If your data is separated in different schemas, databases, etc., you can override any data source properties in the SSO authorization request to dynamically use different properties. You could even use this approach to apply overrides on a dataset granularity (e.g. useful in case you have different tables per tenant)!
Depending on the specific data source you can override different properties: more information can be found in the Developer documentation.
You can find the id of your database connection by navigating to the "Connections" page in the sidebar menu. From here, you can view all of your data connections, edit the connections setting, create new connections, and share existing connections -> Connections.
An example of a SSO authorization request that includes an account_overrides for e.g. a Postgres Connection to override the host, user, and password properties:
const Luzmo = require('@luzmo/nodejs-sdk');
var client = new Luzmo({
api_key: '< Your API key >',
api_token: '< Your API token >'
});
client.create('authorization', {
type: 'sso',
username: '12345678',
suborganization: 'Burrito Co.',
name: 'SSO user',
email: 'sso_user@luzmo.com',
expiry: '24 hours',
inactivity_interval: '10 minutes',
// Override the data connection
account_overrides: {
'< your connection_id >': {
host: '< The new database host url to connect to. >',
user: '< username >',
password: '< password >'
}
}
}).then((result) => {
/* The temporary SSO authorization key and token can be found in result.id and result.token, respectively. */
console.log(result);
});
When you have multiple plugins, you can override the base_url in your SSO authorization request to point Luzmo to where the queries of an integrated dashboard should be routed to. This allows you to switch between different plugins (e.g. a plugin in a specific region, a plugin that lives in the VPC of one of your clients, etc.).
Next to that, you can also override each of the custom authentication properties that you've set up when defining the plugin in Luzmo: this could be useful in case your plugin should be using different properties to connect to the data source!
The connection id of your plugin connection can also be found in the "Connections" page -> Connections.
const Luzmo = require('@luzmo/nodejs-sdk');
var client = new Luzmo({
api_key: '< Your API key >',
api_token: '< Your API token >'
});
client.create('authorization', {
type: 'sso',
username: '12345678',
suborganization: 'Burrito Co.',
name: 'SSO user',
email : 'sso_user@luzmo.com',
expiry: '24 hours',
inactivity_interval: '10 minutes',
// Override the data connection
account_overrides: {
'< plugin_account_id >': {
base_url: '< The new plugin base url to connect to. >',
properties: {
'< custom property id >': '< new custom property value >'
}
}
.then((result) => {
// The SSO authorization key and token can be found in result.id and result.token, respectively.
console.log(result);
});
Another use case for connection overrides (accout_override) is when your database itself provides row-level security: row-level security in this context means that the database can automatically filter out rows based on the credentials. In case you are using one of our out-of-the-box connectors, you just specify the user/password overrides when requesting a SSO authorization token for your user and your database will handle the rest! When using your own plugin, you should convert the X-Property-<custom_property_id> headers to user credentials used in your underlying database.
When using Warp and connection overrides together:
All details about the account_overrides properties can be found in our Developer documentation: Authorization resource properties.