |  < 2.1.1 |
+| CVE-2023-27523 | Improper data permission validation on Jinja templated queries          |  < 2.1.1 |
+| CVE-2023-27526 | Improper Authorization check on import charts                           |  < 2.1.1 |
+| CVE-2023-39264 | Stack traces enabled by default                                         |  < 2.1.1 |
+| CVE-2023-39265 | Possible Unauthorized Registration of SQLite Database Connections       |  < 2.1.1 |
+| CVE-2023-37941 | Metadata db write access can lead to remote code execution              |  < 2.1.1 |
+| CVE-2023-32672 | SQL parser edge case bypasses data access authorization                 |  < 2.1.1 |
+
+#### Version 2.1.0
+
+| CVE            | Title                                                                   | Affected |
+|:---------------|:------------------------------------------------------------------------|---------:|
+| CVE-2023-25504 | Possible SSRF on import datasets                                        |  < 2.1.0 |
+| CVE-2023-27524 | Session validation vulnerability when using provided default SECRET_KEY |  < 2.1.0 |
+| CVE-2023-27525 | Incorrect default permissions for Gamma role                            |  < 2.1.0 |
+| CVE-2023-30776 | Database connection password leak                                       |  < 2.1.0 |
+
+#### Version 2.0.1
+
+| CVE            | Title                                                       |          Affected  |
+|:---------------|:------------------------------------------------------------|------------------: |
+| CVE-2022-41703 | SQL injection vulnerability in adhoc clauses                | < 2.0.1 or < 1.5.2 |
+| CVE-2022-43717 | Cross-Site Scripting on dashboards                          | < 2.0.1 or < 1.5.2 |
+| CVE-2022-43718 | Cross-Site Scripting vulnerability on upload forms          | < 2.0.1 or < 1.5.2 |
+| CVE-2022-43719 | Cross Site Request Forgery (CSRF) on accept, request access | < 2.0.1 or < 1.5.2 |
+| CVE-2022-43720 | Improper rendering of user input                            | < 2.0.1 or < 1.5.2 |
+| CVE-2022-43721 | Open Redirect Vulnerability                                 | < 2.0.1 or < 1.5.2 |
+| CVE-2022-45438 | Dashboard metadata information leak                         | < 2.0.1 or < 1.5.2 |

docs/admin_docs_versioned_docs/version-6.1.0/security/securing_superset.mdx

@@ -0,0 +1,179 @@
+---
+title: Securing Your Superset Installation for Production
+sidebar_position: 3
+---
+
+> *This guide applies to Apache Superset version 4.0 and later and is an evolving set of best practices that administrators should adapt to their specific deployment architecture.*
+
+The default Apache Superset configuration is optimized for ease of use and development, not for security. For any production deployment, it is **critical** that you review and apply the following security configurations to harden your instance, protect user data, and prevent unauthorized access.
+
+This guide provides a comprehensive checklist of essential security configurations and best practices.
+
+### **Critical Prerequisites: HTTPS/TLS Configuration**
+
+Running Superset without HTTPS (TLS) is not secure. Without it, all network traffic—including user credentials, session tokens, and sensitive data—is sent in cleartext and can be easily intercepted.
+
+* **Use a Reverse Proxy:** Your Superset instance should always be deployed behind a reverse proxy (e.g., Nginx, Traefik) or a load balancer (e.g., AWS ALB, Google Cloud Load Balancer) that is configured to handle HTTPS termination.
+* **Enforce Modern TLS:** Configure your proxy to enforce TLS 1.2 or higher with strong, industry-standard cipher suites.
+* **Implement HSTS:** Use the HTTP Strict Transport Security (HSTS) header to ensure browsers only connect to your Superset instance over HTTPS. This can be configured in your reverse proxy or within Superset's Talisman settings.
+
+### **`SUPERSET_SECRET_KEY` Management (CRITICAL)**
+
+This is the most critical security setting for your Superset instance. It is used to sign all session cookies and encrypt sensitive information in the metadata database, such as database connection credentials.
+
+* **Generate a Unique, Strong Key:** A unique key must be generated for every Superset instance. Use a cryptographically secure method to create it.
+    ```bash
+    # Example using openssl to generate a strong key
+    openssl rand -base64 42
+    ```
+* **Store the Key Securely:** The key must be kept confidential. The recommended approach is to store it as an environment variable or in a secrets management system (e.g., AWS Secrets Manager, HashiCorp Vault). **Do not hardcode the key in `superset_config.py` or commit it to version control.**
+    ```python
+    # In superset_config.py
+    import os
+    SECRET_KEY = os.environ.get('SUPERSET_SECRET_KEY')
+    ```
+
+> #### ⚠️ Warning: Your `SUPERSET_SECRET_KEY` Must Be Unique
+>
+> **NEVER** reuse the same `SUPERSET_SECRET_KEY` across different environments (e.g., development, staging, production) or different Superset instances. Reusing a key allows cryptographically signed session cookies to be used across those instances, which can lead to a full authentication bypass if a cookie is compromised. Treat this key like a master password.
+
+### **Session Management Security (CRITICAL)**
+
+Properly configuring user sessions is essential to prevent session hijacking and ensure that sessions are terminated correctly.
+
+#### **Use a Server-Side Session Backend (Strongly Recommended for Production)**
+
+The default stateless cookie-based session handling presents challenges for immediate session invalidation upon logout. For all production deployments, we strongly recommend configuring an optional server-side session backend like Redis, Memcached, or a database. This ensures that session data is stored securely on the server and can be instantly destroyed upon logout, rendering any copied session cookies immediately useless.
+
+**Example `superset_config.py` for Redis:**
+
+```python
+# superset_config.py
+from redis import Redis
+import os
+
+# 1. Enable server-side sessions
+SESSION_SERVER_SIDE = True
+
+# 2. Choose your backend (e.g., 'redis', 'memcached', 'filesystem', 'sqlalchemy')
+SESSION_TYPE = 'redis'
+
+# 3. Configure your Redis connection
+# Use environment variables for sensitive details
+SESSION_REDIS = Redis(
+    host=os.environ.get('REDIS_HOST', 'localhost'),
+    port=int(os.environ.get('REDIS_PORT', 6379)),
+    password=os.environ.get('REDIS_PASSWORD'),
+    db=int(os.environ.get('REDIS_DB', 0)),
+    ssl=os.environ.get('REDIS_SSL_ENABLED', 'True').lower() == 'true',
+    ssl_cert_reqs='required' # Or another appropriate SSL setting
+)
+
+# 4. Ensure the session cookie is signed for integrity
+SESSION_USE_SIGNER = True
+```
+
+#### **Configure Session Lifetime and Cookie Security Flags**
+
+This is mandatory for *all* deployments, whether stateless or server-side.
+
+```python
+# superset_config.py
+from datetime import timedelta
+
+# Set a short absolute session timeout
+# The default is 31 days, which is NOT recommended for production.
+PERMANENT_SESSION_LIFETIME = timedelta(hours=8)
+
+# Enforce secure cookie flags to prevent browser-based attacks
+SESSION_COOKIE_SECURE = True      # Transmit cookie only over HTTPS
+SESSION_COOKIE_HTTPONLY = True    # Prevent client-side JS from accessing the cookie
+SESSION_COOKIE_SAMESITE = 'Lax'   # Provide protection against CSRF attacks
+```
+
+> ##### Note on iFrame Embedding and `SESSION_COOKIE_SAMESITE`
+>The recommended default setting `'Lax'` provides good CSRF protection for most use cases. However, if you need to embed Superset dashboards into other applications using an iFrame, you will need to change this setting to `'None'`.
+
+SESSION_COOKIE_SAMESITE = 'None'
+
+Setting SameSite to 'None' requires that SESSION_COOKIE_SECURE is also set to True. Be aware that this configuration disables some of the browser's built-in CSRF protections to allow for cross-domain functionality, so it should only be used when iFrame embedding is necessary.
+
+### **Authentication and Authorization**
+
+While Superset's built-in database authentication is convenient, for production it's highly recommended to integrate with an enterprise-grade identity provider (IdP).
+
+  * **Use an Enterprise IdP:** Configure authentication via OAuth or LDAP to leverage your organization's existing identity management system. This provides benefits like Single Sign-On (SSO), Multi-Factor Authentication (MFA), and centralized user provisioning/deprovisioning.
+  * **Principle of Least Privilege:** Assign users to the most restrictive roles necessary for their jobs. Avoid over-provisioning users with Admin or Alpha roles, and ensure row-level security is applied where appropriate.
+  * **Admin Accounts:** Delete or disable the default admin user after a new administrative account has been configured.
+
+### **Content Security Policy (CSP) and Other Headers**
+
+Superset can use Flask-Talisman to set security headers. However, it must be explicitly enabled.
+
+> #### ⚠️ Important: Talisman is Disabled by Default
+>
+> In Superset 4.0 and later, Talisman is disabled by default (`TALISMAN_ENABLED = False`). You **must** explicitly enable it in your `superset_config.py` for the security headers defined in `TALISMAN_CONFIG` to take effect.
+
+Here's the documentation section how how to set up Talisman: https://superset.apache.org/admin-docs/security/#content-security-policy-csp
+
+### **Database Security**
+
+> #### ❗ Superset is Not a Database Firewall
+>
+> It is essential to understand that **Apache Superset is a data visualization and exploration platform, not a database firewall or a comprehensive security solution for your data warehouse.** While Superset provides features to help manage data access, the ultimate responsibility for securing your underlying databases lies with your database administrators (DBAs) and security teams. This includes managing network access, user privileges, and fine-grained permissions directly within the database. The configurations below are an important secondary layer of security but should not be your only line of defense.
+
+  * **Use a Dedicated Database User:** The database connection configured in Superset should use a dedicated, limited-privilege database user. This user should only have the minimum required permissions (e.g., `SELECT` on specific schemas) for the data sources it needs to query. It should **not** have `INSERT`, `UPDATE`, `DELETE`, or administrative privileges.
+  * **Restrict Dangerous SQL Functions:** To mitigate potential SQL injection risks, configure the `DISALLOWED_SQL_FUNCTIONS` list in your `superset_config.py`. Be aware that this is a defense-in-depth measure, not a substitute for proper database permissions.
+
+### **Additional Security Layers**
+
+  * **Web Application Firewall (WAF):** Deploying Superset behind a WAF (e.g., Cloudflare, AWS WAF) is strongly recommended. A WAF with a standard ruleset (like the OWASP Core Rule Set) provides a critical layer of defense against common attacks like SQL Injection, XSS, and remote code execution.
+
+### **Monitoring and Logging**
+
+  * **Configure Structured Logging:** Set up a robust logging configuration to capture important security events.
+  * **Centralize Logs:** Ship logs from all Superset components (frontend, worker, etc.) to a centralized SIEM (Security Information and Event Management) system for analysis and alerting.
+  * **Monitor Key Events:** Create alerts for suspicious activities, including:
+      * Multiple failed login attempts for a single user or from a single IP address.
+      * Changes to user roles or permissions.
+      * Creation or deletion of high-privilege users.
+      * Attempts to use disallowed SQL functions.
+
+-----
+
+### **Appendix A: Production Deployment Checklist**
+
+#### **Initial Setup:**
+
+  - [ ] HTTPS/TLS is configured and enforced via a reverse proxy.
+  - [ ] A unique, strong `SUPERSET_SECRET_KEY` is generated and secured in an environment variable or secrets vault.
+  - [ ] Server-side session management is configured (e.g., Redis).
+  - [ ] `PERMANENT_SESSION_LIFETIME` is set to a short duration (e.g., 8 hours).
+  - [ ] All session cookie security flags (`Secure`, `HttpOnly`, `SameSite`) are enabled.
+  - [ ] `DEBUG` mode is set to `False`.
+  - [ ] Talisman is explicitly enabled and configured with a strict Content Security Policy.
+  - [ ] Database connections use dedicated, limited-privilege accounts.
+  - [ ] Authentication is integrated with an enterprise identity provider (OAuth/LDAP).
+  - [ ] A Web Application Firewall (WAF) is deployed in front of Superset.
+  - [ ] Logging is configured and logs are shipped to a central monitoring system.
+
+#### **Ongoing Maintenance:**
+
+  - [ ] Regularly update to the latest major or minor versions of Superset. Those versions receive up-to-date security patches.
+  - [ ] Rotate the `SUPERSET_SECRET_KEY` periodically (e.g., quarterly) and after any potential security incident.
+  - [ ] Conduct quarterly access reviews for all users.
+  - [ ] Assuming logging and monitoring is in place, review security monitoring alerts weekly.
+
+### **Appendix B: `SECRET_KEY` Rotation and Compromise Response**
+
+**Why and When to Rotate the `SECRET_KEY`**
+Rotating the `SUPERSET_SECRET_KEY` is a critical security procedure. It is mandatory after a known or suspected compromise and is a best practice when an employee with access to the key departs. While periodic rotation can limit the window of exposure for an unknown leak, it is a high-impact operation that will invalidate all user sessions and requires careful execution to avoid breaking your instance. The principles behind managing this key align with general best practices for cryptographic storage, which are further detailed in the OWASP Cryptographic Storage Cheat Sheet here: https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html
+
+**Procedure for Rotating the Key**
+The procedure for safely rotating the SECRET_KEY must be followed precisely to avoid locking yourself out of your instance. The official Apache Superset documentation maintains the correct, up-to-date procedure. Please follow the official guide here:
+https://superset.apache.org/admin-docs/configuration/configuring-superset/#rotating-to-a-newer-secret_key
+
+:::resources
+- [Blog: Running Apache Superset on the Open Internet](https://preset.io/blog/running-apache-superset-on-the-open-internet-a-report-from-the-fireline/)
+- [Blog: How Security Vulnerabilities are Reported & Handled in Apache Superset](https://preset.io/blog/how-security-vulnerabilities-are-reported-and-handled-in-apache-superset/)
+:::

