Google Git
Sign in
apache / superset-site / 8d308bfc3b8b47ae5cc9adb7c95e78ba2fdc71bf / . / docs / installation / configuring-superset / index.html
blob: 374f48b868858cc56298586c815cc9cb1f9c83f6 [file] [log] [blame]
<!doctype html>
<html class="docs-version-current" lang="en" dir="ltr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="generator" content="Docusaurus v2.0.0-beta.17">
<link rel="preconnect" href="https://www.google-analytics.com">
<script>window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)},ga.l=+new Date,ga("create","G-133LHD3B3N","auto"),ga("set","anonymizeIp",!0),ga("send","pageview")</script>
<script async src="https://www.google-analytics.com/analytics.js"></script>
<link rel="preconnect" href="https://www.google-analytics.com">
<link rel="preconnect" href="https://www.googletagmanager.com">
<script async src="https://www.googletagmanager.com/gtag/js?id=G-133LHD3B3N"></script>
<script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-133LHD3B3N",{anonymize_ip:!0})</script>
<link rel="search" type="application/opensearchdescription+xml" title="Superset" href="/opensearch.xml">
<script src="/script/matomo.js"></script><title data-rh="true">Configuring Superset | Superset</title><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://superset.apache.org/docs/installation/configuring-superset"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="Configuring Superset | Superset"><meta data-rh="true" name="description" content="Configuring Superset"><meta data-rh="true" property="og:description" content="Configuring Superset"><link data-rh="true" rel="icon" href="/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://superset.apache.org/docs/installation/configuring-superset"><link data-rh="true" rel="alternate" href="https://superset.apache.org/docs/installation/configuring-superset" hreflang="en"><link data-rh="true" rel="alternate" href="https://superset.apache.org/docs/installation/configuring-superset" hreflang="x-default"><link data-rh="true" rel="preconnect" href="https://WR5FASX5ED-dsn.algolia.net" crossorigin="anonymous"><link rel="stylesheet" href="/assets/css/styles.ba1779ef.css">
<link rel="preload" href="/assets/js/runtime~main.9b07dba6.js" as="script">
<link rel="preload" href="/assets/js/main.f67bdcb9.js" as="script">
</head>
<body class="navigation-with-keyboard">
<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
<div role="region"><a href="#" class="skipToContent_ZgBM">Skip to main content</a></div><nav class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Navigation bar toggle" class="navbar__toggle clean-btn" type="button" tabindex="0"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a class="navbar__brand" href="/"><div class="navbar__logo"><img src="/img/superset-logo-horiz.svg" alt="Superset Logo" class="themedImage_W2Cr themedImage--light_TfLj"><img src="/img/superset-logo-horiz-dark.svg" alt="Superset Logo" class="themedImage_W2Cr themedImage--dark_oUvU"></div></a><div class="navbar__item dropdown dropdown--hoverable"><a href="#" class="navbar__link">Documentation</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/docs/intro">Getting Started</a></li><li><a class="dropdown__link" href="/docs/intro">Tutorial</a></li><li><a class="dropdown__link" href="/docs/frequently-asked-questions">FAQ</a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable"><a href="#" class="navbar__link">Community</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/community">Resources</a></li><li><a href="https://github.com/apache/superset" target="_blank" rel="noopener noreferrer" class="dropdown__link"><span>GitHub<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li><li><a href="https://join.slack.com/t/apache-superset/shared_invite/zt-16jvzmoi8-sI7jKWp~xc2zYRe~NqiY9Q" target="_blank" rel="noopener noreferrer" class="dropdown__link"><span>Slack<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li><li><a href="https://lists.apache.org/list.html?dev@superset.apache.org" target="_blank" rel="noopener noreferrer" class="dropdown__link"><span>Mailing List<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li><li><a href="https://stackoverflow.com/questions/tagged/superset+apache-superset" target="_blank" rel="noopener noreferrer" class="dropdown__link"><span>Stack Overflow<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_I5OW"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></span></a></li></ul></div></div><div class="navbar__items navbar__items--right"><a href="https://github.com/apache/superset" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link" class="github-logo-container"></a><div class="searchBox_qEbK"><button type="button" class="DocSearch DocSearch-Button" aria-label="Search"><span class="DocSearch-Button-Container"><svg width="20" height="20" class="DocSearch-Search-Icon" viewBox="0 0 20 20"><path d="M14.386 14.386l4.0877 4.0877-4.0877-4.0877c-2.9418 2.9419-7.7115 2.9419-10.6533 0-2.9419-2.9418-2.9419-7.7115 0-10.6533 2.9418-2.9419 7.7115-2.9419 10.6533 0 2.9419 2.9418 2.9419 7.7115 0 10.6533z" stroke="currentColor" fill="none" fill-rule="evenodd" stroke-linecap="round" stroke-linejoin="round"></path></svg><span class="DocSearch-Button-Placeholder">Search</span></span><span class="DocSearch-Button-Keys"></span></button></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div class="main-wrapper docs-wrapper docs-doc-page"><div class="docPage_P2Lg"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_RiI4" type="button"></button><aside class="theme-doc-sidebar-container docSidebarContainer_rKC_"><div class="sidebar_CW9Y"><nav class="menu thin-scrollbar menu_SkdO"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/intro">Introduction</a></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active" href="/docs/installation/installing-superset-using-docker-compose">Installation and Configuration</a></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/installing-superset-using-docker-compose">Installing Locally Using Docker Compose</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/installing-superset-from-scratch">Installing From