mirror of
https://github.com/apache/superset.git
synced 2026-05-07 17:04:58 +00:00
77 lines
68 KiB
HTML
77 lines
68 KiB
HTML
<!doctype html>
|
||
<html class="docs-version-current" lang="en" dir="ltr">
|
||
<head>
|
||
<meta charset="UTF-8">
|
||
<meta name="viewport" content="width=device-width,initial-scale=1">
|
||
<meta name="generator" content="Docusaurus v2.0.0-beta.15">
|
||
<link rel="preconnect" href="https://www.google-analytics.com">
|
||
<script>window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)},ga.l=+new Date,ga("create","G-133LHD3B3N","auto"),ga("set","anonymizeIp",!0),ga("send","pageview")</script>
|
||
<script async src="https://www.google-analytics.com/analytics.js"></script><title data-react-helmet="true">Configuring Superset | Superset</title><meta data-react-helmet="true" name="twitter:card" content="summary_large_image"><meta data-react-helmet="true" property="og:url" content="https://superset.apache.org/docs/installation/configuring-superset"><meta data-react-helmet="true" name="docusaurus_locale" content="en"><meta data-react-helmet="true" name="docusaurus_version" content="current"><meta data-react-helmet="true" name="docusaurus_tag" content="docs-default-current"><meta data-react-helmet="true" property="og:title" content="Configuring Superset | Superset"><meta data-react-helmet="true" name="description" content="Configuring Superset"><meta data-react-helmet="true" property="og:description" content="Configuring Superset"><link data-react-helmet="true" rel="icon" href="/img/favicon.ico"><link data-react-helmet="true" rel="canonical" href="https://superset.apache.org/docs/installation/configuring-superset"><link data-react-helmet="true" rel="alternate" href="https://superset.apache.org/docs/installation/configuring-superset" hreflang="en"><link data-react-helmet="true" rel="alternate" href="https://superset.apache.org/docs/installation/configuring-superset" hreflang="x-default"><link rel="stylesheet" href="/assets/css/styles.f64e49f2.css">
|
||
<link rel="preload" href="/assets/js/runtime~main.5a0758a3.js" as="script">
|
||
<link rel="preload" href="/assets/js/main.0949d8e1.js" as="script">
|
||
</head>
|
||
<body>
|
||
<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
|
||
<div role="region"><a href="#" class="skipToContent_ZgBM">Skip to main content</a></div><nav class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Navigation bar toggle" class="navbar__toggle clean-btn" type="button" tabindex="0"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a class="navbar__brand" href="/"><div class="navbar__logo"><img src="/img/superset-logo-horiz.svg" alt="Superset Logo" class="themedImage_W2Cr themedImage--light_TfLj"><img src="/img/superset-logo-horiz-dark.svg" alt="Superset Logo" class="themedImage_W2Cr themedImage--dark_oUvU"></div></a><a class="navbar__item navbar__link navbar__link--active" href="/docs/intro">Documentation</a><a class="navbar__item navbar__link" href="/community">Community</a></div><div class="navbar__items navbar__items--right"><a href="https://github.com/apache/superset" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><span>GitHub<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div class="main-wrapper docs-wrapper docs-doc-page"><div class="docPage_P2Lg"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_RiI4" type="button"></button><aside class="theme-doc-sidebar-container docSidebarContainer_rKC_"><div class="sidebar_CW9Y"><nav class="menu thin-scrollbar menu_SkdO"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/intro">Introduction</a></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active hasHref_VCh3" aria-current="page" href="/docs/installation/installing-superset-using-docker-compose">Installation and Configuration</a></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/installing-superset-using-docker-compose">Installing Locally Using Docker Compose</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/installing-superset-from-scratch">Installing From Scratch</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" tabindex="0" href="/docs/installation/configuring-superset">Configuring Superset</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/networking-settings">Additional Networking Settings</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/cache">Caching</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/event-logging">Event Logging</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/upgrading-superset">Upgrading Superset</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/async-queries-celery">Async Queries via Celery</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/alerts-reports">Alerts and Reports</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/sql-templating">SQL Templating</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/building-custom-viz-plugins">Building Custom Viz Plugins</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/running-on-kubernetes">Running on Kubernetes</a></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist hasHref_VCh3" href="/docs/databases/installing-database-drivers">Connecting to Databases</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist hasHref_VCh3" href="/docs/creating-charts-dashboards/creating-your-first-dashboard">Creating Charts and Dashboards</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist hasHref_VCh3" href="/docs/miscellaneous/country-map-tools">Miscellaneous</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist hasHref_VCh3" href="/docs/contributing/contributing-page">Contributing</a></div></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/frequently-asked-questions">Frequently Asked Questions</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/api">API</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/security">Security</a></li></ul></nav></div></aside><main class="docMainContainer_TCnq"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_DM6M"><div class="docItemContainer_vinB"><article><div class="tocCollapsible_jdIR theme-doc-toc-mobile tocMobile_TmEX"><button type="button" class="clean-btn tocCollapsibleButton_Fzxq">On this page</button></div><div class="theme-doc-markdown markdown"><h2 class="anchor anchorWithStickyNavbar_mojV" id="configuring-superset">Configuring Superset<a class="hash-link" href="#configuring-superset" title="Direct link to heading"></a></h2><h3 class="anchor anchorWithStickyNavbar_mojV" id="configuration">Configuration<a class="hash-link" href="#configuration" title="Direct link to heading"></a></h3><p>To configure your application, you need to create a file <code>superset_config.py</code> and add it to your