docs/admin_docs_versioned_docs/version-6.1.0/security/security.mdx

@@ -0,0 +1,639 @@
+---
+title: Security Configurations
+sidebar_position: 1
+---
+
+Authentication and authorization in Superset is handled by Flask AppBuilder (FAB), an application development framework
+built on top of Flask. FAB provides authentication, user management, permissions and roles.
+Please read its [Security documentation](https://flask-appbuilder.readthedocs.io/en/latest/security.html).
+
+### Provided Roles
+
+Superset ships with a set of roles that are handled by Superset itself. You can assume
+that these roles will stay up-to-date as Superset evolves (and as you update Superset versions).
+
+Even though **Admin** users have the ability, we don't recommend altering the
+permissions associated with each role (e.g. by removing or adding permissions to them). The permissions
+associated with each role will be re-synchronized to their original values when you run
+the **superset init** command (often done between Superset versions).
+
+A table with the permissions for these roles can be found at [/RESOURCES/STANDARD_ROLES.md](https://github.com/apache/superset/blob/master/RESOURCES/STANDARD_ROLES.md).
+
+### Admin
+
+Admins have all possible rights, including granting or revoking rights from other
+users and altering other people’s slices and dashboards.
+
+>#### Threat Model and Privilege Boundaries: The Admin Role
+>
+>Apache Superset is built with a granular permission model where users assigned the Admin role are considered fully trusted. Admins possess complete control over the application's configuration, UI rendering, and access controls.
+>
+>Consequently, actions performed by an Admin that alter the application's behavior or presentation—such as injecting custom CSS, modifying Jinja templates, or altering security flags—are intended administrative capabilities by design.
+>
+>In accordance with MITRE CNA Rule 4.1, a vulnerability must represent a violation of an explicit security policy. Because the Admin role is defined as a trusted operational boundary, actions executed with Admin privileges do not cross a security perimeter. Therefore, exploit vectors that strictly require Admin access are not classified as security vulnerabilities and are ineligible for CVE assignment.
+
+### Alpha
+
+Alpha users have access to all data sources, but they cannot grant or revoke access
+from other users. They are also limited to altering the objects that they own. Alpha users can add and alter data sources.
+
+### Gamma
+
+Gamma users have limited access. They can only consume data coming from data sources
+they have been given access to through another complementary role. They only have access to
+view the slices and dashboards made from data sources that they have access to. Currently Gamma
+users are not able to alter or add data sources. We assume that they are mostly content consumers, though they can create slices and dashboards.
+
+Also note that when Gamma users look at the dashboards and slices list view, they will
+only see the objects that they have access to.
+
+### sql_lab
+
+The **sql_lab** role grants access to SQL Lab. Note that while **Admin** users have access
+to all databases by default, both **Alpha** and **Gamma** users need to be given access on a per database basis.
+
+Beyond the base `sql_lab` role, two additional SQL Lab permissions must be explicitly granted for users who need these capabilities:
+
+| Permission | Feature |
+|------------|---------|
+| `can_estimate_query_cost` on `SQLLab` | Estimate query cost before running |
+| `can_format_sql` on `SQLLab` | Format SQL using the database's dialect |
+
+Grant these in **Security → List Roles** by adding the permissions to the relevant role.
+
+### Public
+
+The **Public** role is the most restrictive built-in role, designed specifically for anonymous/unauthenticated
+users who need to view dashboards. It provides minimal read-only access for:
+
+- Viewing dashboards and charts
+- Using interactive dashboard filters
+- Accessing dashboard and chart permalinks
+- Reading embedded dashboards
+- Viewing annotations on charts
+
+The Public role explicitly excludes:
+- Any write permissions on dashboards, charts, or datasets
+- SQL Lab access
+- Share functionality
+- User profile or admin features
+- Menu access to most Superset features
+
+Anonymous users are automatically assigned the Public role when `AUTH_ROLE_PUBLIC` is configured
+(a Flask-AppBuilder setting). The `PUBLIC_ROLE_LIKE` setting is **optional** and controls what
+permissions are synced to the Public role when you run `superset init`:
+
+```python
+# Optional: Sync sensible default permissions to the Public role
+PUBLIC_ROLE_LIKE = "Public"
+
+# Alternative: Copy permissions from Gamma for broader access
+# PUBLIC_ROLE_LIKE = "Gamma"
+```
+
+If you prefer to manually configure the Public role's permissions (or use `DASHBOARD_RBAC` to
+grant access at the dashboard level), you do not need to set `PUBLIC_ROLE_LIKE`.
+
+**Important notes:**
+
+- **Data access is still required:** The Public role only grants UI/API permissions. You must
+  also grant access to specific datasets necessary to view a dashboard. As with other roles,
+  this can be done in two ways:
+
+  - **Without `DASHBOARD_RBAC`:** Dashboards only appear in the list and are accessible if
+    the user has permission to at least one of their datasets. Grant dataset access by editing
+    the Public role in the Superset UI (Menu → Security → List Roles → Public) and adding the
+    relevant data sources. All published dashboards using those datasets become visible.
+
+  - **With `DASHBOARD_RBAC` enabled:** Anonymous users will only see dashboards where the
+    "Public" role has been explicitly added in the dashboard's properties. Dataset permissions
+    are not required—DASHBOARD_RBAC handles the cascading permissions check. This provides
+    fine-grained control over which dashboards are publicly visible.
+
+- **Role synchronization:** Built-in role permissions (Admin, Alpha, Gamma, sql_lab, and Public
+  when `PUBLIC_ROLE_LIKE = "Public"`) are synchronized when you run `superset init`. Any manual
+  permission edits to these roles may be overwritten during upgrades. To customize the Public
+  role permissions, you can either:
+  - Edit the Public role directly and avoid setting `PUBLIC_ROLE_LIKE` (permissions won't be
+    overwritten by `superset init`)
+  - Copy the Public role via "Copy Role" in the Superset web UI, save it under a different name
+    (e.g., "Public_Custom"), customize the permissions, then update **both** configs:
+    `PUBLIC_ROLE_LIKE = "Public_Custom"` and `AUTH_ROLE_PUBLIC = "Public_Custom"`
+
+### Managing Data Source Access for Gamma Roles
+
+Here’s how to provide users access to only specific datasets. First make sure the users with
+limited access have [only] the Gamma role assigned to them. Second, create a new role (Menu -> Security -> List Roles) and click the + sign.
+
+This new window allows you to give this new role a name, attribute it to users and select the
+tables in the **Permissions** dropdown. To select the data sources you want to associate with this role, simply click on the dropdown and use the typeahead to search for your table names.
+
+You can then confirm with users assigned to the **Gamma** role that they see the
+objects (dashboards and slices) associated with the tables you just extended them.
+
+### Dashboard Access Control
+
+Access to dashboards is managed via owners (users that have edit permissions to the dashboard).
+Non-owner user access can be managed in two ways. Note that dashboards must be published to be
+visible to other users.
+
+#### Dataset-Based Access (Default)
+
+By default, users can view published dashboards if they have access to at least one dataset
+used in that dashboard. Grant dataset access by adding the relevant data source permissions
+to a role (Menu → Security → List Roles).
+
+This is the simplest approach but provides all-or-nothing access based on dataset permissions—
+if a user has access to a dataset, they can see all published dashboards using that dataset.
+
+#### Dashboard-Level Access (DASHBOARD_RBAC)
+
+For fine-grained control over which dashboards specific roles can access, enable the
+`DASHBOARD_RBAC` feature flag:
+
+```python
+FEATURE_FLAGS = {
+    "DASHBOARD_RBAC": True,
+}
+```
+
+With this enabled, you can assign specific roles to each dashboard in its properties. Users
+will only see dashboards where their role is explicitly added.
+
+**Important considerations:**
+- Dashboard access **bypasses** dataset-level checks—granting a role access to a dashboard
+  implicitly grants read access to all charts and datasets in that dashboard
+- Dashboards without any assigned roles fall back to dataset-based access
+- The dashboard must still be published to be visible
+
+This feature is particularly useful for:
+- Making specific dashboards public while keeping others private
+- Granting access to dashboards without exposing the underlying datasets for other uses
+- Creating dashboard-specific access patterns that don't align with dataset ownership
+
+### SQL Execution Security Considerations
+
+Apache Superset includes features designed to provide safeguards when interacting with connected databases, such as the `DISALLOWED_SQL_FUNCTIONS` configuration setting. This aims to prevent the execution of potentially harmful database functions or system variables directly from Superset interfaces like SQL Lab.
+
+However, it is crucial to understand the following:
+
+**Superset is Not a Database Firewall**: Superset's built-in checks, like `DISALLOWED_SQL_FUNCTIONS`, provide a layer of protection but cannot guarantee complete security against all database-level threats or advanced bypass techniques (like specific comment injection methods). They should be viewed as a supplement to, not a replacement for, robust database security.
+
+**Configuration is Key**: The effectiveness of Superset's safeguards heavily depends on proper configuration by the Superset administrator. This includes maintaining the `DISALLOWED_SQL_FUNCTIONS` list, carefully managing feature flags (like `ENABLE_TEMPLATE_PROCESSING`), and configuring other security settings appropriately.
+
+**Database Security is Paramount**: The ultimate responsibility for securing database access, controlling permissions, and preventing unauthorized function execution lies with the database administrators (DBAs) and security teams managing the underlying database instance.
+
+**Recommended Database Practices**: We strongly recommend implementing security best practices at the database level, including:
+* **Least Privilege**: Connecting Superset using dedicated database user accounts with the minimum permissions required for Superset's operation (typically read-only access to necessary schemas/tables).
+* **Database Roles & Permissions**: Utilizing database-native roles and permissions to restrict access to sensitive functions, system variables (like `@@hostname`), schemas, or tables.
+* **Network Security**: Employing network-level controls like database firewalls or proxies to restrict connections.
+* **Auditing**: Enabling database-level auditing to monitor executed queries and access patterns.
+
+By combining Superset's configurable safeguards with strong database-level security practices, you can achieve a more robust and layered security posture.
+
+**Dataset Sample Access**: The `get_samples()` endpoint now enforces datasource-level access control. Users can only fetch sample rows from datasets they have been explicitly granted access to — the same permission check applied when running chart queries. This closes a prior gap where unauthenticated or under-privileged access could retrieve sample data.
+
+### REST API for user & role management
+
+Flask-AppBuilder supports a REST API for user CRUD,
+but this feature is in beta and is not enabled by default in Superset.
+To enable this feature, set the following in your Superset configuration:
+
+```python
+FAB_ADD_SECURITY_API = True
+```
+
+Once configured, the documentation for additional "Security" endpoints will be visible in Swagger for you to explore.
+
+### API Key Authentication
+
+Superset supports long-lived API keys for service accounts, CI/CD pipelines, and programmatic integrations (including MCP clients).
+
+#### Enabling API Key Authentication
+
+API key authentication is **disabled by default**. To turn it on, set the Flask-AppBuilder config value in `superset_config.py` and also enable the matching feature flag so the management UI is exposed:
+
+```python
+FAB_API_KEY_ENABLED = True
+
+FEATURE_FLAGS = {
+    "FAB_API_KEY_ENABLED": True,
+}
+```
+
+The config value registers the `ApiKeyApi` blueprint on the backend; the feature flag controls whether the UI for managing keys appears for the user. See the [Feature Flags](/admin-docs/configuration/feature-flags) documentation for more on feature flag configuration.
+
+#### Creating an API Key
+
+Once enabled, each user manages their own keys from their profile page:
+
+1. Open the user menu (top-right) and click **Info** to navigate to the User Info page
+2. Expand the **API Keys** section
+3. Click **+ API Key**
+4. Enter a name and (optionally) an expiration date
+5. Copy the generated token — it is shown only once
+
+Only users with the `can_read` and `can_write` permissions on `ApiKey` (granted by default to Admins) can manage API keys.
+
+#### Using an API Key
+
+Pass the key as a Bearer token in the `Authorization` header:
+
+```
+Authorization: Bearer <your-api-key>
+```
+
+This works for all REST API endpoints and the MCP server. The request is executed with the permissions of the user who created the key.
+
+#### Use Cases
+
+- **CI/CD pipelines** — automated chart/dashboard exports and imports
+- **MCP integrations** — connect AI assistants without interactive login
+- **External services** — dashboards embedded in other applications
+- **Service accounts** — long-lived credentials that don't expire with session cookies
+
+:::caution
+Store API keys securely. Anyone with a valid key can make requests on behalf of the creating user. Revoke keys promptly if they are compromised by deleting them from the **API Keys** section of your User Info page.
+:::
+
+### Customizing Permissions
+
+The permissions exposed by FAB are very granular and allow for a great level of
+customization. FAB creates many permissions automatically for each model that is
+created (can_add, can_delete, can_show, can_edit, …) as well as for each view.
+On top of that, Superset can expose more granular permissions like **all_datasource_access**.
+
+**We do not recommend altering the 3 base roles as there are a set of assumptions that
+Superset is built upon**. It is possible though for you to create your own roles, and union them to existing ones.
+
+### Permissions
+
+Roles are composed of a set of permissions, and Superset has many categories of
+permissions. Here are the different categories of permissions:
+
+- Model & Action: models are entities like Dashboard, Slice, or User. Each model has
+  a fixed set of permissions, like **can_edit**, **can_show**, **can_delete**, **can_list**, **can_add**,
+  and so on. For example, you can allow a user to delete dashboards by adding **can_delete** on
+  Dashboard entity to a role and granting this user that role.
+- Views: views are individual web pages, like the Explore view or the SQL Lab view.
+  When granted to a user, they will see that view in its menu items, and be able to load that page.
+- Data source: For each data source, a permission is created. If the user does not have the
+  `all_datasource_access permission` granted, the user will only be able to see Slices or explore the data sources that are granted to them
+- Database: Granting access to a database allows for the user to access all
+  data sources within that database, and will enable the user to query that
+  database in SQL Lab, provided that the SQL Lab specific permission have been granted to the user
+
+### Restricting Access to a Subset of Data Sources
+
+We recommend giving a user the **Gamma** role plus any other roles that would add
+access to specific data sources. We recommend that you create individual roles for
+each access profile. For example, the users on the Finance team might have access to a set of
+databases and data sources; these permissions can be consolidated in a single role.
+Users with this profile then need to be assigned the **Gamma** role as a foundation to
+the models and views they can access, and that Finance role that is a collection of permissions to data objects.
+
+A user can have multiple roles associated with them. For example, an executive on the Finance
+team could be granted **Gamma**, **Finance**, and the **Executive** roles. The **Executive**
+role could provide access to a set of data sources and dashboards made available only to executives.
+In the **Dashboards** view, a user can only see the ones they have access to
+based on the roles and permissions that were attributed.
+
+### Row Level Security
+
+Using Row Level Security filters (under the **Security** menu) you can create filters
+that are assigned to a particular dataset, as well as a set of roles.
+If you want members of the Finance team to only have access to
+rows where `department = "finance"`, you could:
+
+- Create a Row Level Security filter with that clause (`department = "finance"`)
+- Then assign the clause to the **Finance** role and the dataset it applies to
+
+The **clause** field, which can contain arbitrary text, is then added to the generated
+SQL statement's WHERE clause. So you could even do something like create a filter
+for the last 30 days and apply it to a specific role, with a clause
+like `date_field > DATE_SUB(NOW(), INTERVAL 30 DAY)`. It can also support
+multiple conditions: `client_id = 6` AND `advertiser="foo"`, etc.
+
+RLS clauses also support **Jinja templating** when `ENABLE_TEMPLATE_PROCESSING` is enabled, so you can write dynamic filters such as
+`user_id = '{{ current_username() }}'` to restrict rows based on the logged-in user.
+
+#### Filter Types
+
+There are two types of RLS filters:
+
+- **Regular** — The filter clause is applied when the querying user belongs to one of the
+  roles assigned to the filter. Use this to restrict what specific roles can see.
+- **Base** — The filter clause is applied to **all** users _except_ those in the assigned
+  roles. Use this to define a default restriction that privileged roles (e.g. Admin) are
+  exempt from. For example, a Base filter with clause `1 = 0` and the Admin role would
+  hide all rows from everyone except Admin — useful as a deny-by-default baseline.
+
+#### Group Keys and Filter Combination
+
+All applicable RLS filters are combined before being added to the query. The combination
+rules are:
+
+- Filters that share the **same group key** are combined with **OR** (any match within
+  the group is sufficient).
+- Different filter groups (different group keys, or no group key) are combined with
+  **AND** (all groups must match).
+- Filters with **no group key** are each treated as their own group and are always AND'd.
+
+For example, if a dataset has three filters:
+
+| Filter | Clause | Group Key |
+|--------|--------|-----------|
+| F1 | `department = 'Finance'` | `department` |
+| F2 | `department = 'Marketing'` | `department` |
+| F3 | `region = 'Europe'` | `region` |
+
+The resulting WHERE clause would be:
+
+```sql
+(department = 'Finance' OR department = 'Marketing') AND (region = 'Europe')
+```
+
+:::caution Conflicting filters
+It is possible to create filters that conflict and produce an empty result set. For
+example, the filters `client_id = 4` and `client_id = 5` **without a shared group key**
+will be AND'd together, producing `client_id = 4 AND client_id = 5`, which can never
+be true.
+
+If you intend for these to be alternatives, assign them the **same group key** so they
+are OR'd instead.
+:::
+
+#### RLS and Virtual (SQL-Based) Datasets
+
+RLS filters are assigned to **datasets**, not to underlying database tables directly. This
+has important implications when working with virtual (SQL-based) datasets:
+
+- **Physical datasets** (backed directly by a table or view) — RLS filters assigned to
+  the dataset are added as WHERE clauses to the query.
+- **Virtual datasets** (defined by a custom SQL query) — RLS filters assigned directly to
+  the virtual dataset are applied to the _outer_ query that wraps the dataset's SQL.
+  Additionally, RLS filters on the **underlying physical datasets** referenced by the
+  virtual dataset's SQL are injected into the inner subquery for each referenced table.
+
+For example, if you have:
+
+1. A physical dataset `orders` with RLS filter `region = 'US'`
+2. A virtual dataset defined as `SELECT * FROM orders WHERE status = 'active'`
+
+A user affected by the RLS filter will effectively see:
+
+```sql
+SELECT * FROM (
+  SELECT * FROM orders WHERE (region = 'US') AND status = 'active'
+) ...
+```
+
+**Key considerations for virtual datasets:**
+
+- You generally do **not** need to duplicate RLS filters on both the physical and virtual
+  dataset — filters on the physical dataset are applied automatically at query time.
+- If you assign an RLS filter directly to a virtual dataset, the clause must reference
+  columns available in the virtual dataset's _output_, not necessarily the underlying
+  table's columns.
+- In **SQL Lab**, RLS is enforced only when the `RLS_IN_SQLLAB` feature flag is enabled:
+  queries run against tables that have associated datasets with RLS filters will then have
+  the appropriate predicates injected automatically.
+
+#### Checking RLS Filters via the API
+
+You can use the RLS REST API to audit which filters are configured and which datasets
+they affect. This requires the `can_read` permission on the `Row Level Security` resource.
+
+**List all RLS rules:**
+
+```
+GET /api/v1/rowlevelsecurity/
+```
+
+**Filter RLS rules for a specific dataset** (using [Rison](https://github.com/Nanonid/rison) query syntax):
+
+```
+GET /api/v1/rowlevelsecurity/?q=(filters:!((col:tables,opr:rel_m_m,value:<dataset_id>)))
+```
+
+**Filter RLS rules by role:**
+
+```
+GET /api/v1/rowlevelsecurity/?q=(filters:!((col:roles,opr:rel_m_m,value:<role_id>)))
+```
+
+**View details of a specific rule** (including clause, assigned datasets, and roles):
+
+```
+GET /api/v1/rowlevelsecurity/<id>
+```
+
+The response includes the filter's `name`, `filter_type` (Regular or Base), `clause`,
+`group_key`, assigned `tables` (with id, schema, and table\_name), and assigned `roles`
+(with id and name).
+
+:::tip Auditing RLS for virtual datasets
+To find all RLS rules that could affect a particular virtual dataset, query the list
+endpoint filtered by that dataset's ID for any directly-assigned rules. Then also check
+the physical datasets referenced in the virtual dataset's SQL, since their RLS filters
+are applied at query time too.
+:::
+
+### User Sessions
+
+Superset uses [Flask](https://pypi.org/project/Flask/)
+and [Flask-Login](https://pypi.org/project/Flask-Login/) for user session management.
+
+Session cookies are used to maintain session info and user state between requests,
+although they do not contain personal user information they serve the purpose of identifying
+a user session on the server side.
+The session cookie is encrypted with the application `SECRET_KEY` and cannot be read by the client.
+So it's very important to keep the `SECRET_KEY` secret and set to a secure unique complex random value.
+
+Flask and Flask-Login offer a number of configuration options to control session behavior.
+
+- Relevant Flask settings:
+
+`SESSION_COOKIE_HTTPONLY`: (default: `False`): Controls if cookies should be set with the `HttpOnly` flag.
+
+`SESSION_COOKIE_SECURE`: (default: `False`) Browsers will only send cookies with requests over
+HTTPS if the cookie is marked “secure”. The application must be served over HTTPS for this to make sense.
+
+`SESSION_COOKIE_SAMESITE`: (default: "Lax") Prevents the browser from sending this cookie along with cross-site requests.
+
+`PERMANENT_SESSION_LIFETIME`: (default: "31 days") The lifetime of a permanent session as a `datetime.timedelta` object.
+
+#### Switching to server side sessions
+
+Server side sessions offer benefits over client side sessions on security and performance.
+By enabling server side sessions, the session data is stored server side and only a session ID
+is sent to the client. When a user logs in, a session is created server side and the session ID
+is sent to the client in a cookie. The client will send the session ID with each request and the
+server will use it to retrieve the session data.
+On logout, the session is destroyed server side and the session cookie is deleted on the client side.
+This reduces the risk for replay attacks and session hijacking.
+
+Superset uses [Flask-Session](https://flask-session.readthedocs.io/en/latest/) to manage server side sessions.
+To enable this extension you have to set:
+
+``` python
+SESSION_SERVER_SIDE = True
+```
+
+Flask-Session offers multiple backend session interfaces for Flask, here's an example for Redis:
+
+``` python
+from redis import Redis
+
+SESSION_TYPE = "redis"
+SESSION_REDIS = Redis(host="redis", port=6379, db=0)
+# sign the session cookie sid
+SESSION_USE_SIGNER = True
+```
+
+### Content Security Policy (CSP)
+
+Superset uses the [Talisman](https://pypi.org/project/flask-talisman/) extension to enable implementation of a
+[Content Security Policy (CSP)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP), an added
+layer of security that helps to detect and mitigate certain types of attacks, including
+Cross-Site Scripting (XSS) and data injection attacks.
+
+A CSP makes it possible for server administrators to reduce or eliminate the vectors by which XSS can
+occur by specifying the domains that the browser should consider to be valid sources of executable scripts.
+A CSP-compatible browser will then only execute scripts loaded in source files received from those allowed domains,
+ignoring all other scripts (including inline scripts and event-handling HTML attributes).
+
+A policy is described using a series of policy directives, each of which describes the policy for
+a certain resource type or policy area. You can check possible directives
+[here](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy).
+
+It's extremely important to correctly configure a Content Security Policy when deploying Superset to
+prevent many types of attacks. Superset provides two variables in `config.py` for deploying a CSP:
+
+- `TALISMAN_ENABLED` defaults to `True`; set this to `False` in order to disable CSP
+- `TALISMAN_CONFIG` holds the actual the policy definition (*see example below*) as well as any
+other arguments to be passed to Talisman.
+
+When running in production mode, Superset will check at startup for the presence
+of a CSP. If one is not found, it will issue a warning with the security risks. For environments
+where CSP policies are defined outside of Superset using other software, administrators can disable
+this warning using the `CONTENT_SECURITY_POLICY_WARNING` key in `config.py`.
+
+#### CSP Requirements
+
+- Superset needs the `style-src unsafe-inline` CSP directive in order to operate.
+
+  ```
+  style-src 'self' 'unsafe-inline'
+  ```
+
+- Only scripts marked with a [nonce](https://content-security-policy.com/nonce/) can be loaded and executed.
+Nonce is a random string automatically generated by Talisman on each page load.
+You can get current nonce value by calling jinja macro `csp_nonce()`.
+
+  ```html
+  <script nonce="{{ csp_nonce() }}">
+  /* my script */
+  </script>
+  ```
+
+- Some dashboards load images using data URIs and require `data:` in their `img-src`
+
+  ```
+  img-src 'self' data:
+  ```
+
+- MapBox charts use workers and need to connect to MapBox servers in addition to the Superset origin
+
+  ```
+  worker-src 'self' blob:
+  connect-src 'self' https://api.mapbox.com https://events.mapbox.com
+  ```
+
+- Cartodiagram charts request map data (image and json) from external resources that can be edited by users,
+and therefore either require a list of allowed domains to request from or a wildcard (`'*'`) for `img-src` and `connect-src`.
+
+- Other CSP directives default to `'self'` to limit content to the same origin as the Superset server.
+
+In order to adjust provided CSP configuration to your needs, follow the instructions and examples provided in
+[Content Security Policy Reference](https://content-security-policy.com/)
+
+#### Other Talisman security considerations
+
+Setting `TALISMAN_ENABLED = True` will invoke Talisman's protection with its default arguments,
+of which `content_security_policy` is only one. Those can be found in the
+[Talisman documentation](https://pypi.org/project/flask-talisman/) under *Options*.
+These generally improve security, but administrators should be aware of their existence.
+
+In particular, the option of `force_https = True` (`False` by default) may break Superset's Alerts & Reports
+if workers are configured to access charts via a `WEBDRIVER_BASEURL` beginning
+with `http://`.  As long as a Superset deployment enforces https upstream, e.g.,
+through a load balancer or application gateway, it should be acceptable to keep this
+option disabled. Otherwise, you may want to enable `force_https` like this:
+
+```python
+TALISMAN_CONFIG = {
+    "force_https": True,
+    "content_security_policy": { ...
+```
+
+#### Configuring Talisman in Superset
+
+Talisman settings in Superset can be modified using superset_config.py. If you need to adjust security policies, you can override the default configuration.
+
+Example: Overriding Talisman Configuration in superset_config.py for loading images form s3 or other external sources.
+
+```python
+TALISMAN_CONFIG = {
+    "content_security_policy": {
+        "base-uri": ["'self'"],
+        "default-src": ["'self'"],
+        "img-src": [
+            "'self'",
+            "blob:",
+            "data:",
+            "https://apachesuperset.gateway.scarf.sh",
+            "https://static.scarf.sh/",
+            # "https://cdn.brandfolder.io", # Uncomment when SLACK_ENABLE_AVATARS is True  # noqa: E501
+            "ows.terrestris.de",
+            "aws.s3.com", # Add Your Bucket or external data source
+        ],
+        "worker-src": ["'self'", "blob:"],
+        "connect-src": [
+            "'self'",
+            "https://api.mapbox.com",
+            "https://events.mapbox.com",
+        ],
+        "object-src": "'none'",
+        "style-src": [
+            "'self'",
+            "'unsafe-inline'",
+        ],
+        "script-src": ["'self'", "'strict-dynamic'"],
+    },
+    "content_security_policy_nonce_in": ["script-src"],
+    "force_https": False,
+    "session_cookie_secure": False,
+}
+```
+
+For more information on setting up Talisman, please refer to
+https://superset.apache.org/admin-docs/configuration/networking-settings/#changing-flask-talisman-csp.
+
+### Reporting Security Vulnerabilities
+
+Apache Software Foundation takes a rigorous standpoint in annihilating the security issues in its
+software projects. Apache Superset is highly sensitive and forthcoming to issues pertaining to its
+features and functionality.
+
+If you have apprehensions regarding Superset security or you discover vulnerability or potential
+threat, don’t hesitate to get in touch with the Apache Security Team by dropping a mail at
+security@apache.org. In the mail, specify the project name Superset with the description of the
+issue or potential threat. You are also urged to recommend the way to reproduce and replicate the
+issue. The security team and the Superset community will get back to you after assessing and
+analysing the findings.
+
+PLEASE PAY ATTENTION to report the security issue on the security email before disclosing it on
+public domain. The ASF Security Team maintains a page with the description of how vulnerabilities
+and potential threats are handled, check [their web page](https://apache.org/security/committers.html)
+for more details.