Scratch</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" tabindex="0" href="/docs/installation/configuring-superset">Configuring Superset</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/networking-settings">Additional Networking Settings</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/cache">Caching</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/event-logging">Event Logging</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/upgrading-superset">Upgrading Superset</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/async-queries-celery">Async Queries via Celery</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/alerts-reports">Alerts and Reports</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/sql-templating">SQL Templating</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/docs/installation/running-on-kubernetes">Running on Kubernetes</a></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" href="/docs/databases/installing-database-drivers">Connecting to Databases</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" href="/docs/creating-charts-dashboards/creating-your-first-dashboard">Creating Charts and Dashboards</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" href="/docs/miscellaneous/country-map-tools">Miscellaneous</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" href="/docs/contributing/contributing-page">Contributing</a></div></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/frequently-asked-questions">Frequently Asked Questions</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/api">API</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/docs/security">Security</a></li></ul></nav></div></aside><main class="docMainContainer_TCnq"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_DM6M"><div class="docItemContainer_vinB"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Xlws" aria-label="breadcrumbs"><ul class="breadcrumbs"><li class="breadcrumbs__item"><a class="breadcrumbs__link breadcrumbsItemLink_e5ie" href="/">🏠</a></li><li class="breadcrumbs__item"><span class="breadcrumbs__link breadcrumbsItemLink_e5ie">Installation and Configuration</span></li><li class="breadcrumbs__item breadcrumbs__item--active"><a class="breadcrumbs__link breadcrumbsItemLink_e5ie" href="/docs/installation/configuring-superset">Configuring Superset</a></li></ul></nav><div class="tocCollapsible_jdIR theme-doc-toc-mobile tocMobile_TmEX"><button type="button" class="clean-btn tocCollapsibleButton_Fzxq">On this page</button></div><div class="theme-doc-markdown markdown"><h2 class="anchor anchorWithStickyNavbar_mojV" id="configuring-superset">Configuring Superset<a class="hash-link" href="#configuring-superset" title="Direct link to heading"></a></h2><h3 class="anchor anchorWithStickyNavbar_mojV" id="configuration">Configuration<a class="hash-link" href="#configuration" title="Direct link to heading"></a></h3><p>To configure your application, you need to create a file <code>superset_config.py</code> and add it to your
<code>PYTHONPATH</code>. If your application was installed using docker-compose an alternative configuration is required. See <a href="https://github.com/apache/superset/tree/master/docker#readme" target="_blank" rel="noopener noreferrer">https://github.com/apache/superset/tree/master/docker#readme</a> for details.</p><p>Here are some of the parameters you can set in that file:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain"># Superset specific config</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ROW_LIMIT = 5000</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SUPERSET_WEBSERVER_PORT = 8088</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Flask App Builder configuration</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Your App secret key will be used for securely signing the session cookie</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># and encrypting sensitive information on the database</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Make sure you are changing this key for your deployment with a strong key.</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># You can generate a strong key using `openssl rand -base64 42`</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SECRET_KEY = &#x27;YOUR_OWN_RANDOM_GENERATED_SECRET_KEY&#x27;</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># The SQLAlchemy connection string to your database backend</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># This connection defines the path to the database that stores your</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># superset metadata (slices, connections, tables, dashboards, ...).</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Note that the connection information to connect to the datasources</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># you want to explore are managed directly in the web UI</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SQLALCHEMY_DATABASE_URI = &#x27;sqlite:////path/to/superset.db&#x27;</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Flask-WTF flag for CSRF</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_ENABLED = True</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Add endpoints that need to be exempt from CSRF protection</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_EXEMPT_LIST = []</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># A CSRF token that expires in 1 year</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_TIME_LIMIT = 60 * 60 * 24 * 365</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Set this API key to enable Mapbox visualizations</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">MAPBOX_API_KEY = &#x27;&#x27;</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>All the parameters and default values defined in
<a href="https://github.com/apache/superset/blob/master/superset/config.py" target="_blank" rel="noopener noreferrer">https://github.com/apache/superset/blob/master/superset/config.py</a>
can be altered in your local <code>superset_config.py</code>. Administrators will want to read through the file