|
||
<code>PYTHONPATH</code>. If your applcation was installed using docker-compose an alternative configuration is required. See <a href="https://github.com/apache/superset/tree/master/docker#readme" target="_blank" rel="noopener noreferrer">https://github.com/apache/superset/tree/master/docker#readme</a> for details.</p><p>Here are some of the parameters you can set in that file:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain"># Superset specific config</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ROW_LIMIT = 5000</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SUPERSET_WEBSERVER_PORT = 8088</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Flask App Builder configuration</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Your App secret key</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SECRET_KEY = '\2\1thisismyscretkey\1\2\e\y\y\h'</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># The SQLAlchemy connection string to your database backend</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># This connection defines the path to the database that stores your</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># superset metadata (slices, connections, tables, dashboards, ...).</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Note that the connection information to connect to the datasources</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># you want to explore are managed directly in the web UI</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SQLALCHEMY_DATABASE_URI = 'sqlite:////path/to/superset.db'</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Flask-WTF flag for CSRF</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_ENABLED = True</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Add endpoints that need to be exempt from CSRF protection</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_EXEMPT_LIST = []</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># A CSRF token that expires in 1 year</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_TIME_LIMIT = 60 * 60 * 24 * 365</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Set this API key to enable Mapbox visualizations</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">MAPBOX_API_KEY = ''</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>All the parameters and default values defined in
|
||
<a href="https://github.com/apache/superset/blob/master/superset/config.py" target="_blank" rel="noopener noreferrer">https://github.com/apache/superset/blob/master/superset/config.py</a>
|
||
can be altered in your local <code>superset_config.py</code>. Administrators will want to read through the file
|
||
to understand what can be configured locally as well as the default values in place.</p><p>Since <code>superset_config.py</code> acts as a Flask configuration module, it can be used to alter the
|
||
settings Flask itself, as well as Flask extensions like <code>flask-wtf</code>, <code>flask-caching</code>, <code>flask-migrate</code>,
|
||
and <code>flask-appbuilder</code>. Flask App Builder, the web framework used by Superset, offers many
|
||
configuration settings. Please consult the
|
||
<a href="https://flask-appbuilder.readthedocs.org/en/latest/config.html" target="_blank" rel="noopener noreferrer">Flask App Builder Documentation</a>
|
||
for more information on how to configure it.</p><p>Make sure to change:</p><ul><li><code>SQLALCHEMY_DATABASE_URI</code>: by default it is stored at ~/.superset/superset.db</li><li><code>SECRET_KEY</code>: to a long random string</li></ul><p>If you need to exempt endpoints from CSRF (e.g. if you are running a custom auth postback endpoint),
|
||
you can add the endpoints to <code>WTF_CSRF_EXEMPT_LIST</code>:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_EXEMPT_LIST = [‘’]</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><h3 class="anchor anchorWithStickyNavbar_mojV" id="running-on-a-wsgi-http-server">Running on a WSGI HTTP Server<a class="hash-link" href="#running-on-a-wsgi-http-server" title="Direct link to heading"></a></h3><p>While you can run Superset on NGINX or Apache, we recommend using Gunicorn in async mode. This
|
||
enables impressive concurrency even and is fairly easy to install and configure. Please refer to the
|
||
documentation of your preferred technology to set up this Flask WSGI application in a way that works
|
||
well in your environment. Here’s an async setup known to work well in production:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain"> -w 10 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> -k gevent \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --timeout 120 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> -b 0.0.0.0:6666 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --limit-request-line 0 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --limit-request-field_size 0 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --statsd-host localhost:8125 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> "superset.app:create_app()"</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>Refer to the <a href="https://docs.gunicorn.org/en/stable/design.html" target="_blank" rel="noopener noreferrer">Gunicorn documentation</a> for more
|
||
information. <em>Note that the development web server (<code>superset run</code> or <code>flask run</code>) is not intended
|
||
for production use.</em></p><p>If you're not using Gunicorn, you may want to disable the use of <code>flask-compress</code> by setting
|
||
<code>COMPRESS_REGISTER = False</code> in your <code>superset_config.py</code>.</p><h3 class="anchor anchorWithStickyNavbar_mojV" id="configuration-behind-a-load-balancer">Configuration Behind a Load Balancer<a class="hash-link" href="#configuration-behind-a-load-balancer" title="Direct link to heading"></a></h3><p>If you are running superset behind a load balancer or reverse proxy (e.g. NGINX or ELB on AWS), you