docs/admin_docs_versioned_sidebars/version-6.1.0-sidebars.json

@@ -0,0 +1,48 @@
+{
+  "AdminDocsSidebar": [
+    {
+      "type": "doc",
+      "label": "Overview",
+      "id": "index"
+    },
+    {
+      "type": "category",
+      "label": "Installation",
+      "collapsed": false,
+      "items": [
+        {
+          "type": "autogenerated",
+          "dirName": "installation"
+        }
+      ]
+    },
+    {
+      "type": "category",
+      "label": "Configuration",
+      "collapsed": true,
+      "items": [
+        {
+          "type": "autogenerated",
+          "dirName": "configuration"
+        }
+      ]
+    },
+    {
+      "type": "link",
+      "label": "Database Drivers",
+      "href": "/user-docs/databases/",
+      "description": "See User Docs for database connection guides"
+    },
+    {
+      "type": "category",
+      "label": "Security",
+      "collapsed": true,
+      "items": [
+        {
+          "type": "autogenerated",
+          "dirName": "security"
+        }
+      ]
+    }
+  ]
+}

docs/admin_docs_versions.json

@@ -0,0 +1,3 @@
+[
+  "6.1.0"
+]

docs/components_versioned_docs/version-6.1.0/chart-components/bar-chart.md

@@ -0,0 +1,105 @@
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+---
+title: Bar Chart
+sidebar_position: 1
+---
+
+# Bar Chart Component
+
+The Bar Chart component is used to visualize categorical data with rectangular bars.
+
+## Props
+
+| Prop | Type | Default | Description |
+|------|------|---------|-------------|
+| `data` | `array` | `[]` | Array of data objects to visualize |
+| `width` | `number` | `800` | Width of the chart in pixels |
+| `height` | `number` | `600` | Height of the chart in pixels |
+| `xField` | `string` | - | Field name for x-axis values |
+| `yField` | `string` | - | Field name for y-axis values |
+| `colorField` | `string` | - | Field name for color encoding |
+| `colorScheme` | `string` | `'supersetColors'` | Color scheme to use |
+| `showLegend` | `boolean` | `true` | Whether to show the legend |
+| `showGrid` | `boolean` | `true` | Whether to show grid lines |
+| `labelPosition` | `string` | `'top'` | Position of bar labels: 'top', 'middle', 'bottom' |
+
+## Examples
+
+### Basic Bar Chart
+
+```jsx
+import { BarChart } from '@superset-ui/chart-components';
+
+const data = [
+  { category: 'A', value: 10 },
+  { category: 'B', value: 20 },
+  { category: 'C', value: 15 },
+  { category: 'D', value: 25 },
+];
+
+function Example() {
+  return (
+    <BarChart
+      data={data}
+      width={800}
+      height={400}
+      xField="category"
+      yField="value"
+      colorScheme="supersetColors"
+    />
+  );
+}
+```
+
+### Grouped Bar Chart
+
+```jsx
+import { BarChart } from '@superset-ui/chart-components';
+
+const data = [
+  { category: 'A', group: 'Group 1', value: 10 },
+  { category: 'A', group: 'Group 2', value: 15 },
+  { category: 'B', group: 'Group 1', value: 20 },
+  { category: 'B', group: 'Group 2', value: 25 },
+  { category: 'C', group: 'Group 1', value: 15 },
+  { category: 'C', group: 'Group 2', value: 10 },
+];
+
+function Example() {
+  return (
+    <BarChart
+      data={data}
+      width={800}
+      height={400}
+      xField="category"
+      yField="value"
+      colorField="group"
+      colorScheme="supersetColors"
+    />
+  );
+}
+```
+
+## Best Practices
+
+- Use bar charts when comparing quantities across categories
+- Sort bars by value for better readability, unless there's a natural order to the categories
+- Use consistent colors for the same categories across different charts
+- Consider using horizontal bar charts when category labels are long

docs/components_versioned_docs/version-6.1.0/index.md

@@ -0,0 +1,59 @@
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+---
+title: Component Library
+sidebar_position: 1
+---
+
+# Superset Component Library
+
+Welcome to the Apache Superset Component Library documentation. This section provides comprehensive documentation for all the UI components, chart components, and layout components used in Superset.
+
+## What is the Component Library?
+
+The Component Library is a collection of reusable UI components that are used to build the Superset user interface. These components are designed to be consistent, accessible, and easy to use.
+
+## Component Categories
+
+The Component Library is organized into the following categories:
+
+### UI Components
+
+Basic UI components like buttons, inputs, dropdowns, and other form elements.
+
+### Chart Components
+
+Visualization components used to render different types of charts and graphs.
+
+### Layout Components
+
+Components used for page layout, such as containers, grids, and navigation elements.
+
+## Versioning
+
+The Component Library documentation follows its own versioning scheme, independent from the main Superset documentation. This allows us to update the component documentation as the components evolve, without affecting the main documentation.
+
+## Getting Started
+
+Browse the sidebar to explore the different components available in the library. Each component documentation includes:
+
+- Component description and purpose
+- Props and configuration options
+- Usage examples
+- Best practices

docs/components_versioned_docs/version-6.1.0/layout-components/grid.md

@@ -0,0 +1,113 @@
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+---
+title: Grid
+sidebar_position: 1
+---
+
+# Grid Component
+
+The Grid component provides a flexible layout system for arranging content in rows and columns.
+
+## Props
+
+| Prop | Type | Default | Description |
+|------|------|---------|-------------|
+| `gutter` | `number` or `[number, number]` | `0` | Grid spacing between items, can be a single number or [horizontal, vertical] |
+| `columns` | `number` | `12` | Number of columns in the grid |
+| `justify` | `string` | `'start'` | Horizontal alignment: 'start', 'center', 'end', 'space-between', 'space-around' |
+| `align` | `string` | `'top'` | Vertical alignment: 'top', 'middle', 'bottom' |
+| `wrap` | `boolean` | `true` | Whether to wrap items when they overflow |
+
+### Row Props
+
+| Prop | Type | Default | Description |
+|------|------|---------|-------------|
+| `gutter` | `number` or `[number, number]` | `0` | Spacing between items in the row |
+| `justify` | `string` | `'start'` | Horizontal alignment for this row |
+| `align` | `string` | `'top'` | Vertical alignment for this row |
+
+### Col Props
+
+| Prop | Type | Default | Description |
+|------|------|---------|-------------|
+| `span` | `number` | - | Number of columns the grid item spans |
+| `offset` | `number` | `0` | Number of columns the grid item is offset |
+| `xs`, `sm`, `md`, `lg`, `xl` | `number` or `object` | - | Responsive props for different screen sizes |
+
+## Examples
+
+### Basic Grid
+
+```jsx
+import { Grid, Row, Col } from '@superset-ui/core';
+
+function Example() {
+  return (
+    <Grid>
+      <Row gutter={16}>
+        <Col span={8}>
+          <div>Column 1</div>
+        </Col>
+        <Col span={8}>
+          <div>Column 2</div>
+        </Col>
+        <Col span={8}>
+          <div>Column 3</div>
+        </Col>
+      </Row>
+    </Grid>
+  );
+}
+```
+
+### Responsive Grid
+
+```jsx
+import { Grid, Row, Col } from '@superset-ui/core';
+
+function Example() {
+  return (
+    <Grid>
+      <Row gutter={[16, 24]}>
+        <Col xs={24} sm={12} md={8} lg={6}>
+          <div>Responsive Column 1</div>
+        </Col>
+        <Col xs={24} sm={12} md={8} lg={6}>
+          <div>Responsive Column 2</div>
+        </Col>
+        <Col xs={24} sm={12} md={8} lg={6}>
+          <div>Responsive Column 3</div>
+        </Col>
+        <Col xs={24} sm={12} md={8} lg={6}>
+          <div>Responsive Column 4</div>
+        </Col>
+      </Row>
+    </Grid>
+  );
+}
+```
+
+## Best Practices
+
+- Use the Grid system for complex layouts that need to be responsive
+- Specify column widths for different screen sizes to ensure proper responsive behavior
+- Use gutters to create appropriate spacing between grid items
+- Keep the grid structure consistent throughout your application
+- Consider using the grid system for dashboard layouts to ensure consistent spacing and alignment

docs/components_versioned_docs/version-6.1.0/test.mdx

@@ -0,0 +1,35 @@
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+---
+title: Test
+---
+
+import { StoryExample } from '../../src/components/StorybookWrapper';
+
+# Test
+
+This is a test using our custom StorybookWrapper component.
+
+<StoryExample
+  component={() => (
+    <div style={{ padding: '10px', background: '#f0f0f0', borderRadius: '4px' }}>
+      This is a simple example component
+    </div>
+  )}
+/>

docs/components_versioned_docs/version-6.1.0/ui-components/button.mdx

@@ -0,0 +1,146 @@
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+-->
+---
+title: Button Component
+sidebar_position: 1
+---
+
+import { StoryExample, StoryWithControls } from '../../../src/components/StorybookWrapper';
+import { Button } from '../../../../superset-frontend/packages/superset-ui-core/src/components/Button';
+
+# Button Component
+
+The Button component is a fundamental UI element used throughout Superset for user interactions.
+
+## Basic Usage
+
+The default button with primary styling:
+<StoryExample
+  component={() => (
+    <Button buttonStyle="primary" onClick={() => console.log('Clicked!')}>
+      Click Me
+    </Button>
+  )}
+/>
+
+## Interactive Example
+
+<StoryWithControls
+  component={({ buttonStyle, buttonSize, label, disabled }) => (
+    <Button
+      buttonStyle={buttonStyle}
+      buttonSize={buttonSize}
+      disabled={disabled}
+      onClick={() => console.log('Clicked!')}
+    >
+      {label}
+    </Button>
+  )}
+  props={{
+    buttonStyle: 'primary',
+    buttonSize: 'default',
+    label: 'Click Me',
+    disabled: false
+  }}
+  controls={[
+    {
+      name: 'buttonStyle',
+      label: 'Button Style',
+      type: 'select',
+      options: ['primary', 'secondary', 'tertiary', 'success', 'warning', 'danger', 'default', 'link', 'dashed']
+    },
+    {
+      name: 'buttonSize',
+      label: 'Button Size',
+      type: 'select',
+      options: ['default', 'small', 'xsmall']
+    },
+    {
+      name: 'label',
+      label: 'Button Text',
+      type: 'text'
+    },
+    {
+      name: 'disabled',
+      label: 'Disabled',
+      type: 'boolean'
+    }
+  ]}
+/>
+
+## Props
+
+| Prop | Type | Default | Description |
+|------|------|---------|-------------|
+| `buttonStyle` | `'primary' \| 'secondary' \| 'tertiary' \| 'success' \| 'warning' \| 'danger' \| 'default' \| 'link' \| 'dashed'` | `'default'` | Button style |
+| `buttonSize` | `'default' \| 'small' \| 'xsmall'` | `'default'` | Button size |
+| `disabled` | `boolean` | `false` | Whether the button is disabled |
+| `cta` | `boolean` | `false` | Whether the button is a call-to-action button |
+| `tooltip` | `ReactNode` | - | Tooltip content |
+| `placement` | `TooltipProps['placement']` | - | Tooltip placement |
+| `onClick` | `function` | - | Callback when button is clicked |
+| `href` | `string` | - | Turns button into an anchor link |
+| `target` | `string` | - | Target attribute for anchor links |
+
+## Usage
+
+```jsx
+import Button from 'src/components/Button';
+
+function MyComponent() {
+  return (
+    <Button
+      buttonStyle="primary"
+      onClick={() => console.log('Button clicked')}
+    >
+      Click Me
+    </Button>
+  );
+}
+```
+
+## Button Styles
+
+Superset provides a variety of button styles for different purposes:
+
+- **Primary**: Used for primary actions
+- **Secondary**: Used for secondary actions
+- **Tertiary**: Used for less important actions
+- **Success**: Used for successful or confirming actions
+- **Warning**: Used for actions that require caution
+- **Danger**: Used for destructive actions
+- **Link**: Used for navigation
+- **Dashed**: Used for adding new items or features
+
+## Button Sizes
+
+Buttons come in three sizes:
+
+- **Default**: Standard size for most use cases
+- **Small**: Compact size for tight spaces
+- **XSmall**: Extra small size for very limited spaces
+
+## Best Practices
+
+- Use primary buttons for the main action in a form or page
+- Use secondary buttons for alternative actions
+- Use danger buttons for destructive actions
+- Limit the number of primary buttons on a page to avoid confusion
+- Use consistent button styles throughout your application
+- Add tooltips to buttons when their purpose might not be immediately clear

docs/components_versioned_sidebars/version-6.1.0-sidebars.json

@@ -0,0 +1,39 @@
+{
+  "ComponentSidebar": [
+    {
+      "type": "doc",
+      "label": "Introduction",
+      "id": "index"
+    },
+    {
+      "type": "category",
+      "label": "UI Components",
+      "items": [
+        {
+          "type": "autogenerated",
+          "dirName": "ui-components"
+        }
+      ]
+    },
+    {
+      "type": "category",
+      "label": "Chart Components",
+      "items": [
+        {
+          "type": "autogenerated",
+          "dirName": "chart-components"
+        }
+      ]
+    },
+    {
+      "type": "category",
+      "label": "Layout Components",
+      "items": [
+        {
+          "type": "autogenerated",
+          "dirName": "layout-components"
+        }
+      ]
+    }
+  ]
+}

docs/components_versions.json

@@ -1 +1,3 @@
-[]
+[
+  "6.1.0"
+]

docs/developer_docs_versioned_docs/version-6.1.0/_versioned_data/static/data/components.json

@@ -0,0 +1,826 @@
+{
+  "generated": "2026-05-15T16:18:58.919Z",
+  "statistics": {
+    "totalComponents": 54,
+    "byCategory": {
+      "ui": 46,
+      "design-system": 7,
+      "extension": 1
+    },
+    "extensionCompatible": 1,
+    "withGallery": 2,
+    "withLiveExample": 36
+  },
+  "components": [
+    {
+      "name": "AutoComplete",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "AutoComplete component for search functionality.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 1,
+      "controlsCount": 16,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/autocomplete",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/AutoComplete/AutoComplete.stories.tsx"
+    },
+    {
+      "name": "Avatar",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 7,
+      "controlsCount": 7,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/avatar",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Avatar/Avatar.stories.tsx"
+    },
+    {
+      "name": "Badge",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 5,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/badge",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Badge/Badge.stories.tsx"
+    },
+    {
+      "name": "Breadcrumb",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Breadcrumb component for displaying navigation paths.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 0,
+      "controlsCount": 1,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/breadcrumb",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Breadcrumb/Breadcrumb.stories.tsx"
+    },
+    {
+      "name": "Button",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 3,
+      "controlsCount": 7,
+      "hasGallery": true,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/button",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Button/Button.stories.tsx"
+    },
+    {
+      "name": "ButtonGroup",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "ButtonGroup is a container that groups multiple Button components together with consistent spacing and styling.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 1,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/buttongroup",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/ButtonGroup/ButtonGroup.stories.tsx"
+    },
+    {
+      "name": "CachedLabel",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 0,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/cachedlabel",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/CachedLabel/CachedLabel.stories.tsx"
+    },
+    {
+      "name": "Card",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A container component for grouping related content. Supports titles, borders, loading states, and hover effects.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 6,
+      "controlsCount": 6,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/card",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Card/Card.stories.tsx"
+    },
+    {
+      "name": "Checkbox",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Checkbox component that supports both regular and indeterminate states, built on top of Ant Design v5 Checkbox.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 2,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/checkbox",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Checkbox/Checkbox.stories.tsx"
+    },
+    {
+      "name": "Collapse",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 5,
+      "controlsCount": 5,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/collapse",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Collapse/Collapse.stories.tsx"
+    },
+    {
+      "name": "DatePicker",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 2,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/datepicker",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/DatePicker/DatePicker.stories.tsx"
+    },
+    {
+      "name": "Divider",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 6,
+      "controlsCount": 6,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/divider",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Divider/Divider.stories.tsx"
+    },
+    {
+      "name": "DropdownContainer",
+      "category": "design-system",
+      "categoryLabel": "Layout Components",
+      "description": "DropdownContainer arranges items horizontally and moves overflowing items into a dropdown popover. Resize the container to see the overflow behavior.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 0,
+      "controlsCount": 0,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/design-system/dropdowncontainer",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/DropdownContainer/DropdownContainer.stories.tsx"
+    },
+    {
+      "name": "EditableTitle",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 12,
+      "controlsCount": 12,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/editabletitle",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/EditableTitle/EditableTitle.stories.tsx"
+    },
+    {
+      "name": "EmptyState",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 5,
+      "controlsCount": 5,
+      "hasGallery": true,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/emptystate",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/EmptyState/EmptyState.stories.tsx"
+    },
+    {
+      "name": "FaveStar",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "FaveStar component for marking items as favorites",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 3,
+      "controlsCount": 3,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/favestar",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/FaveStar/FaveStar.stories.tsx"
+    },
+    {
+      "name": "Flex",
+      "category": "design-system",
+      "categoryLabel": "Layout Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 6,
+      "controlsCount": 6,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/design-system/flex",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Flex/Flex.stories.tsx"
+    },
+    {
+      "name": "Grid",
+      "category": "design-system",
+      "categoryLabel": "Layout Components",
+      "description": "The Grid system of Ant Design is based on a 24-grid layout. The `Row` and `Col` components are used to create flexible and responsive grid layouts.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/design-system/grid",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Grid/Grid.stories.tsx"
+    },
+    {
+      "name": "IconButton",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "The IconButton component is a versatile button that allows you to combine an icon with a text label. It is designed for use in situations where you want to display an icon along with some text in a single clickable element.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/iconbutton",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/IconButton/IconButton.stories.tsx"
+    },
+    {
+      "name": "IconTooltip",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 1,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/icontooltip",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/IconTooltip/IconTooltip.stories.tsx"
+    },
+    {
+      "name": "Icons",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Icon library for Apache Superset. Contains over 200 icons based on Ant Design icons with consistent sizing and theming support.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 1,
+      "controlsCount": 3,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/icons",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Icons/Icons.stories.tsx"
+    },
+    {
+      "name": "InfoTooltip",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 1,
+      "controlsCount": 3,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/infotooltip",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/InfoTooltip/InfoTooltip.stories.tsx"
+    },
+    {
+      "name": "Input",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 5,
+      "controlsCount": 10,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/input",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Input/Input.stories.tsx"
+    },
+    {
+      "name": "Label",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 3,
+      "controlsCount": 3,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/label",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Label/Label.stories.tsx"
+    },
+    {
+      "name": "Layout",
+      "category": "design-system",
+      "categoryLabel": "Layout Components",
+      "description": "Ant Design Layout component with configurable Sider, Header, Footer, and Content.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 1,
+      "controlsCount": 1,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/design-system/layout",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Layout/Layout.stories.tsx"
+    },
+    {
+      "name": "List",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/list",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/List/List.stories.tsx"
+    },
+    {
+      "name": "ListViewCard",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "ListViewCard is a card component used to display items in list views with an image, title, description, and optional cover sections.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 7,
+      "controlsCount": 7,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/listviewcard",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/ListViewCard/ListViewCard.stories.tsx"
+    },
+    {
+      "name": "Loading",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 3,
+      "controlsCount": 3,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/loading",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Loading/Loading.stories.tsx"
+    },
+    {
+      "name": "Menu",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Navigation menu component supporting horizontal, vertical, and inline modes. Based on Ant Design Menu with Superset styling.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 2,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/menu",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Menu/Menu.stories.tsx"
+    },
+    {
+      "name": "MetadataBar",
+      "category": "design-system",
+      "categoryLabel": "Layout Components",
+      "description": "MetadataBar displays a row of metadata items (SQL info, owners, last modified, tags, dashboards, etc.) that collapse responsively based on available width.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/design-system/metadatabar",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/MetadataBar/MetadataBar.stories.tsx"
+    },
+    {
+      "name": "Modal",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Modal dialog component for displaying content that requires user attention or interaction. Supports customizable buttons, drag/resize, and confirmation dialogs.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 8,
+      "controlsCount": 8,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/modal",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Modal/Modal.stories.tsx"
+    },
+    {
+      "name": "ModalTrigger",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A component that renders a trigger element which opens a modal when clicked. Useful for actions that need confirmation or additional input.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 9,
+      "controlsCount": 9,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/modaltrigger",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/ModalTrigger/ModalTrigger.stories.tsx"
+    },
+    {
+      "name": "Popover",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A floating card that appears when hovering or clicking a trigger element. Supports configurable placement, trigger behavior, and custom content.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 6,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/popover",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Popover/Popover.stories.tsx"
+    },
+    {
+      "name": "ProgressBar",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Progress bar component for displaying completion status. Supports line, circle, and dashboard display types.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 6,
+      "controlsCount": 8,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/progressbar",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/ProgressBar/ProgressBar.stories.tsx"
+    },
+    {
+      "name": "Radio",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Radio button component for selecting one option from a set. Supports standalone radio buttons, radio buttons styled as buttons, and grouped radio buttons with layout configuration.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/radio",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Radio/Radio.stories.tsx"
+    },
+    {
+      "name": "SafeMarkdown",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 1,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/safemarkdown",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/SafeMarkdown/SafeMarkdown.stories.tsx"
+    },
+    {
+      "name": "Select",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A versatile select component supporting single and multi-select modes, search filtering, option creation, and both synchronous and asynchronous data sources.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 10,
+      "controlsCount": 10,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/select",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Select/Select.stories.tsx"
+    },
+    {
+      "name": "Skeleton",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Skeleton loading component with support for avatar, title, paragraph, button, and input placeholders.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 7,
+      "controlsCount": 7,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/skeleton",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Skeleton/Skeleton.stories.tsx"
+    },
+    {
+      "name": "Slider",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A slider input for selecting a value or range from a continuous or stepped interval. Supports single value, range, vertical orientation, marks, and tooltip display.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 10,
+      "controlsCount": 12,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/slider",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Slider/Slider.stories.tsx"
+    },
+    {
+      "name": "Space",
+      "category": "design-system",
+      "categoryLabel": "Layout Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 3,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/design-system/space",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Space/Space.stories.tsx"
+    },
+    {
+      "name": "Steps",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A navigation component for guiding users through multi-step workflows. Supports horizontal, vertical, and inline layouts with progress tracking.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 9,
+      "controlsCount": 9,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/steps",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Steps/Steps.stories.tsx"
+    },
+    {
+      "name": "Switch",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A toggle switch for boolean on/off states. Supports loading indicators, sizing, and an HTML title attribute for accessibility tooltips.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 3,
+      "controlsCount": 5,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/switch",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Switch/Switch.stories.tsx"
+    },
+    {
+      "name": "Table",
+      "category": "design-system",
+      "categoryLabel": "Layout Components",
+      "description": "A data table component with sorting, pagination, row selection, resizable columns, reorderable columns, and virtualization for large datasets.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 11,
+      "controlsCount": 11,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/design-system/table",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Table/Table.stories.tsx"
+    },
+    {
+      "name": "TableCollection",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 0,
+      "controlsCount": 0,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/ui/tablecollection",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/TableCollection/TableCollection.stories.tsx"
+    },
+    {
+      "name": "TableView",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A data table component with sorting, pagination, text wrapping, and empty state support. Built on react-table.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 12,
+      "controlsCount": 14,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/tableview",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/TableView/TableView.stories.tsx"
+    },
+    {
+      "name": "Tabs",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A tabs component for switching between different views or content sections. Supports multiple tab styles, positions, and sizes.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 7,
+      "controlsCount": 7,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/tabs",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Tabs/Tabs.stories.tsx"
+    },
+    {
+      "name": "Timer",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "A live elapsed-time display that counts up from a given start time. Used to show query and dashboard load durations. Requires a startTime timestamp to function.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 2,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/timer",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Timer/Timer.stories.tsx"
+    },
+    {
+      "name": "Tooltip",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 3,
+      "controlsCount": 6,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/tooltip",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Tooltip/Tooltip.stories.tsx"
+    },
+    {
+      "name": "Tree",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "The Tree component is used to display hierarchical data in a tree structure. It allows for features such as selection, expansion, and drag-and-drop functionality.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 8,
+      "controlsCount": 8,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/tree",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Tree/Tree.stories.tsx"
+    },
+    {
+      "name": "TreeSelect",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "TreeSelect is a select component that allows users to select from a tree structure.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 10,
+      "controlsCount": 10,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/treeselect",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/TreeSelect/TreeSelect.stories.tsx"
+    },
+    {
+      "name": "Typography",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Typography is a component for displaying text with various styles and formats. It includes subcomponents like Title, Paragraph, and Link.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 11,
+      "controlsCount": 12,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/typography",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Typography/Typography.stories.tsx"
+    },
+    {
+      "name": "UnsavedChangesModal",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 2,
+      "controlsCount": 2,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/unsavedchangesmodal",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/UnsavedChangesModal/UnsavedChangesModal.stories.tsx"
+    },
+    {
+      "name": "Upload",
+      "category": "ui",
+      "categoryLabel": "Core Components",
+      "description": "Upload component for file selection and uploading. Supports drag-and-drop, multiple files, and different list display styles.",
+      "importPath": "@superset/components",
+      "package": "@superset-ui/core/components",
+      "extensionCompatible": false,
+      "propsCount": 4,
+      "controlsCount": 4,
+      "hasGallery": false,
+      "hasLiveExample": true,
+      "docPath": "developer-docs/components/ui/upload",
+      "storyFile": "superset-frontend/packages/superset-ui-core/src/components/Upload/Upload.stories.tsx"
+    },
+    {
+      "name": "Alert",
+      "category": "extension",
+      "categoryLabel": "Extension Components",
+      "description": "Alert component for displaying important messages to users. Wraps Ant Design Alert with sensible defaults and improved accessibility.",
+      "importPath": "packages/superset-core/src/components/Alert",
+      "package": "@apache-superset/core/components",
+      "extensionCompatible": true,
+      "propsCount": 5,
+      "controlsCount": 5,
+      "hasGallery": false,
+      "hasLiveExample": false,
+      "docPath": "developer-docs/components/extension/alert",
+      "storyFile": "superset-frontend/packages/superset-core/src/components/Alert/Alert.stories.tsx"
+    }
+  ]
+}