to understand what can be configured locally as well as the default values in place.</p><p>Since <code>superset_config.py</code> acts as a Flask configuration module, it can be used to alter the
settings Flask itself, as well as Flask extensions like <code>flask-wtf</code>, <code>flask-caching</code>, <code>flask-migrate</code>,
and <code>flask-appbuilder</code>. Flask App Builder, the web framework used by Superset, offers many
configuration settings. Please consult the
<a href="https://flask-appbuilder.readthedocs.org/en/latest/config.html" target="_blank" rel="noopener noreferrer">Flask App Builder Documentation</a>
for more information on how to configure it.</p><p>Make sure to change:</p><ul><li><code>SQLALCHEMY_DATABASE_URI</code>: by default it is stored at ~/.superset/superset.db</li><li><code>SECRET_KEY</code>: to a long random string</li></ul><p>If you need to exempt endpoints from CSRF (e.g. if you are running a custom auth postback endpoint),
you can add the endpoints to <code>WTF_CSRF_EXEMPT_LIST</code>:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">WTF_CSRF_EXEMPT_LIST = [‘’]</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><h3 class="anchor anchorWithStickyNavbar_mojV" id="using-a-production-metastore">Using a production metastore<a class="hash-link" href="#using-a-production-metastore" title="Direct link to heading"></a></h3><p>By default Superset is configured to use SQLite, it&#x27;s a simple and fast way to get you started
(no installation needed). But for production environments you should use a different database engine on
a separate host or container.</p><p>Superset supports the following database engines/versions:</p><table><thead><tr><th>Database Engine</th><th>Supported Versions</th></tr></thead><tbody><tr><td><a href="https://www.postgresql.org/" target="_blank" rel="noopener noreferrer">PostgreSQL</a></td><td>10.X, 11.X, 12.X, 13.X, 14.X</td></tr><tr><td><a href="https://www.mysql.com/" target="_blank" rel="noopener noreferrer">MySQL</a></td><td>5.X</td></tr></tbody></table><p>Use the following database drivers and connection strings:</p><table><thead><tr><th>Database</th><th>PyPI package</th><th>Connection String</th></tr></thead><tbody><tr><td><a href="https://www.postgresql.org/" target="_blank" rel="noopener noreferrer">PostgreSQL</a></td><td><code>pip install psycopg2</code></td><td><code>postgresql://&lt;UserName&gt;:&lt;DBPassword&gt;@&lt;Database Host&gt;/&lt;Database Name&gt;</code></td></tr><tr><td><a href="https://www.mysql.com/" target="_blank" rel="noopener noreferrer">MySQL</a></td><td><code>pip install mysqlclient</code></td><td><code>mysql://&lt;UserName&gt;:&lt;DBPassword&gt;@&lt;Database Host&gt;/&lt;Database Name&gt;</code></td></tr><tr><td>SQLite</td><td>No additional library needed</td><td><code>sqlite://</code></td></tr></tbody></table><p>To configure Superset metastore set <code>SQLALCHEMY_DATABASE_URI</code> config key on <code>superset_config</code>
to the appropriate connection string.</p><h3 class="anchor anchorWithStickyNavbar_mojV" id="running-on-a-wsgi-http-server">Running on a WSGI HTTP Server<a class="hash-link" href="#running-on-a-wsgi-http-server" title="Direct link to heading"></a></h3><p>While you can run Superset on NGINX or Apache, we recommend using Gunicorn in async mode. This
enables impressive concurrency even and is fairly easy to install and configure. Please refer to the
documentation of your preferred technology to set up this Flask WSGI application in a way that works
well in your environment. Here’s an async setup known to work well in production:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain"> -w 10 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> -k gevent \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --worker-connections 1000 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --timeout 120 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> -b 0.0.0.0:6666 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --limit-request-line 0 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --limit-request-field_size 0 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> --statsd-host localhost:8125 \</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> &quot;superset.app:create_app()&quot;</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>Refer to the <a href="https://docs.gunicorn.org/en/stable/design.html" target="_blank" rel="noopener noreferrer">Gunicorn documentation</a> for more
information. <em>Note that the development web server (<code>superset run</code> or <code>flask run</code>) is not intended
for production use.</em></p><p>If you&#x27;re not using Gunicorn, you may want to disable the use of <code>flask-compress</code> by setting
<code>COMPRESS_REGISTER = False</code> in your <code>superset_config.py</code>.</p><h3 class="anchor anchorWithStickyNavbar_mojV" id="configuration-behind-a-load-balancer">Configuration Behind a Load Balancer<a class="hash-link" href="#configuration-behind-a-load-balancer" title="Direct link to heading"></a></h3><p>If you are running superset behind a load balancer or reverse proxy (e.g. NGINX or ELB on AWS), you
may need to utilize a healthcheck endpoint so that your load balancer knows if your superset
instance is running. This is provided at <code>/health</code> which will return a 200 response containing “OK”
if the webserver is running.</p><p>If the load balancer is inserting <code>X-Forwarded-For/X-Forwarded-Proto</code> headers, you should set
<code>ENABLE_PROXY_FIX = True</code> in the superset config file (<code>superset_config.py</code>) to extract and use the
headers.</p><p>In case the reverse proxy is used for providing SSL encryption, an explicit definition of the
<code>X-Forwarded-Proto</code> may be required. For the Apache webserver this can be set as follows:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">RequestHeader set X-Forwarded-Proto &quot;https&quot;</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><h3 class="anchor anchorWithStickyNavbar_mojV" id="custom-oauth2-configuration">Custom OAuth2 Configuration<a class="hash-link" href="#custom-oauth2-configuration" title="Direct link to heading"></a></h3><p>Beyond FAB supported providers (GitHub, Twitter, LinkedIn, Google, Azure, etc), its easy to connect