|
||
may need to utilize a healthcheck endpoint so that your load balancer knows if your superset
|
||
instance is running. This is provided at <code>/health</code> which will return a 200 response containing “OK”
|
||
if the the webserver is running.</p><p>If the load balancer is inserting <code>X-Forwarded-For/X-Forwarded-Proto</code> headers, you should set
|
||
<code>ENABLE_PROXY_FIX = True</code> in the superset config file (<code>superset_config.py</code>) to extract and use the
|
||
headers.</p><p>In case the reverse proxy is used for providing SSL encryption, an explicit definition of the
|
||
<code>X-Forwarded-Proto</code> may be required. For the Apache webserver this can be set as follows:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">RequestHeader set X-Forwarded-Proto "https"</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><h3 class="anchor anchorWithStickyNavbar_mojV" id="custom-oauth2-configuration">Custom OAuth2 Configuration<a class="hash-link" href="#custom-oauth2-configuration" title="Direct link to heading"></a></h3><p>Beyond FAB supported providers (Github, Twitter, LinkedIn, Google, Azure, etc), its easy to connect
|
||
Superset with other OAuth2 Authorization Server implementations that support “code” authorization.</p><p>Make sure the pip package <a href="https://authlib.org/" target="_blank" rel="noopener noreferrer"><code>Authlib</code></a> is installed on the webserver.</p><p>First, configure authorization in Superset <code>superset_config.py</code>.</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">AUTH_TYPE </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> AUTH_OAUTH</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">OAUTH_PROVIDERS </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'name'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'egaSSO'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'token_key'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'access_token'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Name of the token in the response of access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'icon'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'fa-address-card'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Icon for the provider</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'remote_app'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'client_id'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'myClientId'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'client_secret'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'MySecret'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Secret for this Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'client_kwargs'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'scope'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'read'</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Scope for the Authorization</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'access_token_method'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'POST'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># HTTP Method to call access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'access_token_params'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Additional parameters for calls to access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'client_id'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'myClientId'</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'access_token_headers'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Additional headers for calls to access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'Authorization'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'Basic Base64EncodedClientIdAndSecret'</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'api_base_url'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'https://myAuthorizationServer/oauth2AuthorizationServer/'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'access_token_url'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'https://myAuthorizationServer/oauth2AuthorizationServer/token'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'authorize_url'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'https://myAuthorizationServer/oauth2AuthorizationServer/authorize'</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Will allow user self registration, allowing to create Flask users from Authorized User</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">AUTH_USER_REGISTRATION </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">True</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># The default user self registration role</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">AUTH_USER_REGISTRATION_ROLE </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">"Public"</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>Then, create a <code>CustomSsoSecurityManager</code> that extends <code>SupersetSecurityManager</code> and overrides
|
||
<code>oauth_user_info</code>:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> logging</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> superset</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">security </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> SupersetSecurityManager</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">class</span><span class="token plain"> </span><span class="token class-name">CustomSsoSecurityManager</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">SupersetSecurityManager</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token keyword" style="color:#00009f">def</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">oauth_user_info</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">self</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> provider</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> response</span><span class="token operator" style="color:#393A34">=</span><span class="token boolean" style="color:#36acaa">None</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> logging</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">debug</span><span class="token punctuation" style="color:#393A34">(</span><span class="token string" style="color:#e3116c">"Oauth2 provider: {0}."