docs/developer_docs_versioned_docs/version-6.1.0/api.mdx

@@ -0,0 +1,650 @@
+---
+title: API Reference
+hide_title: true
+sidebar_position: 10
+---
+
+import { Alert } from 'antd';
+
+## REST API Reference
+
+Superset exposes a comprehensive **REST API** that follows the [OpenAPI specification](https://swagger.io/specification/).
+You can use this API to programmatically interact with Superset for automation, integrations, and custom applications.
+
+<Alert
+  type="info"
+  showIcon
+  message="Code Samples & Schema Documentation"
+  description={
+    <span>
+      Each endpoint includes ready-to-use code samples in <strong>cURL</strong>, <strong>Python</strong>, and <strong>JavaScript</strong>.
+      The sidebar includes <strong>Schema definitions</strong> for detailed data model documentation.
+    </span>
+  }
+  style={{ marginBottom: '24px' }}
+/>
+
+---
+
+### Authentication
+
+Most API endpoints require authentication via JWT tokens.
+
+#### Quick Start
+
+```bash
+# 1. Get a JWT token
+curl -X POST http://localhost:8088/api/v1/security/login \
+  -H "Content-Type: application/json" \
+  -d '{"username": "admin", "password": "admin", "provider": "db"}'
+
+# 2. Use the access_token from the response
+curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
+  http://localhost:8088/api/v1/dashboard/
+```
+
+#### Security Endpoints
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get the CSRF token](/developer-docs/api/get-the-csrf-token) | `/api/v1/security/csrf_token/` |
+| `POST` | [Get a guest token](/developer-docs/api/get-a-guest-token) | `/api/v1/security/guest_token/` |
+| `POST` | [Create security login](/developer-docs/api/create-security-login) | `/api/v1/security/login` |
+| `POST` | [Create security refresh](/developer-docs/api/create-security-refresh) | `/api/v1/security/refresh` |
+
+---
+
+### API Endpoints
+
+#### Core Resources
+
+<details>
+<summary><strong>Dashboards</strong> (28 endpoints) — Create, read, update, and delete dashboards.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete dashboards](/developer-docs/api/bulk-delete-dashboards) | `/api/v1/dashboard/` |
+| `GET` | [Get a list of dashboards](/developer-docs/api/get-a-list-of-dashboards) | `/api/v1/dashboard/` |
+| `POST` | [Create a new dashboard](/developer-docs/api/create-a-new-dashboard) | `/api/v1/dashboard/` |
+| `GET` | [Get metadata information about this API resource (dashboard--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-dashboard-info) | `/api/v1/dashboard/_info` |
+| `GET` | [Get a dashboard detail information](/developer-docs/api/get-a-dashboard-detail-information) | `/api/v1/dashboard/{id_or_slug}` |
+| `GET` | [Get a dashboard's chart definitions.](/developer-docs/api/get-a-dashboards-chart-definitions) | `/api/v1/dashboard/{id_or_slug}/charts` |
+| `POST` | [Create a copy of an existing dashboard](/developer-docs/api/create-a-copy-of-an-existing-dashboard) | `/api/v1/dashboard/{id_or_slug}/copy/` |
+| `GET` | [Get dashboard's datasets](/developer-docs/api/get-dashboards-datasets) | `/api/v1/dashboard/{id_or_slug}/datasets` |
+| `DELETE` | [Delete a dashboard's embedded configuration](/developer-docs/api/delete-a-dashboards-embedded-configuration) | `/api/v1/dashboard/{id_or_slug}/embedded` |
+| `GET` | [Get the dashboard's embedded configuration](/developer-docs/api/get-the-dashboards-embedded-configuration) | `/api/v1/dashboard/{id_or_slug}/embedded` |
+| `POST` | [Set a dashboard's embedded configuration](/developer-docs/api/set-a-dashboards-embedded-configuration) | `/api/v1/dashboard/{id_or_slug}/embedded` |
+| `PUT` | [Update dashboard by id_or_slug embedded](/developer-docs/api/update-dashboard-by-id-or-slug-embedded) | `/api/v1/dashboard/{id_or_slug}/embedded` |
+| `GET` | [Get dashboard's tabs](/developer-docs/api/get-dashboards-tabs) | `/api/v1/dashboard/{id_or_slug}/tabs` |
+| `DELETE` | [Delete a dashboard](/developer-docs/api/delete-a-dashboard) | `/api/v1/dashboard/{pk}` |
+| `PUT` | [Update a dashboard](/developer-docs/api/update-a-dashboard) | `/api/v1/dashboard/{pk}` |
+| `POST` | [Compute and cache a screenshot (dashboard-pk-cache-dashboard-screenshot)](/developer-docs/api/compute-and-cache-a-screenshot-dashboard-pk-cache-dashboard-screenshot) | `/api/v1/dashboard/{pk}/cache_dashboard_screenshot/` |
+| `PUT` | [Update chart customizations configuration for a dashboard.](/developer-docs/api/update-chart-customizations-configuration-for-a-dashboard) | `/api/v1/dashboard/{pk}/chart_customizations` |
+| `PUT` | [Update colors configuration for a dashboard.](/developer-docs/api/update-colors-configuration-for-a-dashboard) | `/api/v1/dashboard/{pk}/colors` |
+| `GET` | [Export dashboard as example bundle](/developer-docs/api/export-dashboard-as-example-bundle) | `/api/v1/dashboard/{pk}/export_as_example/` |
+| `DELETE` | [Remove the dashboard from the user favorite list](/developer-docs/api/remove-the-dashboard-from-the-user-favorite-list) | `/api/v1/dashboard/{pk}/favorites/` |
+| `POST` | [Mark the dashboard as favorite for the current user](/developer-docs/api/mark-the-dashboard-as-favorite-for-the-current-user) | `/api/v1/dashboard/{pk}/favorites/` |
+| `PUT` | [Update native filters configuration for a dashboard.](/developer-docs/api/update-native-filters-configuration-for-a-dashboard) | `/api/v1/dashboard/{pk}/filters` |
+| `GET` | [Get a computed screenshot from cache (dashboard-pk-screenshot-digest)](/developer-docs/api/get-a-computed-screenshot-from-cache-dashboard-pk-screenshot-digest) | `/api/v1/dashboard/{pk}/screenshot/{digest}/` |
+| `GET` | [Get dashboard's thumbnail](/developer-docs/api/get-dashboards-thumbnail) | `/api/v1/dashboard/{pk}/thumbnail/{digest}/` |
+| `GET` | [Download multiple dashboards as YAML files](/developer-docs/api/download-multiple-dashboards-as-yaml-files) | `/api/v1/dashboard/export/` |
+| `GET` | [Check favorited dashboards for current user](/developer-docs/api/check-favorited-dashboards-for-current-user) | `/api/v1/dashboard/favorite_status/` |
+| `POST` | [Import dashboard(s) with associated charts/datasets/databases](/developer-docs/api/import-dashboard-s-with-associated-charts-datasets-databases) | `/api/v1/dashboard/import/` |
+| `GET` | [Get related fields data (dashboard-related-column-name)](/developer-docs/api/get-related-fields-data-dashboard-related-column-name) | `/api/v1/dashboard/related/{column_name}` |
+
+</details>
+
+<details>
+<summary><strong>Charts</strong> (20 endpoints) — Create, read, update, and delete charts (slices).</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete charts](/developer-docs/api/bulk-delete-charts) | `/api/v1/chart/` |
+| `GET` | [Get a list of charts](/developer-docs/api/get-a-list-of-charts) | `/api/v1/chart/` |
+| `POST` | [Create a new chart](/developer-docs/api/create-a-new-chart) | `/api/v1/chart/` |
+| `GET` | [Get metadata information about this API resource (chart--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-chart-info) | `/api/v1/chart/_info` |
+| `GET` | [Get a chart detail information](/developer-docs/api/get-a-chart-detail-information) | `/api/v1/chart/{id_or_uuid}` |
+| `DELETE` | [Delete a chart](/developer-docs/api/delete-a-chart) | `/api/v1/chart/{pk}` |
+| `PUT` | [Update a chart](/developer-docs/api/update-a-chart) | `/api/v1/chart/{pk}` |
+| `GET` | [Compute and cache a screenshot (chart-pk-cache-screenshot)](/developer-docs/api/compute-and-cache-a-screenshot-chart-pk-cache-screenshot) | `/api/v1/chart/{pk}/cache_screenshot/` |
+| `GET` | [Return payload data response for a chart](/developer-docs/api/return-payload-data-response-for-a-chart) | `/api/v1/chart/{pk}/data/` |
+| `DELETE` | [Remove the chart from the user favorite list](/developer-docs/api/remove-the-chart-from-the-user-favorite-list) | `/api/v1/chart/{pk}/favorites/` |
+| `POST` | [Mark the chart as favorite for the current user](/developer-docs/api/mark-the-chart-as-favorite-for-the-current-user) | `/api/v1/chart/{pk}/favorites/` |
+| `GET` | [Get a computed screenshot from cache (chart-pk-screenshot-digest)](/developer-docs/api/get-a-computed-screenshot-from-cache-chart-pk-screenshot-digest) | `/api/v1/chart/{pk}/screenshot/{digest}/` |
+| `GET` | [Get chart thumbnail](/developer-docs/api/get-chart-thumbnail) | `/api/v1/chart/{pk}/thumbnail/{digest}/` |
+| `POST` | [Return payload data response for the given query (chart-data)](/developer-docs/api/return-payload-data-response-for-the-given-query-chart-data) | `/api/v1/chart/data` |
+| `GET` | [Return payload data response for the given query (chart-data-cache-key)](/developer-docs/api/return-payload-data-response-for-the-given-query-chart-data-cache-key) | `/api/v1/chart/data/{cache_key}` |
+| `GET` | [Download multiple charts as YAML files](/developer-docs/api/download-multiple-charts-as-yaml-files) | `/api/v1/chart/export/` |
+| `GET` | [Check favorited charts for current user](/developer-docs/api/check-favorited-charts-for-current-user) | `/api/v1/chart/favorite_status/` |
+| `POST` | [Import chart(s) with associated datasets and databases](/developer-docs/api/import-chart-s-with-associated-datasets-and-databases) | `/api/v1/chart/import/` |
+| `GET` | [Get related fields data (chart-related-column-name)](/developer-docs/api/get-related-fields-data-chart-related-column-name) | `/api/v1/chart/related/{column_name}` |
+| `PUT` | [Warm up the cache for the chart](/developer-docs/api/warm-up-the-cache-for-the-chart) | `/api/v1/chart/warm_up_cache` |
+
+</details>
+
+<details>
+<summary><strong>Datasets</strong> (19 endpoints) — Manage datasets (tables) used for building charts.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete datasets](/developer-docs/api/bulk-delete-datasets) | `/api/v1/dataset/` |
+| `GET` | [Get a list of datasets](/developer-docs/api/get-a-list-of-datasets) | `/api/v1/dataset/` |
+| `POST` | [Create a new dataset](/developer-docs/api/create-a-new-dataset) | `/api/v1/dataset/` |
+| `GET` | [Get metadata information about this API resource (dataset--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-dataset-info) | `/api/v1/dataset/_info` |
+| `GET` | [Get a dataset](/developer-docs/api/get-a-dataset) | `/api/v1/dataset/{id_or_uuid}` |
+| `GET` | [Get charts and dashboards count associated to a dataset](/developer-docs/api/get-charts-and-dashboards-count-associated-to-a-dataset) | `/api/v1/dataset/{id_or_uuid}/related_objects` |
+| `DELETE` | [Delete a dataset](/developer-docs/api/delete-a-dataset) | `/api/v1/dataset/{pk}` |
+| `PUT` | [Update a dataset](/developer-docs/api/update-a-dataset) | `/api/v1/dataset/{pk}` |
+| `DELETE` | [Delete a dataset column](/developer-docs/api/delete-a-dataset-column) | `/api/v1/dataset/{pk}/column/{column_id}` |
+| `GET` | [Get dataset drill info](/developer-docs/api/get-dataset-drill-info) | `/api/v1/dataset/{pk}/drill_info/` |
+| `DELETE` | [Delete a dataset metric](/developer-docs/api/delete-a-dataset-metric) | `/api/v1/dataset/{pk}/metric/{metric_id}` |
+| `PUT` | [Refresh and update columns of a dataset](/developer-docs/api/refresh-and-update-columns-of-a-dataset) | `/api/v1/dataset/{pk}/refresh` |
+| `GET` | [Get distinct values from field data (dataset-distinct-column-name)](/developer-docs/api/get-distinct-values-from-field-data-dataset-distinct-column-name) | `/api/v1/dataset/distinct/{column_name}` |
+| `POST` | [Duplicate a dataset](/developer-docs/api/duplicate-a-dataset) | `/api/v1/dataset/duplicate` |
+| `GET` | [Download multiple datasets as YAML files](/developer-docs/api/download-multiple-datasets-as-yaml-files) | `/api/v1/dataset/export/` |
+| `POST` | [Retrieve a table by name, or create it if it does not exist](/developer-docs/api/retrieve-a-table-by-name-or-create-it-if-it-does-not-exist) | `/api/v1/dataset/get_or_create/` |
+| `POST` | [Import dataset(s) with associated databases](/developer-docs/api/import-dataset-s-with-associated-databases) | `/api/v1/dataset/import/` |
+| `GET` | [Get related fields data (dataset-related-column-name)](/developer-docs/api/get-related-fields-data-dataset-related-column-name) | `/api/v1/dataset/related/{column_name}` |
+| `PUT` | [Warm up the cache for each chart powered by the given table](/developer-docs/api/warm-up-the-cache-for-each-chart-powered-by-the-given-table) | `/api/v1/dataset/warm_up_cache` |
+
+</details>
+
+<details>
+<summary><strong>Database</strong> (30 endpoints) — Manage database connections and metadata.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get a list of databases](/developer-docs/api/get-a-list-of-databases) | `/api/v1/database/` |
+| `POST` | [Create a new database](/developer-docs/api/create-a-new-database) | `/api/v1/database/` |
+| `GET` | [Get metadata information about this API resource (database--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-database-info) | `/api/v1/database/_info` |
+| `DELETE` | [Delete a database](/developer-docs/api/delete-a-database) | `/api/v1/database/{pk}` |
+| `GET` | [Get a database](/developer-docs/api/get-a-database) | `/api/v1/database/{pk}` |
+| `PUT` | [Change a database](/developer-docs/api/change-a-database) | `/api/v1/database/{pk}` |
+| `GET` | [Get all catalogs from a database](/developer-docs/api/get-all-catalogs-from-a-database) | `/api/v1/database/{pk}/catalogs/` |
+| `GET` | [Get a database connection info](/developer-docs/api/get-a-database-connection-info) | `/api/v1/database/{pk}/connection` |
+| `GET` | [Get function names supported by a database](/developer-docs/api/get-function-names-supported-by-a-database) | `/api/v1/database/{pk}/function_names/` |
+| `GET` | [Get charts and dashboards count associated to a database](/developer-docs/api/get-charts-and-dashboards-count-associated-to-a-database) | `/api/v1/database/{pk}/related_objects/` |
+| `GET` | [The list of the database schemas where to upload information](/developer-docs/api/the-list-of-the-database-schemas-where-to-upload-information) | `/api/v1/database/{pk}/schemas_access_for_file_upload/` |
+| `GET` | [Get all schemas from a database](/developer-docs/api/get-all-schemas-from-a-database) | `/api/v1/database/{pk}/schemas/` |
+| `GET` | [Get database select star for table (database-pk-select-star-table-name)](/developer-docs/api/get-database-select-star-for-table-database-pk-select-star-table-name) | `/api/v1/database/{pk}/select_star/{table_name}/` |
+| `GET` | [Get database select star for table (database-pk-select-star-table-name-schema-name)](/developer-docs/api/get-database-select-star-for-table-database-pk-select-star-table-name-schema-name) | `/api/v1/database/{pk}/select_star/{table_name}/{schema_name}/` |
+| `POST` | [Re-sync all permissions for a database connection](/developer-docs/api/re-sync-all-permissions-for-a-database-connection) | `/api/v1/database/{pk}/sync_permissions/` |
+| `GET` | [Get table extra metadata (database-pk-table-extra-table-name-schema-name)](/developer-docs/api/get-table-extra-metadata-database-pk-table-extra-table-name-schema-name) | `/api/v1/database/{pk}/table_extra/{table_name}/{schema_name}/` |
+| `GET` | [Get table metadata](/developer-docs/api/get-table-metadata) | `/api/v1/database/{pk}/table_metadata/` |
+| `GET` | [Get table extra metadata (database-pk-table-metadata-extra)](/developer-docs/api/get-table-extra-metadata-database-pk-table-metadata-extra) | `/api/v1/database/{pk}/table_metadata/extra/` |
+| `GET` | [Get database table metadata](/developer-docs/api/get-database-table-metadata) | `/api/v1/database/{pk}/table/{table_name}/{schema_name}/` |
+| `GET` | [Get a list of tables for given database](/developer-docs/api/get-a-list-of-tables-for-given-database) | `/api/v1/database/{pk}/tables/` |
+| `POST` | [Upload a file to a database table](/developer-docs/api/upload-a-file-to-a-database-table) | `/api/v1/database/{pk}/upload/` |
+| `POST` | [Validate arbitrary SQL](/developer-docs/api/validate-arbitrary-sql) | `/api/v1/database/{pk}/validate_sql/` |
+| `GET` | [Get names of databases currently available](/developer-docs/api/get-names-of-databases-currently-available) | `/api/v1/database/available/` |
+| `GET` | [Download database(s) and associated dataset(s) as a zip file](/developer-docs/api/download-database-s-and-associated-dataset-s-as-a-zip-file) | `/api/v1/database/export/` |
+| `POST` | [Import database(s) with associated datasets](/developer-docs/api/import-database-s-with-associated-datasets) | `/api/v1/database/import/` |
+| `GET` | [Receive personal access tokens from OAuth2](/developer-docs/api/receive-personal-access-tokens-from-o-auth-2) | `/api/v1/database/oauth2/` |
+| `GET` | [Get related fields data (database-related-column-name)](/developer-docs/api/get-related-fields-data-database-related-column-name) | `/api/v1/database/related/{column_name}` |
+| `POST` | [Test a database connection](/developer-docs/api/test-a-database-connection) | `/api/v1/database/test_connection/` |
+| `POST` | [Upload a file and returns file metadata](/developer-docs/api/upload-a-file-and-returns-file-metadata) | `/api/v1/database/upload_metadata/` |
+| `POST` | [Validate database connection parameters](/developer-docs/api/validate-database-connection-parameters) | `/api/v1/database/validate_parameters/` |
+
+</details>
+
+#### Data Exploration
+
+<details>
+<summary><strong>Explore</strong> (1 endpoints) — Chart exploration and data querying endpoints.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Assemble Explore related information in a single endpoint](/developer-docs/api/assemble-explore-related-information-in-a-single-endpoint) | `/api/v1/explore/` |
+
+</details>
+
+<details>
+<summary><strong>SQL Lab</strong> (7 endpoints) — Execute SQL queries and manage SQL Lab sessions.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get the bootstrap data for SqlLab page](/developer-docs/api/get-the-bootstrap-data-for-sql-lab-page) | `/api/v1/sqllab/` |
+| `POST` | [Estimate the SQL query execution cost](/developer-docs/api/estimate-the-sql-query-execution-cost) | `/api/v1/sqllab/estimate/` |
+| `POST` | [Execute a SQL query](/developer-docs/api/execute-a-sql-query) | `/api/v1/sqllab/execute/` |
+| `POST` | [Export SQL query results to CSV with streaming](/developer-docs/api/export-sql-query-results-to-csv-with-streaming) | `/api/v1/sqllab/export_streaming/` |
+| `GET` | [Export the SQL query results to a CSV](/developer-docs/api/export-the-sql-query-results-to-a-csv) | `/api/v1/sqllab/export/{client_id}/` |
+| `POST` | [Format SQL code](/developer-docs/api/format-sql-code) | `/api/v1/sqllab/format_sql/` |
+| `GET` | [Get the result of a SQL query execution](/developer-docs/api/get-the-result-of-a-sql-query-execution) | `/api/v1/sqllab/results/` |
+
+</details>
+
+<details>
+<summary><strong>Queries</strong> (17 endpoints) — View and manage SQL Lab query history.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get a list of queries](/developer-docs/api/get-a-list-of-queries) | `/api/v1/query/` |
+| `GET` | [Get query detail information](/developer-docs/api/get-query-detail-information) | `/api/v1/query/{pk}` |
+| `GET` | [Get distinct values from field data (query-distinct-column-name)](/developer-docs/api/get-distinct-values-from-field-data-query-distinct-column-name) | `/api/v1/query/distinct/{column_name}` |
+| `GET` | [Get related fields data (query-related-column-name)](/developer-docs/api/get-related-fields-data-query-related-column-name) | `/api/v1/query/related/{column_name}` |
+| `POST` | [Manually stop a query with client_id](/developer-docs/api/manually-stop-a-query-with-client-id) | `/api/v1/query/stop` |
+| `GET` | [Get a list of queries that changed after last_updated_ms](/developer-docs/api/get-a-list-of-queries-that-changed-after-last-updated-ms) | `/api/v1/query/updated_since` |
+| `DELETE` | [Bulk delete saved queries](/developer-docs/api/bulk-delete-saved-queries) | `/api/v1/saved_query/` |
+| `GET` | [Get a list of saved queries](/developer-docs/api/get-a-list-of-saved-queries) | `/api/v1/saved_query/` |
+| `POST` | [Create a saved query](/developer-docs/api/create-a-saved-query) | `/api/v1/saved_query/` |
+| `GET` | [Get metadata information about this API resource (saved-query--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-saved-query-info) | `/api/v1/saved_query/_info` |
+| `DELETE` | [Delete a saved query](/developer-docs/api/delete-a-saved-query) | `/api/v1/saved_query/{pk}` |
+| `GET` | [Get a saved query](/developer-docs/api/get-a-saved-query) | `/api/v1/saved_query/{pk}` |
+| `PUT` | [Update a saved query](/developer-docs/api/update-a-saved-query) | `/api/v1/saved_query/{pk}` |
+| `GET` | [Get distinct values from field data (saved-query-distinct-column-name)](/developer-docs/api/get-distinct-values-from-field-data-saved-query-distinct-column-name) | `/api/v1/saved_query/distinct/{column_name}` |
+| `GET` | [Download multiple saved queries as YAML files](/developer-docs/api/download-multiple-saved-queries-as-yaml-files) | `/api/v1/saved_query/export/` |
+| `POST` | [Import saved queries with associated databases](/developer-docs/api/import-saved-queries-with-associated-databases) | `/api/v1/saved_query/import/` |
+| `GET` | [Get related fields data (saved-query-related-column-name)](/developer-docs/api/get-related-fields-data-saved-query-related-column-name) | `/api/v1/saved_query/related/{column_name}` |
+
+</details>
+
+<details>
+<summary><strong>Datasources</strong> (2 endpoints) — Query datasource metadata and column values.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get possible values for a datasource column](/developer-docs/api/get-possible-values-for-a-datasource-column) | `/api/v1/datasource/{datasource_type}/{datasource_id}/column/{column_name}/values/` |
+| `POST` | [Validate a SQL expression against a datasource](/developer-docs/api/validate-a-sql-expression-against-a-datasource) | `/api/v1/datasource/{datasource_type}/{datasource_id}/validate_expression/` |
+
+</details>
+
+<details>
+<summary><strong>Advanced Data Type</strong> (2 endpoints) — Advanced data type operations and conversions.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Return an AdvancedDataTypeResponse](/developer-docs/api/return-an-advanced-data-type-response) | `/api/v1/advanced_data_type/convert` |
+| `GET` | [Return a list of available advanced data types](/developer-docs/api/return-a-list-of-available-advanced-data-types) | `/api/v1/advanced_data_type/types` |
+
+</details>
+
+#### Organization & Customization
+
+<details>
+<summary><strong>Tags</strong> (15 endpoints) — Organize assets with tags.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete tags](/developer-docs/api/bulk-delete-tags) | `/api/v1/tag/` |
+| `GET` | [Get a list of tags](/developer-docs/api/get-a-list-of-tags) | `/api/v1/tag/` |
+| `POST` | [Create a tag](/developer-docs/api/create-a-tag) | `/api/v1/tag/` |
+| `GET` | [Get metadata information about tag API endpoints](/developer-docs/api/get-metadata-information-about-tag-api-endpoints) | `/api/v1/tag/_info` |
+| `POST` | [Add tags to an object](/developer-docs/api/add-tags-to-an-object) | `/api/v1/tag/{object_type}/{object_id}/` |
+| `DELETE` | [Delete a tagged object](/developer-docs/api/delete-a-tagged-object) | `/api/v1/tag/{object_type}/{object_id}/{tag}/` |
+| `DELETE` | [Delete a tag](/developer-docs/api/delete-a-tag) | `/api/v1/tag/{pk}` |
+| `GET` | [Get a tag detail information](/developer-docs/api/get-a-tag-detail-information) | `/api/v1/tag/{pk}` |
+| `PUT` | [Update a tag](/developer-docs/api/update-a-tag) | `/api/v1/tag/{pk}` |
+| `DELETE` | [Delete tag by pk favorites](/developer-docs/api/delete-tag-by-pk-favorites) | `/api/v1/tag/{pk}/favorites/` |
+| `POST` | [Create tag by pk favorites](/developer-docs/api/create-tag-by-pk-favorites) | `/api/v1/tag/{pk}/favorites/` |