Superset with other OAuth2 Authorization Server implementations that support “code” authorization.</p><p>Make sure the pip package <a href="https://authlib.org/" target="_blank" rel="noopener noreferrer"><code>Authlib</code></a> is installed on the webserver.</p><p>First, configure authorization in Superset <code>superset_config.py</code>.</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> flask_appbuilder</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">security</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">manager </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> AUTH_OAUTH</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Set the authentication type to OAuth</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">AUTH_TYPE </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> AUTH_OAUTH</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">OAUTH_PROVIDERS </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;name&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;egaSSO&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;token_key&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;access_token&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Name of the token in the response of access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;icon&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;fa-address-card&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Icon for the provider</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;remote_app&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;client_id&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;myClientId&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;client_secret&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;MySecret&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Secret for this Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;client_kwargs&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;scope&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;read&#x27;</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Scope for the Authorization</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;access_token_method&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;POST&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># HTTP Method to call access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;access_token_params&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Additional parameters for calls to access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;client_id&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;myClientId&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;access_token_headers&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Additional headers for calls to access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;Authorization&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;Basic Base64EncodedClientIdAndSecret&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;api_base_url&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;https://myAuthorizationServer/oauth2AuthorizationServer/&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;access_token_url&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;https://myAuthorizationServer/oauth2AuthorizationServer/token&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;authorize_url&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;https://myAuthorizationServer/oauth2AuthorizationServer/authorize&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Will allow user self registration, allowing to create Flask users from Authorized User</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">AUTH_USER_REGISTRATION </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">True</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># The default user self registration role</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">AUTH_USER_REGISTRATION_ROLE </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&quot;Public&quot;</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>Then, create a <code>CustomSsoSecurityManager</code> that extends <code>SupersetSecurityManager</code> and overrides
<code>oauth_user_info</code>:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> logging</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> superset</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">security </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> SupersetSecurityManager</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">class</span><span class="token plain"> </span><span class="token class-name">CustomSsoSecurityManager</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">SupersetSecurityManager</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token keyword" style="color:#00009f">def</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">oauth_user_info</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">self</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> provider</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> response</span><span class="token operator" style="color:#393A34">=</span><span class="token boolean" style="color:#36acaa">None</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> logging</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">debug</span><span class="token punctuation" style="color:#393A34">(</span><span class="token string" style="color:#e3116c">&quot;Oauth2 provider: {0}.&quot;</span><span class="token punctuation" style="color:#393A34">.