</span><span class="token punctuation" style="color:#393A34">.</span><span class="token builtin">format</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">provider</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token keyword" style="color:#00009f">if</span><span class="token plain"> provider </span><span class="token operator" style="color:#393A34">==</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'egaSSO'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># As example, this line request a GET to base_url + '/' + userDetails with Bearer Authentication,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># and expects that authorization server checks the token, and response with user details</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> me </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> self</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">appbuilder</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">sm</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">oauth_remotes</span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">provider</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">get</span><span class="token punctuation" style="color:#393A34">(</span><span class="token string" style="color:#e3116c">'userDetails'</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">data</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> logging</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">debug</span><span class="token punctuation" style="color:#393A34">(</span><span class="token string" style="color:#e3116c">"user_data: {0}"</span><span class="token punctuation" style="color:#393A34">.</span><span class="token builtin">format</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">me</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token keyword" style="color:#00009f">return</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'name'</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">'name'</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'email'</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">'email'</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'id'</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">'user_name'</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'username'</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">'user_name'</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'first_name'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">''</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'last_name'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">''</span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">.</span><span class="token punctuation" style="color:#393A34">.</span><span class="token punctuation" style="color:#393A34">.</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>This file must be located at the same directory than <code>superset_config.py</code> with the name
|
||
<code>custom_sso_security_manager.py</code>. Finally, add the following 2 lines to <code>superset_config.py</code>:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">from custom_sso_security_manager import CustomSsoSecurityManager</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p><strong>Notes</strong></p><ul><li><p>The redirect URL will be <code>https://<superset-webserver>/oauth-authorized/<provider-name></code>
|
||
When configuring an OAuth2 authorization provider if needed. For instance, the redirect URL will
|
||
be <code>https://<superset-webserver>/oauth-authorized/egaSSO</code> for the above configuration.</p></li><li><p>If an OAuth2 authorization server supports OpenID Connect 1.0, you could configure its configuration
|
||
document URL only without providing <code>api_base_url</code>, <code>access_token_url</code>, <code>authorize_url</code> and other
|
||
required options like user info endpoint, jwks uri etc. For instance:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">OAUTH_PROVIDERS </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'name'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'egaSSO'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'token_key'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'access_token'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Name of the token in the response of access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'icon'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'fa-address-card'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Icon for the provider</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'remote_app'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'client_id'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'myClientId'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'client_secret'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">'MySecret'</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Secret for this Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'server_metadata_url'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">'https://myAuthorizationServer/.well-known/openid-configuration'</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">]</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div></li></ul><h3 class="anchor anchorWithStickyNavbar_mojV" id="flask-app-configuration-hook">Flask app Configuration Hook<a class="hash-link" href="#flask-app-configuration-hook" title="Direct link to heading"></a></h3><p><code>FLASK_APP_MUTATOR</code> is a configuration function that can be provided in your environment, receives
|
||
the app object and can alter it in any way. For example, add <code>FLASK_APP_MUTATOR</code> into your
|
||