+| `POST` | [Bulk create tags and tagged objects](/developer-docs/api/bulk-create-tags-and-tagged-objects) | `/api/v1/tag/bulk_create` |
+| `GET` | [Get tag favorite status](/developer-docs/api/get-tag-favorite-status) | `/api/v1/tag/favorite_status/` |
+| `GET` | [Get all objects associated with a tag](/developer-docs/api/get-all-objects-associated-with-a-tag) | `/api/v1/tag/get_objects/` |
+| `GET` | [Get related fields data (tag-related-column-name)](/developer-docs/api/get-related-fields-data-tag-related-column-name) | `/api/v1/tag/related/{column_name}` |
+
+</details>
+
+<details>
+<summary><strong>Annotation Layers</strong> (14 endpoints) — Manage annotation layers and annotations for charts.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Delete multiple annotation layers in a bulk operation](/developer-docs/api/delete-multiple-annotation-layers-in-a-bulk-operation) | `/api/v1/annotation_layer/` |
+| `GET` | [Get a list of annotation layers (annotation-layer)](/developer-docs/api/get-a-list-of-annotation-layers-annotation-layer) | `/api/v1/annotation_layer/` |
+| `POST` | [Create an annotation layer (annotation-layer)](/developer-docs/api/create-an-annotation-layer-annotation-layer) | `/api/v1/annotation_layer/` |
+| `GET` | [Get metadata information about this API resource (annotation-layer--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-annotation-layer-info) | `/api/v1/annotation_layer/_info` |
+| `DELETE` | [Delete annotation layer (annotation-layer-pk)](/developer-docs/api/delete-annotation-layer-annotation-layer-pk) | `/api/v1/annotation_layer/{pk}` |
+| `GET` | [Get an annotation layer (annotation-layer-pk)](/developer-docs/api/get-an-annotation-layer-annotation-layer-pk) | `/api/v1/annotation_layer/{pk}` |
+| `PUT` | [Update an annotation layer (annotation-layer-pk)](/developer-docs/api/update-an-annotation-layer-annotation-layer-pk) | `/api/v1/annotation_layer/{pk}` |
+| `DELETE` | [Bulk delete annotation layers](/developer-docs/api/bulk-delete-annotation-layers) | `/api/v1/annotation_layer/{pk}/annotation/` |
+| `GET` | [Get a list of annotation layers (annotation-layer-pk-annotation)](/developer-docs/api/get-a-list-of-annotation-layers-annotation-layer-pk-annotation) | `/api/v1/annotation_layer/{pk}/annotation/` |
+| `POST` | [Create an annotation layer (annotation-layer-pk-annotation)](/developer-docs/api/create-an-annotation-layer-annotation-layer-pk-annotation) | `/api/v1/annotation_layer/{pk}/annotation/` |
+| `DELETE` | [Delete annotation layer (annotation-layer-pk-annotation-annotation-id)](/developer-docs/api/delete-annotation-layer-annotation-layer-pk-annotation-annotation-id) | `/api/v1/annotation_layer/{pk}/annotation/{annotation_id}` |
+| `GET` | [Get an annotation layer (annotation-layer-pk-annotation-annotation-id)](/developer-docs/api/get-an-annotation-layer-annotation-layer-pk-annotation-annotation-id) | `/api/v1/annotation_layer/{pk}/annotation/{annotation_id}` |
+| `PUT` | [Update an annotation layer (annotation-layer-pk-annotation-annotation-id)](/developer-docs/api/update-an-annotation-layer-annotation-layer-pk-annotation-annotation-id) | `/api/v1/annotation_layer/{pk}/annotation/{annotation_id}` |
+| `GET` | [Get related fields data (annotation-layer-related-column-name)](/developer-docs/api/get-related-fields-data-annotation-layer-related-column-name) | `/api/v1/annotation_layer/related/{column_name}` |
+
+</details>
+
+<details>
+<summary><strong>CSS Templates</strong> (8 endpoints) — Manage CSS templates for custom dashboard styling.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete CSS templates](/developer-docs/api/bulk-delete-css-templates) | `/api/v1/css_template/` |
+| `GET` | [Get a list of CSS templates](/developer-docs/api/get-a-list-of-css-templates) | `/api/v1/css_template/` |
+| `POST` | [Create a CSS template](/developer-docs/api/create-a-css-template) | `/api/v1/css_template/` |
+| `GET` | [Get metadata information about this API resource (css-template--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-css-template-info) | `/api/v1/css_template/_info` |
+| `DELETE` | [Delete a CSS template](/developer-docs/api/delete-a-css-template) | `/api/v1/css_template/{pk}` |
+| `GET` | [Get a CSS template](/developer-docs/api/get-a-css-template) | `/api/v1/css_template/{pk}` |
+| `PUT` | [Update a CSS template](/developer-docs/api/update-a-css-template) | `/api/v1/css_template/{pk}` |
+| `GET` | [Get related fields data (css-template-related-column-name)](/developer-docs/api/get-related-fields-data-css-template-related-column-name) | `/api/v1/css_template/related/{column_name}` |
+
+</details>
+
+#### Sharing & Embedding
+
+<details>
+<summary><strong>Dashboard Permanent Link</strong> (2 endpoints) — Permanent links to dashboard states.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `POST` | [Create a new dashboard's permanent link](/developer-docs/api/create-a-new-dashboards-permanent-link) | `/api/v1/dashboard/{pk}/permalink` |
+| `GET` | [Get dashboard's permanent link state](/developer-docs/api/get-dashboards-permanent-link-state) | `/api/v1/dashboard/permalink/{key}` |
+
+</details>
+
+<details>
+<summary><strong>Explore Permanent Link</strong> (2 endpoints) — Permanent links to chart explore states.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `POST` | [Create a new permanent link (explore-permalink)](/developer-docs/api/create-a-new-permanent-link-explore-permalink) | `/api/v1/explore/permalink` |
+| `GET` | [Get chart's permanent link state](/developer-docs/api/get-charts-permanent-link-state) | `/api/v1/explore/permalink/{key}` |
+
+</details>
+
+<details>
+<summary><strong>SQL Lab Permanent Link</strong> (2 endpoints) — Permanent links to SQL Lab states.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `POST` | [Create a new permanent link (sqllab-permalink)](/developer-docs/api/create-a-new-permanent-link-sqllab-permalink) | `/api/v1/sqllab/permalink` |
+| `GET` | [Get permanent link state for SQLLab editor.](/developer-docs/api/get-permanent-link-state-for-sql-lab-editor) | `/api/v1/sqllab/permalink/{key}` |
+
+</details>
+
+<details>
+<summary><strong>Embedded Dashboard</strong> (1 endpoints) — Configure embedded dashboard settings.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get a report schedule log (embedded-dashboard-uuid)](/developer-docs/api/get-a-report-schedule-log-embedded-dashboard-uuid) | `/api/v1/embedded_dashboard/{uuid}` |
+
+</details>
+
+<details>
+<summary><strong>Dashboard Filter State</strong> (4 endpoints) — Manage temporary filter state for dashboards.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `POST` | [Create a dashboard's filter state](/developer-docs/api/create-a-dashboards-filter-state) | `/api/v1/dashboard/{pk}/filter_state` |
+| `DELETE` | [Delete a dashboard's filter state value](/developer-docs/api/delete-a-dashboards-filter-state-value) | `/api/v1/dashboard/{pk}/filter_state/{key}` |
+| `GET` | [Get a dashboard's filter state value](/developer-docs/api/get-a-dashboards-filter-state-value) | `/api/v1/dashboard/{pk}/filter_state/{key}` |
+| `PUT` | [Update a dashboard's filter state value](/developer-docs/api/update-a-dashboards-filter-state-value) | `/api/v1/dashboard/{pk}/filter_state/{key}` |
+
+</details>
+
+<details>
+<summary><strong>Explore Form Data</strong> (4 endpoints) — Manage temporary form data for chart exploration.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `POST` | [Create a new form_data](/developer-docs/api/create-a-new-form-data) | `/api/v1/explore/form_data` |
+| `DELETE` | [Delete a form_data](/developer-docs/api/delete-a-form-data) | `/api/v1/explore/form_data/{key}` |
+| `GET` | [Get a form_data](/developer-docs/api/get-a-form-data) | `/api/v1/explore/form_data/{key}` |
+| `PUT` | [Update an existing form_data](/developer-docs/api/update-an-existing-form-data) | `/api/v1/explore/form_data/{key}` |
+
+</details>
+
+#### Scheduling & Alerts
+
+<details>
+<summary><strong>Report Schedules</strong> (11 endpoints) — Configure scheduled reports and alerts.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete report schedules](/developer-docs/api/bulk-delete-report-schedules) | `/api/v1/report/` |
+| `GET` | [Get a list of report schedules](/developer-docs/api/get-a-list-of-report-schedules) | `/api/v1/report/` |
+| `POST` | [Create a report schedule](/developer-docs/api/create-a-report-schedule) | `/api/v1/report/` |
+| `GET` | [Get metadata information about this API resource (report--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-report-info) | `/api/v1/report/_info` |
+| `DELETE` | [Delete a report schedule](/developer-docs/api/delete-a-report-schedule) | `/api/v1/report/{pk}` |
+| `GET` | [Get a report schedule](/developer-docs/api/get-a-report-schedule) | `/api/v1/report/{pk}` |
+| `PUT` | [Update a report schedule](/developer-docs/api/update-a-report-schedule) | `/api/v1/report/{pk}` |
+| `GET` | [Get a list of report schedule logs](/developer-docs/api/get-a-list-of-report-schedule-logs) | `/api/v1/report/{pk}/log/` |
+| `GET` | [Get a report schedule log (report-pk-log-log-id)](/developer-docs/api/get-a-report-schedule-log-report-pk-log-log-id) | `/api/v1/report/{pk}/log/{log_id}` |
+| `GET` | [Get related fields data (report-related-column-name)](/developer-docs/api/get-related-fields-data-report-related-column-name) | `/api/v1/report/related/{column_name}` |
+| `GET` | [Get slack channels](/developer-docs/api/get-slack-channels) | `/api/v1/report/slack_channels/` |
+
+</details>
+
+#### Security & Access Control
+
+<details>
+<summary><strong>Security Roles</strong> (11 endpoints) — Manage security roles and their permissions.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get security roles](/developer-docs/api/get-security-roles) | `/api/v1/security/roles/` |
+| `POST` | [Create security roles](/developer-docs/api/create-security-roles) | `/api/v1/security/roles/` |
+| `GET` | [Get security roles  info](/developer-docs/api/get-security-roles-info) | `/api/v1/security/roles/_info` |
+| `DELETE` | [Delete security roles by pk](/developer-docs/api/delete-security-roles-by-pk) | `/api/v1/security/roles/{pk}` |
+| `GET` | [Get security roles by pk](/developer-docs/api/get-security-roles-by-pk) | `/api/v1/security/roles/{pk}` |
+| `PUT` | [Update security roles by pk](/developer-docs/api/update-security-roles-by-pk) | `/api/v1/security/roles/{pk}` |
+| `PUT` | [Update security roles by role_id groups](/developer-docs/api/update-security-roles-by-role-id-groups) | `/api/v1/security/roles/{role_id}/groups` |
+| `POST` | [Create security roles by role_id permissions](/developer-docs/api/create-security-roles-by-role-id-permissions) | `/api/v1/security/roles/{role_id}/permissions` |
+| `GET` | [Get security roles by role_id permissions](/developer-docs/api/get-security-roles-by-role-id-permissions) | `/api/v1/security/roles/{role_id}/permissions/` |
+| `PUT` | [Update security roles by role_id users](/developer-docs/api/update-security-roles-by-role-id-users) | `/api/v1/security/roles/{role_id}/users` |
+| `GET` | [List roles](/developer-docs/api/list-roles) | `/api/v1/security/roles/search/` |
+
+</details>
+
+<details>
+<summary><strong>Security Users</strong> (6 endpoints) — Manage user accounts.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get security users](/developer-docs/api/get-security-users) | `/api/v1/security/users/` |
+| `POST` | [Create security users](/developer-docs/api/create-security-users) | `/api/v1/security/users/` |
+| `GET` | [Get security users  info](/developer-docs/api/get-security-users-info) | `/api/v1/security/users/_info` |
+| `DELETE` | [Delete security users by pk](/developer-docs/api/delete-security-users-by-pk) | `/api/v1/security/users/{pk}` |
+| `GET` | [Get security users by pk](/developer-docs/api/get-security-users-by-pk) | `/api/v1/security/users/{pk}` |
+| `PUT` | [Update security users by pk](/developer-docs/api/update-security-users-by-pk) | `/api/v1/security/users/{pk}` |
+
+</details>
+
+<details>
+<summary><strong>Security Permissions</strong> (3 endpoints) — View available permissions.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get security permissions](/developer-docs/api/get-security-permissions) | `/api/v1/security/permissions/` |
+| `GET` | [Get security permissions  info](/developer-docs/api/get-security-permissions-info) | `/api/v1/security/permissions/_info` |
+| `GET` | [Get security permissions by pk](/developer-docs/api/get-security-permissions-by-pk) | `/api/v1/security/permissions/{pk}` |
+
+</details>
+
+<details>
+<summary><strong>Security Resources (View Menus)</strong> (6 endpoints) — Manage security resources (view menus).</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get security resources](/developer-docs/api/get-security-resources) | `/api/v1/security/resources/` |
+| `POST` | [Create security resources](/developer-docs/api/create-security-resources) | `/api/v1/security/resources/` |
+| `GET` | [Get security resources  info](/developer-docs/api/get-security-resources-info) | `/api/v1/security/resources/_info` |
+| `DELETE` | [Delete security resources by pk](/developer-docs/api/delete-security-resources-by-pk) | `/api/v1/security/resources/{pk}` |
+| `GET` | [Get security resources by pk](/developer-docs/api/get-security-resources-by-pk) | `/api/v1/security/resources/{pk}` |
+| `PUT` | [Update security resources by pk](/developer-docs/api/update-security-resources-by-pk) | `/api/v1/security/resources/{pk}` |
+
+</details>
+
+<details>
+<summary><strong>Security Permissions on Resources (View Menus)</strong> (6 endpoints) — Permission-resource mappings.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get security permissions resources](/developer-docs/api/get-security-permissions-resources) | `/api/v1/security/permissions-resources/` |
+| `POST` | [Create security permissions resources](/developer-docs/api/create-security-permissions-resources) | `/api/v1/security/permissions-resources/` |
+| `GET` | [Get security permissions resources  info](/developer-docs/api/get-security-permissions-resources-info) | `/api/v1/security/permissions-resources/_info` |
+| `DELETE` | [Delete security permissions resources by pk](/developer-docs/api/delete-security-permissions-resources-by-pk) | `/api/v1/security/permissions-resources/{pk}` |
+| `GET` | [Get security permissions resources by pk](/developer-docs/api/get-security-permissions-resources-by-pk) | `/api/v1/security/permissions-resources/{pk}` |
+| `PUT` | [Update security permissions resources by pk](/developer-docs/api/update-security-permissions-resources-by-pk) | `/api/v1/security/permissions-resources/{pk}` |
+
+</details>
+
+<details>
+<summary><strong>Row Level Security</strong> (8 endpoints) — Manage row-level security rules for data access.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete RLS rules](/developer-docs/api/bulk-delete-rls-rules) | `/api/v1/rowlevelsecurity/` |
+| `GET` | [Get a list of RLS](/developer-docs/api/get-a-list-of-rls) | `/api/v1/rowlevelsecurity/` |
+| `POST` | [Create a new RLS rule](/developer-docs/api/create-a-new-rls-rule) | `/api/v1/rowlevelsecurity/` |
+| `GET` | [Get metadata information about this API resource (rowlevelsecurity--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-rowlevelsecurity-info) | `/api/v1/rowlevelsecurity/_info` |
+| `DELETE` | [Delete an RLS](/developer-docs/api/delete-an-rls) | `/api/v1/rowlevelsecurity/{pk}` |
+| `GET` | [Get an RLS](/developer-docs/api/get-an-rls) | `/api/v1/rowlevelsecurity/{pk}` |
+| `PUT` | [Update an RLS rule](/developer-docs/api/update-an-rls-rule) | `/api/v1/rowlevelsecurity/{pk}` |
+| `GET` | [Get related fields data (rowlevelsecurity-related-column-name)](/developer-docs/api/get-related-fields-data-rowlevelsecurity-related-column-name) | `/api/v1/rowlevelsecurity/related/{column_name}` |
+
+</details>
+
+#### Import/Export & Administration
+
+<details>
+<summary><strong>Import/export</strong> (2 endpoints) — Import and export Superset assets.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Export all assets](/developer-docs/api/export-all-assets) | `/api/v1/assets/export/` |
+| `POST` | [Import multiple assets](/developer-docs/api/import-multiple-assets) | `/api/v1/assets/import/` |
+
+</details>
+
+<details>
+<summary><strong>CacheRestApi</strong> (1 endpoints) — Cache management and invalidation operations.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `POST` | [Invalidate cache records and remove the database records](/developer-docs/api/invalidate-cache-records-and-remove-the-database-records) | `/api/v1/cachekey/invalidate` |
+
+</details>
+
+<details>
+<summary><strong>LogRestApi</strong> (4 endpoints) — Access audit logs and activity history.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get a list of logs](/developer-docs/api/get-a-list-of-logs) | `/api/v1/log/` |
+| `POST` | [Create log](/developer-docs/api/create-log) | `/api/v1/log/` |
+| `GET` | [Get a log detail information](/developer-docs/api/get-a-log-detail-information) | `/api/v1/log/{pk}` |
+| `GET` | [Get recent activity data for a user](/developer-docs/api/get-recent-activity-data-for-a-user) | `/api/v1/log/recent_activity/` |
+
+</details>
+
+#### User & System
+
+<details>
+<summary><strong>Current User</strong> (3 endpoints) — Get information about the authenticated user.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get the user object](/developer-docs/api/get-the-user-object) | `/api/v1/me/` |
+| `PUT` | [Update the current user](/developer-docs/api/update-the-current-user) | `/api/v1/me/` |
+| `GET` | [Get the user roles](/developer-docs/api/get-the-user-roles) | `/api/v1/me/roles/` |
+
+</details>
+
+<details>
+<summary><strong>User</strong> (1 endpoints) — User profile and preferences.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get the user avatar](/developer-docs/api/get-the-user-avatar) | `/api/v1/user/{user_id}/avatar.png` |
+
+</details>
+
+<details>
+<summary><strong>Menu</strong> (1 endpoints) — Get the Superset menu structure.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get menu](/developer-docs/api/get-menu) | `/api/v1/menu/` |
+
+</details>
+
+<details>
+<summary><strong>Available Domains</strong> (1 endpoints) — Get available domains for the Superset instance.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get all available domains](/developer-docs/api/get-all-available-domains) | `/api/v1/available_domains/` |
+
+</details>
+
+<details>
+<summary><strong>AsyncEventsRestApi</strong> (1 endpoints) — Real-time event streaming via Server-Sent Events (SSE).</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Read off of the Redis events stream](/developer-docs/api/read-off-of-the-redis-events-stream) | `/api/v1/async_event/` |
+
+</details>
+
+<details>
+<summary><strong>OpenApi</strong> (1 endpoints) — Access the OpenAPI specification.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get api by version  openapi](/developer-docs/api/get-api-by-version-openapi) | `/api/{version}/_openapi` |
+
+</details>
+
+#### Other
+
+<details>
+<summary><strong>Security Groups</strong> (6 endpoints) — Endpoints related to Security Groups.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get security groups](/developer-docs/api/get-security-groups) | `/api/v1/security/groups/` |
+| `POST` | [Create security groups](/developer-docs/api/create-security-groups) | `/api/v1/security/groups/` |
+| `GET` | [Get security groups  info](/developer-docs/api/get-security-groups-info) | `/api/v1/security/groups/_info` |
+| `DELETE` | [Delete security groups by pk](/developer-docs/api/delete-security-groups-by-pk) | `/api/v1/security/groups/{pk}` |
+| `GET` | [Get security groups by pk](/developer-docs/api/get-security-groups-by-pk) | `/api/v1/security/groups/{pk}` |
+| `PUT` | [Update security groups by pk](/developer-docs/api/update-security-groups-by-pk) | `/api/v1/security/groups/{pk}` |
+
+</details>
+
+<details>
+<summary><strong>Themes</strong> (14 endpoints) — Manage UI themes for customizing Superset's appearance.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `DELETE` | [Bulk delete themes](/developer-docs/api/bulk-delete-themes) | `/api/v1/theme/` |
+| `GET` | [Get a list of themes](/developer-docs/api/get-a-list-of-themes) | `/api/v1/theme/` |
+| `POST` | [Create a theme](/developer-docs/api/create-a-theme) | `/api/v1/theme/` |
+| `GET` | [Get metadata information about this API resource (theme--info)](/developer-docs/api/get-metadata-information-about-this-api-resource-theme-info) | `/api/v1/theme/_info` |
+| `DELETE` | [Delete a theme](/developer-docs/api/delete-a-theme) | `/api/v1/theme/{pk}` |
+| `GET` | [Get a theme](/developer-docs/api/get-a-theme) | `/api/v1/theme/{pk}` |
+| `PUT` | [Update a theme](/developer-docs/api/update-a-theme) | `/api/v1/theme/{pk}` |
+| `PUT` | [Set a theme as the system dark theme](/developer-docs/api/set-a-theme-as-the-system-dark-theme) | `/api/v1/theme/{pk}/set_system_dark` |
+| `PUT` | [Set a theme as the system default theme](/developer-docs/api/set-a-theme-as-the-system-default-theme) | `/api/v1/theme/{pk}/set_system_default` |
+| `GET` | [Download multiple themes as YAML files](/developer-docs/api/download-multiple-themes-as-yaml-files) | `/api/v1/theme/export/` |
+| `POST` | [Import themes from a ZIP file](/developer-docs/api/import-themes-from-a-zip-file) | `/api/v1/theme/import/` |
+| `GET` | [Get related fields data (theme-related-column-name)](/developer-docs/api/get-related-fields-data-theme-related-column-name) | `/api/v1/theme/related/{column_name}` |
+| `DELETE` | [Clear the system dark theme](/developer-docs/api/clear-the-system-dark-theme) | `/api/v1/theme/unset_system_dark` |
+| `DELETE` | [Clear the system default theme](/developer-docs/api/clear-the-system-default-theme) | `/api/v1/theme/unset_system_default` |
+
+</details>
+
+<details>
+<summary><strong>UserRegistrationsRestAPI</strong> (8 endpoints) — Endpoints related to UserRegistrationsRestAPI.</summary>
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| `GET` | [Get security user registrations](/developer-docs/api/get-security-user-registrations) | `/api/v1/security/user_registrations/` |
+| `POST` | [Create security user registrations](/developer-docs/api/create-security-user-registrations) | `/api/v1/security/user_registrations/` |
+| `GET` | [Get security user registrations  info](/developer-docs/api/get-security-user-registrations-info) | `/api/v1/security/user_registrations/_info` |
+| `DELETE` | [Delete security user registrations by pk](/developer-docs/api/delete-security-user-registrations-by-pk) | `/api/v1/security/user_registrations/{pk}` |
+| `GET` | [Get security user registrations by pk](/developer-docs/api/get-security-user-registrations-by-pk) | `/api/v1/security/user_registrations/{pk}` |
+| `PUT` | [Update security user registrations by pk](/developer-docs/api/update-security-user-registrations-by-pk) | `/api/v1/security/user_registrations/{pk}` |
+| `GET` | [Get distinct values from field data (security-user-registrations-distinct-column-name)](/developer-docs/api/get-distinct-values-from-field-data-security-user-registrations-distinct-column-name) | `/api/v1/security/user_registrations/distinct/{column_name}` |
+| `GET` | [Get related fields data (security-user-registrations-related-column-name)](/developer-docs/api/get-related-fields-data-security-user-registrations-related-column-name) | `/api/v1/security/user_registrations/related/{column_name}` |
+
+</details>
+
+---
+
+### Additional Resources
+
+- [Superset REST API Blog Post](https://preset.io/blog/2020-10-01-superset-api/)
+- [Accessing APIs with Superset](https://preset.io/blog/accessing-apis-with-superset/)

