Hi,
I have a customer who would like to embed DataMiner dashboards (including e.g. special widgets such as DataMiner real time spectrum traces) in their own portal (in this case ServiceNow). The end-user, accessing the ServiceNow portal, would be a user of ServiceNow, but not a DataMiner user.
What would be the best possible setup to provide a secure access from a 3rd party portal like ServiceNow, to DataMiner dashboard shares (1) without all users to become a dataminer.services nor DataMiner node user, and (2) ensure the entire ecosystem remains highly secure.
I this possible as such, and if not, what can be proposed as an alternative?
Thanks!
There are customers already doing this by using SAML authentication on their own portal and also on DataMiner. When a user opens their own portal (could be ServiceNow), they log in on the SAML identity provider. When a dashboard or a dashboard component is embedded inside that webpage/portal (see docs how to do this), and DataMiner is also authenticating to this same SAML IDP, then the user will get automatically signed in on the Dashboards app without having to re-authenticate. This works with a local DataMiner, optionally through a Dashboards Gateway, and I believe this also works via the DataMiner Cloud with remote access to the DMA.
Note however that users after authenticating on SAML access the DMA directly and can have access to a lot of data (can be limited by applying strict DataMiner Security and using a Dashboards Gateway), but this is less secure than using the Dashboards sharing functionality where users can only access the data that is presented on the dashboard.
Thanks for the swift feedback!
Indeed, the caveat here is that users have to be created in DataMiner, and one has to make sure that the security profiles are properly configured!