<code>superset_config.py</code> to setup session cookie expiration time to 24 hours:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> flask </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> session</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> flask </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> Flask</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">def</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">make_session_permanent</span><span class="token punctuation" style="color:#393A34">(</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token triple-quoted-string string" style="color:#e3116c">'''</span><br></span><span class="token-line" style="color:#393A34"><span class="token triple-quoted-string string" style="color:#e3116c"> Enable maxAge for the cookie 'session'</span><br></span><span class="token-line" style="color:#393A34"><span class="token triple-quoted-string string" style="color:#e3116c"> '''</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> session</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">permanent </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">True</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Set up max age of session to 24 hours</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">PERMANENT_SESSION_LIFETIME </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> timedelta</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">hours</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">24</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">def</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">FLASK_APP_MUTATOR</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">app</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> Flask</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token operator" style="color:#393A34">-</span><span class="token operator" style="color:#393A34">></span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">None</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> app</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">before_request_funcs</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">setdefault</span><span class="token punctuation" style="color:#393A34">(</span><span class="token boolean" style="color:#36acaa">None</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">append</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">make_session_permanent</span><span class="token punctuation" style="color:#393A34">)</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><h3 class="anchor anchorWithStickyNavbar_mojV" id="feature-flags">Feature Flags<a class="hash-link" href="#feature-flags" title="Direct link to heading"></a></h3><p>To support a diverse set of users, Superset has some features that are not enabled by default. For
|
||
example, some users have stronger security restrictions, while some others may not. So Superset
|
||
allow users to enable or disable some features by config. For feature owners, you can add optional
|
||
functionalities in Superset, but will be only affected by a subset of users.</p><p>You can enable or disable features with flag from <code>superset_config.py</code>:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">FEATURE_FLAGS </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'CLIENT_CACHE'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">False</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'ENABLE_EXPLORE_JSON_CSRF_PROTECTION'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">False</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">'PRESTO_EXPAND_DATA'</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">False</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>A current list of feature flags can be found in <a href="https://github.com/apache/superset/blob/master/RESOURCES/FEATURE_FLAGS.md" target="_blank" rel="noopener noreferrer">RESOURCES/FEATURE_FLAGS.md</a>.</p><h3 class="anchor anchorWithStickyNavbar_mojV" id="sip-15">SIP 15<a class="hash-link" href="#sip-15" title="Direct link to heading"></a></h3><p><a href="https://github.com/apache/superset/issues/6360" target="_blank" rel="noopener noreferrer">Superset Improvement Proposal 15</a> aims to
|
||
ensure that time intervals are handled in a consistent and transparent manner for both the Druid and
|
||
SQLAlchemy connectors.</p><p>Prior to SIP-15 SQLAlchemy used inclusive endpoints however these may behave like exclusive for
|
||
string columns (due to lexicographical ordering) if no formatting was defined and the column
|
||
formatting did not conform to an ISO 8601 date-time (refer to the SIP for details).</p><p>To remedy this rather than having to define the date/time format for every non-IS0 8601 date-time
|
||
column, once can define a default column mapping on a per database level via the <code>extra</code> parameter:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">{</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> "python_date_format_by_column_name": {</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> "ds": "%Y-%m-%d"</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> }</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">}</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p><strong>New Deployments</strong></p><p>All new deployments should enable SIP-15 by setting this value in <code>superset_config.py</code>:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">SIP_15_ENABLED = True</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p><strong>Existing Deployments</strong></p><p>Given that it is not apparent whether the chart creator was aware of the time range inconsistencies
|
||
(and adjusted the endpoints accordingly) changing the behavior of all charts is overly aggressive.
|
||
Instead SIP-15 proivides a soft transistion allowing producers (chart owners) to see the impact of
|
||
the proposed change and adjust their charts accordingly.</p><p>Prior to enabling SIP-15, existing deployments should communicate to their users the impact of the
|
||
change and define a grace period end date (exclusive of course) after which all charts will conform
|
||