docs/developer_docs_versioned_docs/version-6.1.0/api/add-tags-to-an-object.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"in":"path","name":"object_type","required":true,"schema":{"type":"integer"}},{"in":"path","name":"object_id","required":true,"schema":{"type":"integer"}}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/add-tags-to-an-object.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body","body":{"content":{"application/json":{"schema":{"properties":{"tags":{"description":"list of tag names to add to object","items":{"type":"string"},"type":"array"}},"type":"object"},"example":{"tags":["string"]}}},"description":"Tag schema","required":true}}

docs/developer_docs_versioned_docs/version-6.1.0/api/add-tags-to-an-object.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"201":{"description":"Tag added"},"302":{"description":"Redirects to the current digest"},"400":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Bad request: Invalid parameters provided"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/add-tags-to-an-object.api.mdx

@@ -0,0 +1,68 @@
+---
+id: add-tags-to-an-object
+title: "Add tags to an object"
+description: "Adds tags to an object. Creates new tags if they do not already exist."
+sidebar_label: "Add tags to an object"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV21v2zYQ/iuHw4AmmBInXQcUKvohDVq0XZcGsYsNiIKUEc8WG5lUScqNJ+i/D0dK8uu6lw7oJ5nk3fGeh8eH5wYludyqyiujMcUzKR14MXPgDQgN5u4T5f4Yzi0JTw40fYnLagq+oCVIA9p4EKUlIZdAD8r5Y0ywElbMyZN1mF43qDh4JXyBCWoxJ0wxhr71y4owQUufa2VJYuptTQm6vKC5wLTBYJCi0p5mZLFtk6+FU/LfBbuJ1uT8CyOXbJIb7Ul7/imqqlS5YG5GnxwT1KzFqqypyHpFLkQWs/Dd5LNUzoOZMmfAiUZepeRPzBgTVJ7mbi07563SM2yTfkJYK5aMvJ/oXNsE6UHMq5JWGVz37jctO2ymMxEz6ABss9TyhKuMdhHP45PTXTjsL6QkyVv/dPJ41+KKpLKU+wDUFwR5bS1pD1LNyIWUn5ycfAPPc3JOzGgPXX9Dz+CIL4SE7tBTeKMXolQSVgULlTULFUDuMrjmG7Gcfl8sH7SofWGs+oNkCme1L0j7bn8YTngPkHXHiOTJ90VyYTxMTa1lCpOCepKJ6XamtjmBNKxAxkeV2QdqiMG7/Py96+yN9mS1KMGRXZAFstbYFM401JoeKsoZXZgEk4d7svekXgkvymgXNneU11b5ZRDWT188ptc3rGP9/Z/w9ybBh6PcSBqHxKIKl0LPMMX8w9U7TLAUd1SuhpFkHte2hKPf4fL9eAIZFt5X6WhUmlyUhXE+fXry9OlIVGq0OB15MRs1a0reDiMl21GGkGWZBjh6DRmedfUW+E/hBQlLFn44Oz9/OR7fTt7/8vJi0+E8ntzRZFlRCtuHt7KV8KjJ8J6WGaaQ4UKUNWXYPkJ+KjrMl0tfGL2GepgYcKt5ZazvC89lOtO9IsLzYfq4Ms4f8L7wreQkMUpBQpJ1z5stiiKajqYM4UcQeU7O3XpzT7rtvJmK5/vgZ/ow05VV2h/0MI7Z+ODwcJ2Yt2IhxqHa1sjZmFwVhtGO+Rk4EV+E8jAlnxeBkf+DjybCmpMvjGQ8XIbbXKW9GWzXFXPwsS+tJhI2CXx9TFYu65UVWdutrmjd03xn5DKFt+P3F8dRB9R0edDAPS3XOIf2kK2Z+meZjnRJ4cVA1dZBdEampOPSzA7Y9PAZ8l2O8LnJMc6HdsoXmOI/Y5LPLChOvPW15SPdezK4rTXveBkkLag01Zzf7RgpVEwM1FTWeJObsk1Ho4ZDtWnDN6fdiXZeO2/mfYgEF8IqcVdGge3DxB5iKurSd2ligqTrOWtZN+RP0LTN+K8nk0sY4rQJcjab8Qa8O8mNoyjzGndmYCy8ueQgjGUzyF6qOv9g3YZGshfmMT8pEWSQ5wbvQkG+MnYuON7b3ybYdaV8r+IqDs9KAN0m7HxraWrJFf81CEdxRl+tWtyXX2kYE1R6anabunFdkXXEHHrl2Xl9igst2i1OI3/Oz0V4XLvePP57CE3w3RKqe5iKhbHKk9tmde25xl+FvXehh2RH4QYvmBq70VvWbh25pwc/qkqhNGcTirbpLtA1ikpxyqcY3ktMMK3uMcH1hLjOYiFdY9PcCUcfbNm2PP25Jsvv7s2qlsMVk8rxb4npVJSOvgLq4KrryQ7hrzLum369DFemrHmECSs8C8I9tnxSUQnD7nHhLM8p6HXvstPtbAgLyyomyE3gWo8zVFH3g8PvzadpokXU1nZIL7xNnGHb/gm5yu7H
+sidebar_class_name: "post api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Add tags to an object"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"post"}
+  path={"/api/v1/tag/{object_type}/{object_id}/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Adds tags to an object. Creates new tags if they do not already exist.
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./add-tags-to-an-object.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./add-tags-to-an-object.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./add-tags-to-an-object.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/advanced-data-type.tag.mdx

@@ -0,0 +1,13 @@
+---
+id: advanced-data-type
+title: "Advanced Data Type"
+description: "Advanced Data Type"
+custom_edit_url: null
+---
+
+Advanced data type operations and conversions.
+
+| Method | Endpoint | Path |
+|--------|----------|------|
+| `GET` | [Return an AdvancedDataTypeResponse](./return-an-advanced-data-type-response) | `/api/v1/advanced_data_type/convert` |
+| `GET` | [Return a list of available advanced data types](./return-a-list-of-available-advanced-data-types) | `/api/v1/advanced_data_type/types` |

docs/developer_docs_versioned_docs/version-6.1.0/api/annotation-layers.tag.mdx

@@ -0,0 +1,25 @@
+---
+id: annotation-layers
+title: "Annotation Layers"
+description: "Annotation Layers"
+custom_edit_url: null
+---
+
+Manage annotation layers and annotations for charts.
+
+| Method | Endpoint | Path |
+|--------|----------|------|
+| `DELETE` | [Delete multiple annotation layers in a bulk operation](./delete-multiple-annotation-layers-in-a-bulk-operation) | `/api/v1/annotation_layer/` |
+| `GET` | [Get a list of annotation layers (annotation-layer)](./get-a-list-of-annotation-layers-annotation-layer) | `/api/v1/annotation_layer/` |
+| `POST` | [Create an annotation layer (annotation-layer)](./create-an-annotation-layer-annotation-layer) | `/api/v1/annotation_layer/` |
+| `GET` | [Get metadata information about this API resource (annotation-layer--info)](./get-metadata-information-about-this-api-resource-annotation-layer-info) | `/api/v1/annotation_layer/_info` |
+| `DELETE` | [Delete annotation layer (annotation-layer-pk)](./delete-annotation-layer-annotation-layer-pk) | `/api/v1/annotation_layer/{pk}` |
+| `GET` | [Get an annotation layer (annotation-layer-pk)](./get-an-annotation-layer-annotation-layer-pk) | `/api/v1/annotation_layer/{pk}` |
+| `PUT` | [Update an annotation layer (annotation-layer-pk)](./update-an-annotation-layer-annotation-layer-pk) | `/api/v1/annotation_layer/{pk}` |
+| `DELETE` | [Bulk delete annotation layers](./bulk-delete-annotation-layers) | `/api/v1/annotation_layer/{pk}/annotation/` |
+| `GET` | [Get a list of annotation layers (annotation-layer-pk-annotation)](./get-a-list-of-annotation-layers-annotation-layer-pk-annotation) | `/api/v1/annotation_layer/{pk}/annotation/` |
+| `POST` | [Create an annotation layer (annotation-layer-pk-annotation)](./create-an-annotation-layer-annotation-layer-pk-annotation) | `/api/v1/annotation_layer/{pk}/annotation/` |
+| `DELETE` | [Delete annotation layer (annotation-layer-pk-annotation-annotation-id)](./delete-annotation-layer-annotation-layer-pk-annotation-annotation-id) | `/api/v1/annotation_layer/{pk}/annotation/{annotation_id}` |
+| `GET` | [Get an annotation layer (annotation-layer-pk-annotation-annotation-id)](./get-an-annotation-layer-annotation-layer-pk-annotation-annotation-id) | `/api/v1/annotation_layer/{pk}/annotation/{annotation_id}` |
+| `PUT` | [Update an annotation layer (annotation-layer-pk-annotation-annotation-id)](./update-an-annotation-layer-annotation-layer-pk-annotation-annotation-id) | `/api/v1/annotation_layer/{pk}/annotation/{annotation_id}` |
+| `GET` | [Get related fields data (annotation-layer-related-column-name)](./get-related-fields-data-annotation-layer-related-column-name) | `/api/v1/annotation_layer/related/{column_name}` |

docs/developer_docs_versioned_docs/version-6.1.0/api/assemble-explore-related-information-in-a-single-endpoint.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"in":"query","name":"form_data_key","schema":{"type":"string"}},{"in":"query","name":"permalink_key","schema":{"type":"string"}},{"in":"query","name":"slice_id","schema":{"type":"integer"}},{"in":"query","name":"datasource_id","schema":{"type":"integer"}},{"in":"query","name":"datasource_type","schema":{"type":"string"}}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/assemble-explore-related-information-in-a-single-endpoint.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/assemble-explore-related-information-in-a-single-endpoint.api.mdx

@@ -0,0 +1,68 @@
+---
+id: assemble-explore-related-information-in-a-single-endpoint
+title: "Assemble Explore related information in a single endpoint"
+description: "Assembles Explore related information (form_data, slice, dataset) in a single endpoint.<br/><br/> The information can be assembled from:<br/> - The cache using a form_data_key<br/> - The metadata database using a permalink_key<br/> - Build from scratch using dataset or slice identifiers."
+sidebar_label: "Assemble Explore related information in a single endpoint"
+hide_title: true
+hide_table_of_contents: true
+api: eJztGWtvG7nxrxBEgcaoYifBFQj2egUcn3Nx6kvSWGkLRMGG2h1pmXDJDcmVrQr678UMudJK4tpO7tp86RdbS84M5/0gV7wEV1jZeGk0z/ipc1BPFTh2ftMoY4FZUMJDyaSeGVsLhGMP8GdeCi9GzClZwIjhhwN/xKRmgjmp5woY6LIxUvvjv0ztyV/pDxtXsEOrEJpNgYl4cMlm1tRZgH1I0IUoKmAt0mSCbY7OP8OyD1aDF7hOrEyF26I0YGuhpP7cR3nWShUOY66wwhdVhI+SMGODbEyWoL2cSbDumI94I6yowYN1PHu/4hLV9qUFu+QjrkUNPOM7PPIRd0UFteDZivtlgwDOW6nnfL0epQnscPwtBIjzXJYpXKk9zMEOI5MGTGt/FwqEcpsEH0bcgmuMduBw/8mjR/ivMNqD9vhTNI2SBbnLySeHfrrq0WusacB6GbCj9Q43yItyL2swLW3vOv7PrY2+LTVzUBhduiNmZsxHD0TXiNjog8xX0nW+gm6xr5oRL4xqa50HV3eHR57RPov7PRpm+gkKvyUxiOs2To/Y0kPtehrekokLwlqxxO8uQhJq6GJHOGcKSZF/LX1FajiUdntEz+LBB1KUMaxwt0ehc4MRL2EmWuXzLmkkSASITVqJdkgx1ifbIzHEVG81SQRK6fPWqkMKmHnevb0kVhCK3OQOluDGW3FI6uXV61csQDH0fiE1/iRoXJjJeeekoKAGPeA0M/BFlS+EasHljYUSYydhkTfdFmsdmrkCzQgXTw3oIT/eJc9MKg82d6CQg4Nzrs4vz8/GLEAxCmYomTcDdKfGKBD6gHAOWmCBODzgIkTp7jnSsYiQpj23QrdKWOmXufuiEvZ4JWqgDAB1Y6xQLERj0Ba5nqwhHocqw6Wrv1+ybSi4YzbGNDGToErkqITGAqq8HCEZ9rHHxUcmtfMgyp1Yvn9Q739XIJSv8qKC4nNeg3NinnCCFwTFCIpFqKSRZULxXfhc/JzOgNKhapWY5gsJ14OG6yqudEyQBi/FlCFG2nK1kDovva/zwgxEJILs2y0pVQ3eyiKRYDvRIsDX5ddvzIBmNoulK40Y9tOqNrYEm0+XeVEZWUBCokvpkAQjSDZdRrW4W91ty9xd7mauNbVEg8fSfr+ZSqi0J9A+fWq7EvTPKT2G3VsKwtZY2FslkiHYWjpHyfWmsUA/k1badh5pK4X9NGpIZM4Lm0iTtMmEUqxQonVpH3FfEi5/SlHjvPBUFpivBNa0mdTg7szeHpPkQNHGWNJdGqyAEew9e4PeCVA3OETkQzYcE9kOLBozaTxMufncYgZIJ+3O3TbBv82wEhxzbdMYi5xPl/t8/w5BEL6HPAN3kwpqb0uurZZf2v4UkiSxADs1DvJaNIekfhVNQxUKq7kV18Gm3rCItZ+SOn2v91fQAF7Bljuq0t20c3jwc2NrUvG2kejmSuxwrFEulFNvqA8O3XYlrP9jaK4ZDRZJVxgsaad62VWyzfQau43GmgIcHmjhSwsu7a80PP2PJggSdmB+wKNncfDJS/BCqlSlChubk/pYSfEiBJT5dJlMhM5onH7n1rRNyCWVcGyD1o0+rpoaYcv0GZXQcyjzVNM9ljU4L+qmY1kJ51ltyh22w1gUZkl4iHq7/Zy8amuh5b9TDeLdJ+K1BRFgFkRJ6QgZSE8Um/5uIGhp766AvXUuuaKLh7umkt5+Xgv7GcrSXKeoCS09aoa9GP96iUFPda5zGPTA/8IERFGUnhfukzBSRWaf5DYZSJfXQgt0BbjxYLVQKuHcF32RpWMRh5nWO1kC2+IOtJ7kMikXu/wtHjXUO70+6JlSfegtTRNlz5yuUm4SKYtu18JmUt/DyXdzv5SkGe7NhqaCgDvccATswS45oA+6YsB+9/YygXxLPaOIuxUiFq6zoK+r0AXSNC/qRsHu5dOel/fLVcfNts6s1+v9hMDfgm+tDt2bxPClOYaOPsZTf/hNt2S92nmXinYl3ErxTGyKaMYu9EIoWbLt3SiW2oUsoeQJ4Xq4QZbH31eWd1q0vjIWc2TGTltfYcDFOEZGpU0L0kcMkvzwfSV5ZbC3aHWZ0Z14VDL1O7EslQYc08YzuJGo/kOhNjRIoidPvrdtYtNGKRTt4pcZ+we6W7wLs9bYlBxnplUliRopRGw86s/fO3wudKg0zIFdgA1SZOxUs1bDTQMFGo0WmSmK1g444HPhhdqoACfMosXLJHqa+HTtefb+A96wezHH54ouifEPI37zsDAlXBFv4SlDCT3nGS/evb3kI67EFNT2s+t4eNFaxR7+i/1yPmYTXnnfZCcnyhRCVcb57Omjp09PRCNPFo9PIJx2MuFsMploxh6+YBN+GkOGdJ2xZyAsWPaH07Oz86urfPz6b+evJpzj00Jk6M3SV0b3WNosbJiSOO35zt/dRE9096jAftosH8/BP0A+2P05HwX4CkQJ1v202uN/wjM24VGGCWd/YqJAX8u9+Qx6PdFHE91Yqf2Djp9j9K4HR0d9CV+Khbgis/ak3Fncqt9oh4JuhBPXQvpwcUuyfZ1kqx3xsu6b7dsJ5fzYmWoVZByTiB8Dxhr/obw/TnTgkdq4jr896SOQUXCszPwBgh79yNFTa/CVKXnG5+Dptc1XPOP73KNGKHCC51I3kJab74fMJW6zEhagTEPXJYES2SMQWjXWeFMYtc5OTlZIap2t0MHWB9TOWufxCTGQGPGFsBIzlYtZg8iEToUeLyKbfMRBtzWGZPzEfw7jcu9+djx+wzZ08FrXOL9LbyPvAXNXIbfgXrjFseziDd2BGbtHJKmqiE/Qa3qp6/ILtT9BSMoyKz4l33jeTW0v/znuXv2oh6bdbUdGQq9HiJxbmFlw1bcSwe5fz0xi7GkbsA52urztUpyCeMYXj4NKnK8Fpf34iNm9hd/6FJ567t7XY6/O/P+B/e4H9mhdbHVPGiUkTV6x3w/p4D0XjUQbPsY4iiVtxDF6Qni856sVcvjOqvUal8P7NKaKUrr4jDQTysGI4wv74ZM9vX/xLNShAZz9V/r74PQe5u8Dvv8U/5U48fF9i/Vhm6GoNaBnohIsqSagnxYFUMnpsA46o500/cs5xii2wb12aBOp8QdS72ZT3VfVahUgQinB9BqYoOrJ1x/W6/V/AFE8FoM=
+sidebar_class_name: "get api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Assemble Explore related information in a single endpoint"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"get"}
+  path={"/api/v1/explore/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Assembles Explore related information (form_data, slice, dataset) in a single endpoint.<br/><br/> The information can be assembled from:<br/> - The cache using a form_data_key<br/> - The metadata database using a permalink_key<br/> - Build from scratch using dataset or slice identifiers.
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./assemble-explore-related-information-in-a-single-endpoint.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./assemble-explore-related-information-in-a-single-endpoint.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./assemble-explore-related-information-in-a-single-endpoint.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/async-events-rest-api.tag.mdx

@@ -0,0 +1,12 @@
+---
+id: async-events-rest-api
+title: "AsyncEventsRestApi"
+description: "AsyncEventsRestApi"
+custom_edit_url: null
+---
+
+Real-time event streaming via Server-Sent Events (SSE).
+
+| Method | Endpoint | Path |
+|--------|----------|------|
+| `GET` | [Read off of the Redis events stream](./read-off-of-the-redis-events-stream) | `/api/v1/async_event/` |

docs/developer_docs_versioned_docs/version-6.1.0/api/available-domains.tag.mdx

@@ -0,0 +1,12 @@
+---
+id: available-domains
+title: "Available Domains"
+description: "Available Domains"
+custom_edit_url: null
+---
+
+Get available domains for the Superset instance.
+
+| Method | Endpoint | Path |
+|--------|----------|------|
+| `GET` | [Get all available domains](./get-all-available-domains) | `/api/v1/available_domains/` |

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-create-tags-and-tagged-objects.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body","body":{"content":{"application/json":{"schema":{"properties":{"tags":{"items":{"properties":{"description":{"nullable":true,"type":"string"},"name":{"minLength":1,"type":"string"},"objects_to_tag":{"description":"Objects to tag","items":{},"type":"array"}},"type":"object","title":"TagObject"},"type":"array"}},"type":"object","title":"TagPostBulkSchema"},"example":{"tags":[{}]}}},"description":"Tag schema","required":true}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-create-tags-and-tagged-objects.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"result":{"properties":{"objects_skipped":{"description":"Objects to tag","items":{},"type":"array"},"objects_tagged":{"description":"Objects to tag","items":{},"type":"array"}},"type":"object","title":"TagPostBulkResponseObject"}},"type":"object","title":"TagPostBulkResponseSchema"},"example":{"result":{}}}},"description":"Bulk created tags and tagged objects"},"302":{"description":"Redirects to the current digest"},"400":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Bad request: Invalid parameters provided"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-create-tags-and-tagged-objects.api.mdx

@@ -0,0 +1,66 @@
+---
+id: bulk-create-tags-and-tagged-objects
+title: "Bulk create tags and tagged objects"
+description: "Bulk create tags and tagged objects"
+sidebar_label: "Bulk create tags and tagged objects"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV21P3DgQ/ivW6KSCLrDQ60lVqn4ARNX2KkDsVncSWVFvMiTuJnZqOwvbKP/9NHaSzb4gtfCBT4ntmfE8z4zH4xo0/qjQ2FOVLCGsIVbSorT0y8syFzG3QsnRd6MkzZk4w4LTX6lVidoKNDSyPHVfYbEw28sJmliLkkzRUFZ5zmc5Qmh1hQHYZYkQgrFayBSaACQvkAQLIb+gTG0G4fEOMTX7jrE1t1bdWp5ubQSXfp1ZxWg96N1remNca76EZjXhbUIAVljyECY89XbgN7WulLGnVT4fe86aAPCBF2WOK8Ju6mbakJl1vyc8ZS3TgQuQ0Jh4shqaMKWSxjP7+ujoGWHTaKrcbs93xJq5KEva+unMDqLE0/R5tn6N7+uWny5qv6e1M1o9T82OaJE2izVyiwkhMIxL95NiwlrwZO+vo9fb4K8xEbqHnyGLK61RWpaIFI3LuTfPCnGBxvDU59z6+dniZR1zrwinPGFtmQjZJ7nguUhYyTUv0KI2rNRqIRJMYBc5K12P5fhlsXyVvLKZ0uInJiE7qWyG0rb7s/6o7QAyVPRI3rwskgtl2Z2qZBKySYYdyUh0G1XpGFmi0DCpLMMHQfRvg+pt0C5/v3SefZIWteQ5M6gXqBlqrXTITiSrJD6UGBM6N8lU7M7Jzkh94JbnXs5tbjCutLBLKrfw/d5CeDNtpkFXgqkIGJgG8HAQqwTHzjFXmyHnMoUQ4q/XXyCAnM8wXw09yTSudM4O/mNXl+MJiyCztgxHo1zFPM+UseHbo7dvR7wUo8XxyPJ0NKvy+a2vFxGwKIokYwcfWQQnbYI5wkN2ilyjZn+cnJ2dj8e3k8t/zi/WFc58qA4myxJDthmtlWzCXtURzHEZQcgiWPC8wgiaV9AEPcirpc2UHMDsJ3qgoiiVtl2mmUhGsruL2Pt++rBUxu7Rvuy32Qi8WoY8QW3e1xucePdbXiJgfzIex2ioAZijbFptwv5+F95I7key1ELavc7vQxLe298fMvGZL/jY5dOAjbXJVeiVNERITwK/58KyO7Rx5ih4EgG1x1GgzVRCACizNskJOzG2mTkE+luXPLVnaOII+hasVIa542nazh8v3fE6U8kyZJ/HlxeH/miLu+Vezea4HJDMmn2SJq7fRdLzk3DLe242mG+FVI6HuUr3SHT/HdDxfPSSffSODcBTBiFQDkIAJafWER6hmyLpKo0/7ZWmQO+MF2y684WWWYILzFVZ0H3tLbk88obqUiurYpU34WhUk6kmrOkANVvWzipjVdGZCGDBtaD+uOuknRnfO9xx14g4NyEAlFVBNawd0sfVsnX7HyeTK9bbaQIgb9bt9Xi3nBv7Ykxr1JYzpdmnKzJCWNaN7KSq1XfSTUOR7Qqya7U8SFeWa5i5rP2gdMHJ3ud/JxQjJwZhuwr9deJANwEp32q802iypxohK0bJ69Vj6Hy7V98A1t5v3WtlNd58ltzQe2faTJsAhLxT203guCpRGxx2poMpSlAvtzj2vBtbcP+Q8jv/2uHYeIS1+C0+2FGZcyHJtkvduj03N8BLQQ4cg7stIYDh6Zl2eXQDdT3jBr/qvGlo+keFmq7b6SqV3aUbgC9ejsw5Lin1B2XIZX5euYZ/s/Ogc+U1TuIYXRV+XHY6qARUO8nx9n1bqIR0NL+npxW/hxAoYo4V/ySiOX8XVL4t8TYpRagDHFDXp1L7Q6i6B4tcDjysay/hqzCdfw/FXVvgnoD/A3qlW3c=
+sidebar_class_name: "post api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk create tags and tagged objects"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"post"}
+  path={"/api/v1/tag/bulk_create"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk create tags and tagged objects
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-create-tags-and-tagged-objects.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-create-tags-and-tagged-objects.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-annotation-layers.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"description":"The annotation layer pk for this annotation","in":"path","name":"pk","required":true,"schema":{"type":"integer"}},{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-annotation-layers.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-annotation-layers.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Annotations bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-annotation-layers.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-annotation-layers
+title: "Bulk delete annotation layers"
+description: "Bulk delete annotation layers"
+sidebar_label: "Bulk delete annotation layers"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV9tu2zgQ/RVisA8JVq2ToAsEKvqQZlO03aAtGnd3gShwGWlsKaZIhRy58Qr698WQkiw7LvYK5EnmbXjOXA7HDVTSyhIJrYP4uoEMXWqLigqjIYZpjkJqbUjyhFByjVZUSzE3VlBeuNEiRFDwkUpSDhFoWSKPlhCBxfu6sJhBTLbGCFyaYykhboDWFe8qNOECLbRt1EBqNKEmXpZVpYrUm5/cOUbUjA4XhKXbZyXqZ6S1cg0RUEGKxwukWYYKCWdF5madqbZtO+z3Ndr1Bvw9tDeM3lVGO/RXnRwd8edvY6ysqdBSEU6X6Jxc4AizI1voBRPvZ8ztHabEJPBBlpXCrYObA220E6uzIRRO3NZqKQJTtvTi6PhpUX/Rsqbc2OIPzGJxVlOOmrr7xZAee0iNDwYmL56WyQdDYm5qncWCi4OxoyPMhEVnapuiyAw6oQ0JfCgc7SM12PCMTk6eOjaVNSkPbxUKjgutY/GrVEUW4oPWGruPx7mpVeapdha603zVT09dKO80odVSCYd2hTawiMWZFrXGhwpTDpqfFCZNa/udBHwjSarBBRE4TGvLHFks774RxNc3rBIkFyygoyoUl6yWDm4ieHiWmgyvPMogs0rqBcSQfvl8CREoeYtqMwyJxOPaKvHsd/HzxeXF9EIkkBNV8WSiTCpVbhzFp0enpxNZFZPV8WSjxTMv1JPx1CQBkSSJFuLZW5HAWVdVfi0Wr1FatOKHs/Pzi6ur2fTjLxcfEgCW4w7ppzXlXuR7rMPEgLYoK2OpLwmX6ET32ileDdPPgywdMBTxXylFwUqOMkPrXjU7xBKIRQIduQTEj0KmnKczMkvUbaIPE13ZQtNBD/S5I0m1m3G8Dsf838uVvPJ5MfLB1uQmakY7dsNAXX6TBYk5Upp72v8H6SYwL5FykzHLkCO7Lon7jWI36Oybr33cm+CXqXfL13Ci5Q/76GWimZJR+FyZxa6rDl/6V3K7al5v3p9H/YODCAJsiKF7o6LQNsTwXR801bIdu4Ed7gs71FNtOR573Qq74C55WWS4QmWqEjV1EuHDHQw1lTVkUqPaeDJp2FQbN5zd7SNr57UjU/YmIlhJW7CSuk7VvBn+neFc1oo6mBAB6rpkyeiG/PFqsW3/7XT6SQx22ggYzba9ge8jcFdB+3iNexphrHj3iY0wl20je13Vnfe725bj3OvfFSt3IOlVsIFbn0tvjC0l23v/2xS6Vo+LIqzCoN6edBvx4ZnFuUWX/1sjvnubm0BnC31doXVIow5wNMW5E/atjoNLHJXSP0td//dXWbx12/BSET7QpFKy0GzV51PTpfc1yKrgq48hgt0Uhwhi3y5v9dScECHi19A0t9LhF6valqdDt/qoaR89urBx1TaqJa59f8vpqmpe90Xc524wWviOIIN4LpXDR3Q3txx87jq4Q/HP/jDsxdb37no9htdjrpbQ3nAVeH3zQMPCWZqi1+H+yKN+gxkOwhPkkr1dUz6K3pBi3Q++YC+ipgk7gma2A0D/tDDGtv0TlHWf6A==
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete annotation layers"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/annotation_layer/{pk}/annotation/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete annotation layers
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-annotation-layers.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-annotation-layers.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-annotation-layers.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-charts.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-charts.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-charts.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Charts bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Forbidden: You don't have permission to access this resource"}}},"description":"Forbidden"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-charts.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-charts
+title: "Bulk delete charts"
+description: "Bulk delete charts"
+sidebar_label: "Bulk delete charts"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFVm1v2zYQ/ivEYcAaTImTrgMCFf2QZgnaLuiC2dkLosClpYvFhCIV8uTGE/TfhyNlxXY8oNuXfJJE8Z67514esoVaOlkhofOQXreQW0NoCNIWZF1rlUtS1ozuvDW85vMSK8lvirDy/ELLGiEFZQjn6KBLVivSObmEBEiR5u850rRAjYRTVfhpD9V1XQLKQAoPDTreb2TF2x+gu0nAoa+t8RhcvT485Mc3x1g7W6MjFa0r9F7OcS1mT06ZOXRPMdvZHebEJPBRVrXGDcMngy6BAn3uVM2uIYXTUjryYtboexFJMsibw6OXDfjKyIZK69TfWKTipKESDfX+hcOHRjksdvFZN4xMfnxZJufWzVRRoEnFX7YRhTXfkyjlAkWNrlLeMyOyQuY5ei+oVF449LZxOe4iOOBFdm9elt1nS+LWNqZIxaTEUBn0hMVAQRQWvTCWBD4qT7sYDRiB0evXL915tbNcCjnTKLjraJmK36VWRew+dM66naNkG10Eqj1Cb82ufnppBfhoCJ2RWnh0C3SRRSpOjGgMPtaYc9HCorB53rh/Ga9zSVIPKUjAY9445sgafPeVIL2+YfkjOWdd7uUFbhJ43M9tgeMQWpRsLc0cUsivfruABLScoX767AcghbxxWuz/KX4+uzibnIkMSqI6HY20zaUuraf0+PD4eCRrNVocjXL2N8pAZFlmhNj/IDI46QUh5DoV71E6dOK7k9PTs/F4Ovn1l7PPGUCXDBFdLqm0Zi2mYWGISlW1dbTqd5+ZzKwUX7wblg+ior7iUMS3hp7E3SXKAp1/124RyCAVGfQkMhA/9MoxJXuPpsvMXmZqpwy9WgV04ElS46ec/711np/kQo5Dcde4biw+VcEaz3QHivKrVCRukfIy0Psv5NrIsEIqbcFsYm23qaerjWK7iJyDL6s6tpH/JND/Ei06fnAu3maGQ7caD7Sdb6dk7204qzdb/P3TUSjy2L4JxFghhf6MTKCWVEIKmwQ5ZWG+Yoc3jjO6MzGw7faCf4sCF6htXaGhflJDwSJQWztLNre6S0ejlqG6tOU+7J6hnTaebLWCSGAhnWJB8724BBh+L/BWNpr6MCEBNE3Fk9t/8iPM7yb+h8nkUgw4XQIczSbewPdZcOMoQfyP70zCOvHxkkGYyybIzlT19mF313EFVzI0ZgGNJIMYtTALXXJuXSUZ79MfE65R2AZp/xcGEQ2ku4SNpw5vHfry/4KE2+GtjXQ2om9qdB5p7Ya5tsS9E/ctjmJKPFUynA79/XJnf264GE4Jwkca1VqqcFkITdT2jXsNslbs7wgSCDCQANc5FvIa2nYmPV453XW8HC+53NRbroYjDZ4ysOn3HpfhWsxdqBv+H6Zu1ZLhyEggDn3wEA1O8hyDCK2snp2YjDIMZtQQSIDvf2s5GKrTv7CD1UXfLNfg2zbuiELCIxXjCLoK3U3Xdf8ARu5KZw==
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete charts"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/chart/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete charts
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-charts.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-charts.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-charts.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-css-templates.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-css-templates.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-css-templates.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"CSS templates bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-css-templates.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-css-templates
+title: "Bulk delete CSS templates"
+description: "Bulk delete CSS templates"
+sidebar_label: "Bulk delete CSS templates"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFVttu3DYQ/RVi0IcYlb22kQKGgjw4roMkNVKju24LWMaGK413ZVOkQo423gr892JISXvxtmjz4ieJlzkzZ65soZZWVkhoHaS3LeRGE2qCtAVZ16rMJZVGjx6c0bzn8gVWkv9KwsrxD61qhBRKTThHCz7pd6S1cgUJUEmK13OkaYEKCadl4aYdlPc+gVJDCl8btHxfy4qvfwV/l4BFVxvtMKg6PT7mz3+2sbamRktllK7QOTnHDZsd2VLPwa9tNrMHzIlJ4JOsaoVbgmsBn0CBLrdlzaohhYvxWBBWtZKETswa9SgiV8Z6fXzysnbfaNnQwtjyLyxScd7QAjV1+oXFr01psdhHa1MwMnn9skw+GxL3ptFFKiYLDLajIyyERWcam6MoDDqhDQl8Kh3tIzVgBEanpy8dm9qanJczhYLjQqtU/C5VWcT4oLXG7s0506giUO0QOmlW9dNLl8pHTWi1VMKhXaKNLFJxrkWj8anGnIMWNoXJ88b+QwK+lyTV4IIEHOaNZY7crB6+EaS3d9wnSM65gYU6nPR1CHcJPB3mpsBxsDC2OCX1HFLIb367ggSUnKFaL2MS8bqxShz+KX6+vLqcXIoMFkR1Ohopk0u1MI7Ss+Ozs5Gsy9HyZJQ7N+3Lf5SByLJMC3H4QWRw3hVQ8Hwq3qG0aMUP5xcXl+PxdPLrL5efMwCfDIZdr2hh9IZpw8ZgXFnVxlKf/S7Tme4bpXg7bB/FDvSKTRH/k0EShRYoC7TubbvDI4NUZNBxyUD8KGTOGTgl84jaZ/og07UtNb3q7TpyJKlxU47GwSbdT3IpxyHiG5S3NtcxMdox64Gp/CZLEvdI+SKw/A6ObSRaIS1MwaRiwHc9kPYXxW5I2RVf+qi20Q2T4IUvUcLzh13yJtPMwCg8Uma+65mDN2Hgbaf/u/UgEVsjBhKIJkMK3aBJoJa0gBT20mU/hkqMRdBYdvNeb8GuEVd8LApcojJ1hZq6mg5RjEBtbQ2Z3CifjkYtQ/m05Rz1z9AuGkem6iESWEpbcutzXRsKMPxf4L1sFHVmQgKom4prvFvyJ5T4Nv6HyeRaDDg+AbZmG2/g+8y4cWxWfMbPEGGs+HjNIMxlG2Svqzr5cNt7jmffsMbcaiPJ0LZamIWceW9sJRnv0x8TjlG4Bml3CkO7DaR9wsJTi/cW3eJ7QcKD695EOlvWNzVah7TxaNvY4tyJ95Yn0SWOKhnmSPdk+7ds3dI0jBXCJxrVSpaaEUMutV0a34KsS1Z7AglspjIkwFGPYb2Ftp1JhzdWec/b8RXJKb6jcRiFsPbHtvpHXIV3J+ekavg8VGSfoGHUJBAbQtAQBc7zHEOf6qWeTVpGGao19hdIgF9WG64YYtX9sIL+Ja1XG/BtG2/EJsMFFu0IrRf8nff+b2/1FBM=
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete CSS templates"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/css_template/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete CSS templates
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-css-templates.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-css-templates.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-css-templates.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-dashboards.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-dashboards.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-dashboards.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Dashboard bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Forbidden: You don't have permission to access this resource"}}},"description":"Forbidden"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-dashboards.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-dashboards
+title: "Bulk delete dashboards"
+description: "Bulk delete dashboards"
+sidebar_label: "Bulk delete dashboards"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV21v2zYQ/ivEYcAaTImTrAMCFf2QpgnaLuiC2dkLosClpYulhCIV8uTGE/TfhyMl+SUusO5LPkmmeM/dcy8P6QYqaWWJhNZBfNNAajShJogbkFWlilRSYfTo3hnNay7NsZT8VhCWjl9oWSHEUGjCOVpoo35FWiuXEAEVpPj3HGmaoULCaZG5aQfVtm0EhYYYHmu0vF/Lkrc/QnsbgUVXGe3Quzo+POTHf46xsqZCS0WwLtE5Oce1mB3ZQs+hXcVsZveYEpPAJ1lWCjcMVwZtBBm61BYVu4YY3kuXz4y0mZjV6kEEnozz+vDoZWO+1rKm3NjiH8xicVpTjpo6/8LiY11YzHZRWjcMTH5+WSYXxs6KLEMdi79NLTKjfySRywWKCm1ZOMeMyAiZpuicoLxwwqIztU1xF8EBL7B7/bLsPhsSd6bWWSwmOfrKoCPMBgoiM+iENiTwqXC0i9GA4RkdH79051XWcCnkTKHgrqNlLP6QqshC96G1xu7icWZqlXmqHUJnza5+eWkR+KgJrZZKOLQLtIFFLE61qDU+VZhy0fyiMGla22+M14UkqYYUROAwrS1zZBm+/0oQ39yyApKcszSvFMbBbQRP+6nJcOzDC8qtpJ5DDOn175cQgZIzVKuf3RDEkNZWif2/xPvzy/PJuUggJ6ri0UiZVKrcOIpPDk9ORrIqRoujUdb7HCUgkiTRQux/EAmcdsLgcx6LdygtWvHD6dnZ+Xg8nfz26/nnBKCNhqiulpQbvRbXsDBEVpSVsdT3vUt0onvxF2+H5YOgrK84FPE94UfBIkeZoXVvmy0SCcQigY5IAuKnTkWmZB5Qt4neS3RlC02v+qAOHEmq3ZTrsLfO9ZNcyLEv9BrfjcVVNYx2THmgKb/KgsQdUpp7it9LsAksS6TcZMwo1HmbftxvFNvF5Dx86evZhBxMfAq+BIuWH5yPN4nm8I3CA2Xm22nZe+OP782Wf7c6GkW2aucIQrwQQ3duRlBJyiGG50Q5fX7uQtfXlrO7M0mw7f6SP4sMF6hMVaKmboJ98QJQU1lDJjWqjUejhqHauOG+bJ+hndWOTNlDRLCQtmChc53oeBh+z/BO1oq6MCEC1HXJE9395Ief6U38D5PJlRhw2gg4mk28ge+z4MZBmvgbX6eEseLjFYMwl02Qnanq7P3utuVK9vI0ZmENJL1INTDz3XJhbCkZ79OfE66R3wZx9xUGcfWk24iNpxbvLLr8/4L4i+OdCXQ2oq8rtA5p7fK5tsS9E/YtjkJKHJXSnxrd1fObfbrhZjhBCJ9oVClZ+IuEb6Sma+AbkFXBPo/YuoeCCLjeoaA30DQz6fDaqrbl5XAP5ubecjccebDKxKbvB1z6mzN3o6r5u5/CvjX9kRJBEAHvIRicpil6Yeqtnp2ojDIMadAUiIDvh2t5GKrUvbCD/r+AXq7BN03YEYSFRyvE4bUW2tu2bf8FpG9YOg==
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete dashboards"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/dashboard/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete dashboards
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-dashboards.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-dashboards.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-dashboards.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-datasets.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-datasets.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-datasets.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Dataset bulk delete"},"400":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Bad request: Invalid parameters provided"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Forbidden: You don't have permission to access this resource"}}},"description":"Forbidden"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-datasets.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-datasets
+title: "Bulk delete datasets"
+description: "Bulk delete datasets"
+sidebar_label: "Bulk delete datasets"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV21v2zYQ/ivEYcAaTImTrAMCFf2QpgnaLuiC2dkLosClpYvFRCIV8uQmE/TfhyMl+SUu0O2LP0mmeM/dc+9uoJJWlkhoHcQ3DaRGE2qCuAFZVYVKJSmjR/fOaD5zaY6l5DdFWDp+oecKIQalCedooY36E2mtfIYISFHBv+dI0wwLJJyqzE07qLZtI1AaYnis0fJ9LUu+/gjtbQQWXWW0Q6/q+PCQH99tY2VNhZZUkC7ROTnHFZsdWaXn0C5tNrN7TIlJ4JMsqwLXBJcCbQQZutSqilVDDO8lSYckZnXxIAJLRnm9a4vfyUxYfKzRUSw+6oUsVCaWMReVNQuVYbaN04ps4HK0Wy7XWtaUG6v+wSwWpzXlqKnT7w1VdjuRVcHA5OfdMrkwdqayDHUs/ja1yIz+kUQuFygqtKVyjhmRETJN0TlBuXLCojO1TXEbwQEvsHu9W3afDYk7U+ssFpMc+xTCbKAgMoNOaEMCnxQn10tGA4ZndHy868yrrOFQyFmBgrOOnmPxBxdTyD601thtPM5MXWSeaofQSbOqX3bdHD5qQqtlIRzaBdrAIhanWtQanypMOWj+UJg0re03yutCkiwGF0TgMK0tc+SBcv+VIL655V5Ocs5Dpu+VDm4jeNpPTYZjb1yYQIXUc4ghvf79EiIo5AyL5c+uBGJIa1uI/b/E+/PL88m5SCAnquLRqDCpLHLjKD45PDkZyUqNFkejLGgcJSCSJNFC7H8QCZx2TcH7OxbvUFq04ofTs7Pz8Xg6+e3X888JQBsNNl09U270ilXDwWCXKitjqc95l+hE9yNMvB2OD8KEeMWmiO83Pgr3c5QZWve22aCQQCwS6GgkIH7q+seUzAPqNtF7ia6s0vSqN+nAkaTaTTkGe6tMP8mFHPsQr7BdO1xGwmjHhAeS8qtUJO6Q0twT/G/0msCxRMpNxnxChDfJx/1FsRlI9sKXPpZN8MDEO+BLkGj5wd54k2g23hR4UJj5plP23vgFZGMkLse7yPo0jiBYCzF0kz+CSlIOMWySZMf5Wgu5Xlv261b3wKbqS/4sMlxgYaoSNXVV68MWgJrKGjKpKdp4NGoYqo0bzsf2BdpZ7ciUPUQEC2kVNzfXNRoPw+8Z3sm6oM5MiAB1XXIVdz/54St5Hf/DZHIlBpw2ArZmHW/g+8K4cWhH/I2XQWGs+HjFIMxlHWSrqzp5f7ttOYp9SxpzMw0kfWNqYOYz5cLYUjLepz8nHCN/DeLuKwwN1ZNuIxaeWryz6PL/C+LX3jsT6KxZX1doHdLK6rxyxLkT7i2OgkscldJPim5x/kaOrikZZgbhE42qQiq/Ovg0arrkvQFZKdZ4xNIBCCLgWIdg3kDTzKTDa1u0LR+HDZ4Te0PZMOJg6YV1zQ/47Hd+zsSi5u+++vq09CMkglD8XkMQOE1T9O2ol3oxQRllKM/QSyAC3gdXvDBEqHthBf2/GP28At804UZoKFxWwQ7fYaG9bdv2X7NvmWI=
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete datasets"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/dataset/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete datasets
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-datasets.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-datasets.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-datasets.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-report-schedules.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-report-schedules.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-report-schedules.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Report Schedule bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Forbidden: You don't have permission to access this resource"}}},"description":"Forbidden"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-report-schedules.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-report-schedules
+title: "Bulk delete report schedules"
+description: "Bulk delete report schedules"
+sidebar_label: "Bulk delete report schedules"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV21P5DYQ/ivWqFIPNbBArxLK6T5wFHR3RVd0LH0RQXveZNgYHDvYkz22Uf57NXY2+wJVr/3Cp2Qdz8zzzIyf8bZQSycrJHQe0usWcmsIDUHagqxrrXJJyprRnbeG13xeYiX5TRFWnl9oUSOkoAzhDB10yXJFOicXkAAp0vx7hjQpUCPhRBV+0rvqui4BZSCFhwYd7zey4u0P0N0k4NDX1ngMoQ739/nxzRhrZ2t0pKJ1hd7LGa5h9uSUmUG3wmynd5gTk8BHWdUaNwxXBl0CBfrcqZpDQwqfsbaOxGVeYtFoFNNG34vIlr293j94WeRXRjZUWqf+wiIVxw2VaKiPLxw+NMph8RyxdcPI5MeXZXJm3VQVBZpU/GkbUVjzPYlSzlHU6CrlPTMiK2Seo/eCSuWFQ28bl+NzBAd/kd3rl2X3yZK4tY0pUjEuMVQGPWExUBCFRS+MJYGPytNzjAYfgdHh4Ut3Xu0sl0JONQruOlqk4jepVRG7D52z7jkeJ7bRRaDae+itOdRPLy0FHwyhM1ILj26OLrJIxbERjcHHGnMuWlgUNs8b9w/H60yS1EMKEvCYN445shjffSVIr29YB0nOWKC3dcbDTQKPu7kt8DKAjCqupZlBCvnV53NIQMsp6tXP/iikkDdOi90/xM+n56fjU5FBSVSno5G2udSl9ZQe7R8djWStRvODkQuRRxmILMuMELvvRQbHvTaEtKfiHUqHTnx3fHJyenk5Gf/6y+mnDKBLBkgXCyqtWQM1LAywVBUo9q3vM5OZ5RQQb4flvSiurxiK+GbsSdxeoizQ+bftFoMMUpFBzyID8UOvIhOy92i6zOxkpnbK0Ksloj1Pkho/4QrsrBP9KOfyMhR6jezG4qoO1njmO3CUX6UicYuUl4Hff2LXRooVUmkLphPLu809XW4U22XkJHxZVrKNCRgH/l+iRccPTsabzDB2q3FP29l2TnbehAm+2e/vVnNRRNzCD72cQEQNKfSjM4FaUgkpbHHl9IVzF/u9cZzdZ5ME2wjO+bMocI7a1hUa6k9wKF501NbOks2t7tLRqGVXXdpy3O6Jt5PGk62WLhKYS6dY6HwvOsENvxd4KxtNPUxIAE1T8Ynuf/IjnOZN/+/H4wsx+OkSYDSb/ga+T8BdRmnib3ypEtaJDxfshLlsOnk2Vb192N11XMylPLH+VJFkEKkWpqFhzqyrJPv7+PuYaxS2Qdp/hUFcA+kuYeOJw1uHvvy/TsL18dZGOhvomxqdR1q7gq4tce/EffODmBJPlQxTo7+A/kurbgQb5gjhI41qLVW4ToR2avsevgZZK458AHyvDVlNgEsea3oNbTuVHq+c7jpejhdi7u+tWMPUg1UyNgPf4yJcobkhdcPfw1lcdmeYKglEKQgRosFxnmPQpqXVk6HKXoZDGpUFEuAr4loShkL1Lxxg+afALNbct23cEeWFT1fEEeQWupuu6/4G0RZcQg==
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete report schedules"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/report/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete report schedules
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-report-schedules.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-report-schedules.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-report-schedules.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-rls-rules.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-rls-rules.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-rls-rules.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"RLS Rule bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Forbidden: You don't have permission to access this resource"}}},"description":"Forbidden"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-rls-rules.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-rls-rules
+title: "Bulk delete RLS rules"
+description: "Bulk delete RLS rules"
+sidebar_label: "Bulk delete RLS rules"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV21P4zgQ/ivW6KRbdIECtyehrPYDy4F299AuouVeRFDXTYYm4NjBnhR6Uf77aewktAWkE1/4lNTxPJ5nXp5xG6iklSUSWgfxZQOp0YSaIG5AVpUqUkmF0aMbZzSvuTTHUvJbQVg6fqFlhRBDoQnnaKGN+hVprVxCBFSQ4t9zpGmGCgmnReamHVTbthEUGmK4q9Hyfi1L3n4H7VUEFl1ltEN/1P7uLj/+t4+VNRVaKoJ1ic7JOa747MgWeg7to89mdoMpMQl8kGWlcM3w0aCNIEOX2qLioyGG89OxOK8VilmtbkWgyTDvd/fe1uULLWvKjS3+xSwWhzXlqKk7X1i8qwuL2XOMVg0Dk1/flsmJsbMiy1DH4h9Ti8zon0nkcoGiQlsWzjEjMkKmKTonKC+csOhMbVN8juCAF9i9f1t23wyJa1PrLBaTHH1m0BFmAwWRGXRCGxL4UDh6jtGA4Rnt77915VXWcCrkTKHgqqNlLP6UqshC9aG1xj7H48jUKvNUO4TOmo/67a014IsmtFoq4dAu0AYWsTjUotb4UGHKSfOLwqRpbV9orxNJUg0hiMBhWlvmyCp8c08QX16xAJKcszLDubkXp7hAJcb9zqsIHrZTk+HYuxkEXEk9hxjSi/NTiEDJGarHn10zxJDWVontv8Xvx6fHk2ORQE5UxaORMqlUuXEUH+weHIxkVYwWeyNr7hUf3fs4SkAkSaKF2P4sEjjsdMKnIBafUFq04qfDo6Pj8Xg6+f7H8bcEoI0G586WlBu94t6wMDhYlJWx1LeBS3Si+1EgPg7LO0Fo37Er4hUsomCYo8zQuo/NBpcEYpFAxycB8UunLVMyt6jbRG8lurKFpne9bzuOJNVuylnZWqX8VS7k2Kd/hfba4mNujHbMfGAr72VB4hopzT3TV/JsAtkSKTcZEwvJ34xC3G8Um6nlcPzos9uEUEx8JH4Ei5YfHJYPiWYWRuGOMvPN6Gx98KN9vR8+Pc5NwcPU1lzREQR3IYZupkZQScohhhfpcix9a4aGqC2H+tmIwaYTp/xZZAxnqhI1dU3uMxmAmsoaMqlRbTwaNQzVxg3XavsE7ah2ZMoeIoKFtAVroet0ycPwe4bXslbUuQkRoK5LbvruJz8cPAnZ58nkTAw4bQTszTrewPeJc+OgXvyNL1zCWPHljEGYyzrIs6Hq7P3utuV89gkYs/YGkl7HGpj5mjkxtpSM9/WvCefIb4O4+wqD/nrSbcTGU4vXFl3+WhB/tbw2gc6a93WF1iGtXE9Xlrh2wr7FXgiJo1L6wdJdTl+q1rVThhlD+ECjSsnCXzV8HTVdGV+CrAo+cg8i2CxliICzHtJ6CU0zkw4vrGpbXg73ZS7xjVOH2QiP8Vh34RaX/obNNalq/u47si9QP3siCILgTwgGh2mKXqt6qyejl1GGjg36AhHwRXIlHEOuuhc+oP/PoJcr8E0TdgSR4QYLfnj5hfaqbdv/ANuMaKo=
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete RLS rules"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/rowlevelsecurity/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete RLS rules
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-rls-rules.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-rls-rules.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-rls-rules.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-saved-queries.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-saved-queries.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-saved-queries.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Saved queries bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-saved-queries.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-saved-queries
+title: "Bulk delete saved queries"
+description: "Bulk delete saved queries"
+sidebar_label: "Bulk delete saved queries"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFVt9v2zYQ/leIwx4aTImToAMCFX1IsxRtF7TZ7GwDosClpYulhCIV8uTGE/i/D0fKsp14w7qXPEmieN/ddz8+soNGWlkjoXWQXneQG02oCdIOZNOoKpdUGT26c0bzmstLrCW/VYS14xdaNggpVJpwjhZ8slqR1solJEAVKf6eI00LVEg4rQo37aG89wlUGlJ4aNHyfi1r3v4A/iYBi64x2mFwdXx4yI//HGNjTYOWqmhdo3NyjhsxO7KVnoNfx2xmd5gTk8BHWTcKtwzXBj6BAl1uq4ZdQwpjucBCMIUKnZi16l5Eroz1+vDoZeO+0rKl0tjqLyxScdpSiZp6/8LiQ1tZLHbR2jSMTF6/LJPPhsStaXWRikmJIXZ0hIWw6ExrcxSFQSe0IYGPlaNdpAaMwOj4+KVr01iT8+dMoeC60DIVv0tVFbE+aK2xu3icmVYVgWqP0Fuzq59eelQ+akKrpRIO7QJtZJGKUy1ajY8N5ly0sChMnrf2HxrwvSSphhQk4DBvLXNksbr7RpBe37BOkJyzgMGvcQLhJoHH/dwUOA6xRXFTUs8hhfzqtwtIQMkZqvVnbB/+bq0S+3+Kn88vzifnIoOSqElHI2VyqUrjKD05PDkZyaYaLY5Gjgd/GrRrlIHIskwLsf9BZHDaT05IeSreobRoxQ+nZ2fn4/F08uWX888ZgE+GuC6XVBq9EdmwMMRW1Y2xtGp7l+lMrxRSvB2WD6L0vOJQxPcRSKJNibJA6952T2hkkIoMeioZiB+FzLnzpmTuUftM72W6sZWmV6uwDhxJat2Ua7G3yfaTXMhxqPQG463FdUWMdkx6ICq/yYrELVJeBpLfT7GLPGuk0hTMKVb7aQLS1UbxtKCcia+rmnYxC5OQhK/RwvODM/Im00zAKDxQZv40MXtvwjm33fXv1ueHcJsnCyQQQ4YU+vMlgUZSCSnsYstZDPMXB6C1nOSduYKnMVzwb1HgApVpatTUT3KoYQTqGmvI5Eb5dDTqGMqnHTeof4Z21joy9QoigYW0FQue68UnwPB7gbeyVdSHCQmgbmue7P6TH2G8t/E/TCaXYsDxCXA023gD32fBjaNE8T++fAhjxcdLBmEu2yA7U9Xbh93eczlXMjVmgY0kg1h1MAst897YWjLepz8mXKOwDdL+LwwiG0j7hI2nFm8tuvL/goRr1q2JdLaibxu0DmnjqraxxL0T9y2OYkoc1TKcHv1F7d+adcvTcJgQPtKoUbLSjBh6qeu7+BpkU7HbI2a07mRIgIseq3oNXTeTDq+s8p6X4xbu8CcOh/MP1unY9n6Py3DZ5JZULf8P87jqz3C+JBDlIHiIBqd5jkGkVlbPjldGGWY1qgskwNepjUwMpepf2MHq+qyXG/BdF3dEieH5inEE3QV/473/G72iEVg=
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete saved queries"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/saved_query/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk delete saved queries
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-saved-queries.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-saved-queries.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-saved-queries.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-tags.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"string"},"type":"array","title":"delete_tags_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-tags.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-tags.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Deletes multiple Tags"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Forbidden: You don't have permission to access this resource"}}},"description":"Forbidden"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-tags.api.mdx