to the [start, end) interval.</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> datetime </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> date</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SIP_15_ENABLED </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">True</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SIP_15_GRACE_PERIOD_END </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> date</span><span class="token punctuation" style="color:#393A34">(</span><span class="token operator" style="color:#393A34"><</span><span class="token plain">YYYY</span><span class="token operator" style="color:#393A34">></span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token operator" style="color:#393A34"><</span><span class="token plain">MM</span><span class="token operator" style="color:#393A34">></span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token operator" style="color:#393A34"><</span><span class="token plain">DD</span><span class="token operator" style="color:#393A34">></span><span class="token punctuation" style="color:#393A34">)</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>To aid with transparency the current endpoint behavior is explicitly called out in the chart time
|
||
range (post SIP-15 this will be [start, end) for all connectors and databases). One can override the
|
||
defaults on a per database level via the <code>extra</code> parameter.</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">"time_range_endpoints"</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">"inclusive"</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">"inclusive"</span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>Note in a future release the interim SIP-15 logic will be removed (including the
|
||
<code>time_grain_endpoints</code> form-data field) via a code change and Alembic migration.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="theme-doc-footer-edit-meta-row row"><div class="col"><a href="https://github.com/apache/superset/tree/master/docs/docs/installation/configuring-superset.mdx" target="_blank" rel="noreferrer noopener" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_dcUD" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_foO9"></div></div></footer></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages navigation"><div class="pagination-nav__item"><a class="pagination-nav__link" href="/docs/installation/installing-superset-from-scratch"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installing From Scratch</div></a></div><div class="pagination-nav__item pagination-nav__item--next"><a class="pagination-nav__link" href="/docs/installation/networking-settings"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Additional Networking Settings</div></a></div></nav></div></div><div class="col col--3"><div class="tableOfContents_cNA8 thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#configuring-superset" class="table-of-contents__link toc-highlight">Configuring Superset</a><ul><li><a href="#configuration" class="table-of-contents__link toc-highlight">Configuration</a></li><li><a href="#running-on-a-wsgi-http-server" class="table-of-contents__link toc-highlight">Running on a WSGI HTTP Server</a></li><li><a href="#configuration-behind-a-load-balancer" class="table-of-contents__link toc-highlight">Configuration Behind a Load Balancer</a></li><li><a href="#custom-oauth2-configuration" class="table-of-contents__link toc-highlight">Custom OAuth2 Configuration</a></li><li><a href="#flask-app-configuration-hook" class="table-of-contents__link toc-highlight">Flask app Configuration Hook</a></li><li><a href="#feature-flags" class="table-of-contents__link toc-highlight">Feature Flags</a></li><li><a href="#sip-15" class="table-of-contents__link toc-highlight">SIP 15</a></li></ul></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="col footer__col"><div class="footer__title">Docs</div><ul class="footer__items"><li class="footer__item"><a class="footer__link-item" href="/docs/intro">Tutorial</a></li></ul></div><div class="col footer__col"><div class="footer__title">Community</div><ul class="footer__items"><li class="footer__item"><a href="https://stackoverflow.com/questions/tagged/superset+apache-superset" target="_blank" rel="noopener noreferrer" class="footer__link-item"><span>Stack Overflow<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li><li class="footer__item"><a href="https://join.slack.com/t/apache-superset/shared_invite/zt-uxbh5g36-AISUtHbzOXcu0BIj7kgUaw" target="_blank" rel="noopener noreferrer" class="footer__link-item"><span>Slack<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li><li class="footer__item"><a href="https://lists.apache.org/list.html?dev@superset.apache.org" target="_blank" rel="noopener noreferrer" class="footer__link-item"><span>Mailing List<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li></ul></div><div class="col footer__col"><div class="footer__title">More</div><ul class="footer__items"><li class="footer__item"><a href="https://github.com/apache/superset" target="_blank" rel="noopener noreferrer" class="footer__link-item"><span>GitHub<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li></ul></div></div><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2022,
|
||
The <a href="https://www.apache.org/" target="_blank" rel="noreferrer">Apache Software Foundation</a>,
|
||
Licensed under the Apache <a href="https://apache.org/licenses/LICENSE-2.0" target="_blank" rel="noreferrer">License</a>. <br>
|
||
<small>Apache Superset, Apache, Superset, the Superset logo, and the Apache feather logo are either registered trademarks or trademarks of The Apache Software Foundation. All other products or name brands are trademarks of their respective holders, including The Apache Software Foundation.
|
||
<a href="https://www.apache.org/" target="_blank">Apache Software Foundation</a> resources</small><br>
|
||
<small>
|
||
<a href="https://www.apache.org/security/" target="_blank" rel="noreferrer">Security</a> |
|
||
<a href="https://www.apache.org/foundation/sponsorship.html" target="_blank" rel="noreferrer">Donate</a> |
|
||
<a href="https://www.apache.org/foundation/thanks.html" target="_blank" rel="noreferrer">Thanks</a> |
|
||
<a href="https://apache.org/events/current-event" target="_blank" rel="noreferrer">Events</a> |
|
||
<a href="https://apache.org/licenses/" target="_blank" rel="noreferrer">License</a>
|
||
</small></div></div></div></footer></div>
|
||
<script src="/assets/js/runtime~main.5a0758a3.js"></script>
|
||
<script src="/assets/js/main.0949d8e1.js"></script>
|
||
</body>
|
||
</html> |