@@ -0,0 +1,68 @@
+---
+id: bulk-delete-tags
+title: "Bulk delete tags"
+description: "Bulk deletes tags. This will remove all tagged objects with this tag."
+sidebar_label: "Bulk delete tags"
+hide_title: true
+hide_table_of_contents: true
+api: eJzFV21P5DYQ/ivWqFIPNbBwvUoop/vAcaC7K7qi7tIXEcSZZNgYHDvYk4VtlP9ejZ0Nu8sioaoSn5L4Zfw88/J40kKBPneqJmUNpPCx0beiQI2EXpCc+h0xKZUX90pr4bCyMxRSa56aYiHs1Q3mxNNUCuKFJKc7kEAtnayQ0HlIz1vIrSE0BGkLsq61yiWfN7rxfGgLPi+xkvymCCvPLzSvEVLw5JSZQpcsBqRzcg4JkCLN3xHrJUO97M10XZeAYjZ3DTpebGTFa++gu0jAoa+t8RiOebu7y48X46udrdGRirsr9F5OcQPeR8DRRcwAH2RVa1zZ+LihS9ZC8amPQtVoUrVGMZFTz3be7e69LuYzIxsqrVP/YJGKg4ZKNNSfLxzeNcphsYnS8sbI5OfXZXJs3ZUqCjSp+Ns2orDmRxKlnKGo0VXKe2ZEVsg8R+9jhjv0tnE5biI42Ivs3r0uu2+WxLVtTJGKSYkhMugJi4GCKCx6YSwJfFCeNjEabARGb9++dubVznIo5JVGwVlH81T8IbUqYvahc9Zt4nFoG10Eqr2Ffjcf9ctri8AXQ+iM1MKjm6GLLFJxYERj8KHGnIMWBoXN88Y9U17HkqQeXJCAx7xxzJEl+OaeID2/YAVksYT0HIKgXCTwsJ3bAscBWNRrLc0UUsjPfj+BBLS8Qv342ad/CnnjtNj+S3w6OjmaHIkMSqI6HY20zaUurad0f3d/fyRrNZrtjUhORxmILMuMENufRQYHvRgEP6fiI0qHTvxwcHh4NB5fTn779ehbBtAlA57TOZXWLCEaBgZMqqqto0Wu+8xkZiH44sMwvBOvjTcMRbwMeBLXligLdP5DuwY/g1Rk0FPIQPzUa8Yl2Vs0XWa2MlM7ZejNAs6OJ0mNv2Tfby2z/CpnchzCusR0ZfAxAtZ4JjsQlPdSkbhGystA7uXU2sivQiptwVxiVNeJp4uFYj2A7IHvixi2kf0kkP8ed3T8YE+8zwwDtxp3tJ2uO2TrfbimI5Dhhg89BZWQwjJ29kUomZi2jWNXbWQM68VywtOiwBlqW1doqC++EIloqK2dJZtb3aWjUcumurTl9OqeWDtsPNlqYSKBmXSKNcr3ehHM8HuB17LR1MOEBNA0FRdj/8mPUJSr9j9PJqdisNMlwGhW7Q18n4AbR1XhOe6EhHXiyykbYS6rRja6qt8fVncdB2ehLGPWxEgy6EsLVyEBjq2rJNv7+ueEYxSWQdrPwqCLgXSX8OZLh9cOfflfjYSe79pGOivomxqdR1pqGpeGOHfiutledImnSgbB77vGpZY4dMTr7lm6OP639rlnRvhAo1pLFfqJkJRtXwbnIGvF+PcgCDokwFkT0+Ic2vZKejxzuut4ODbCXCLPQn/u1Fuch9aZc1o3PB/Kc5Hg4U5JIKpDOCFuOMhzDFq12PXkSl0p8ig2kAA3iEtX6RDr/oUPWPwJmPmS+baNK6LicIFGHEF+obvouu5fNK1zXA==
+sidebar_class_name: "delete api-method"
+info_path: developer-docs/api/superset
+custom_edit_url: null
+hide_send_button: true
+show_extensions: true
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";
+import ParamsDetails from "@theme/ParamsDetails";
+import RequestSchema from "@theme/RequestSchema";
+import StatusCodes from "@theme/StatusCodes";
+import OperationTabs from "@theme/OperationTabs";
+import TabItem from "@theme/TabItem";
+import Heading from "@theme/Heading";
+import Translate from "@docusaurus/Translate";
+
+<Heading
+  as={"h1"}
+  className={"openapi__heading"}
+  children={"Bulk delete tags"}
+>
+</Heading>
+
+<MethodEndpoint
+  method={"delete"}
+  path={"/api/v1/tag/"}
+  context={"endpoint"}
+>
+
+</MethodEndpoint>
+
+
+
+Bulk deletes tags. This will remove all tagged objects with this tag.
+
+<Heading
+  id={"request"}
+  as={"h2"}
+  className={"openapi-tabs__heading"}
+>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails
+  {...require("./bulk-delete-tags.ParamsDetails.json")}
+>
+
+</ParamsDetails>
+
+<RequestSchema
+  {...require("./bulk-delete-tags.RequestSchema.json")}
+>
+
+</RequestSchema>
+
+<StatusCodes
+  {...require("./bulk-delete-tags.StatusCodes.json")}
+>
+
+</StatusCodes>

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-themes.ParamsDetails.json

@@ -0,0 +1 @@
+{"parameters":[{"content":{"application/json":{"schema":{"items":{"type":"integer"},"type":"array","title":"get_delete_ids_schema"}}},"in":"query","name":"q"}]}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-themes.RequestSchema.json

@@ -0,0 +1 @@
+{"title":"Body"}

docs/developer_docs_versioned_docs/version-6.1.0/api/bulk-delete-themes.StatusCodes.json

@@ -0,0 +1 @@
+{"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"string"}}},"description":"Themes bulk delete"},"401":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unauthorized: Authentication required"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Not found: The requested resource does not exist"}}},"description":"Not found"},"422":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Unprocessable entity: Validation error"}}},"description":"Could not process entity"},"500":{"content":{"application/json":{"schema":{"properties":{"message":{"type":"string"}},"type":"object"},"example":{"message":"Internal server error: An unexpected error occurred"}}},"description":"Fatal error"}}}