</span><span class="token builtin">format</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">provider</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token keyword" style="color:#00009f">if</span><span class="token plain"> provider </span><span class="token operator" style="color:#393A34">==</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;egaSSO&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># As example, this line request a GET to base_url + &#x27;/&#x27; + userDetails with Bearer Authentication,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># and expects that authorization server checks the token, and response with user details</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> me </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> self</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">appbuilder</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">sm</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">oauth_remotes</span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain">provider</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">get</span><span class="token punctuation" style="color:#393A34">(</span><span class="token string" style="color:#e3116c">&#x27;userDetails&#x27;</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">data</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> logging</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">debug</span><span class="token punctuation" style="color:#393A34">(</span><span class="token string" style="color:#e3116c">&quot;user_data: {0}&quot;</span><span class="token punctuation" style="color:#393A34">.</span><span class="token builtin">format</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">me</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token keyword" style="color:#00009f">return</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;name&#x27;</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&#x27;name&#x27;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;email&#x27;</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&#x27;email&#x27;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;id&#x27;</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&#x27;user_name&#x27;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;username&#x27;</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> me</span><span class="token punctuation" style="color:#393A34">[</span><span class="token string" style="color:#e3116c">&#x27;user_name&#x27;</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;first_name&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;last_name&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;&#x27;</span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">.</span><span class="token punctuation" style="color:#393A34">.</span><span class="token punctuation" style="color:#393A34">.</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>This file must be located at the same directory than <code>superset_config.py</code> with the name
<code>custom_sso_security_manager.py</code>. Finally, add the following 2 lines to <code>superset_config.py</code>:</p><div class="codeBlockContainer_I0IT theme-code-block"><div class="codeBlockContent_wNvx"><pre tabindex="0" class="prism-code language-text codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">from custom_sso_security_manager import CustomSsoSecurityManager</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p><strong>Notes</strong></p><ul><li><p>The redirect URL will be <code>https://&lt;superset-webserver&gt;/oauth-authorized/&lt;provider-name&gt;</code>
When configuring an OAuth2 authorization provider if needed. For instance, the redirect URL will
be <code>https://&lt;superset-webserver&gt;/oauth-authorized/egaSSO</code> for the above configuration.</p></li><li><p>If an OAuth2 authorization server supports OpenID Connect 1.0, you could configure its configuration
document URL only without providing <code>api_base_url</code>, <code>access_token_url</code>, <code>authorize_url</code> and other
required options like user info endpoint, jwks uri etc. For instance:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">OAUTH_PROVIDERS </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;name&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;egaSSO&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;token_key&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;access_token&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Name of the token in the response of access_token_url</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;icon&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;fa-address-card&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Icon for the provider</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;remote_app&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;client_id&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;myClientId&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;client_secret&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token string" style="color:#e3116c">&#x27;MySecret&#x27;</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># Secret for this Client Id (Identify Superset application)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;server_metadata_url&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;https://myAuthorizationServer/.well-known/openid-configuration&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">]</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div></li></ul><h3 class="anchor anchorWithStickyNavbar_mojV" id="flask-app-configuration-hook">Flask app Configuration Hook<a class="hash-link" href="#flask-app-configuration-hook" title="Direct link to heading"></a></h3><p><code>FLASK_APP_MUTATOR</code> is a configuration function that can be provided in your environment, receives
the app object and can alter it in any way. For example, add <code>FLASK_APP_MUTATOR</code> into your
<code>superset_config.py</code> to setup session cookie expiration time to 24 hours:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> flask </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> session</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">from</span><span class="token plain"> flask </span><span class="token keyword" style="color:#00009f">import</span><span class="token plain"> Flask</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">def</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">make_session_permanent</span><span class="token punctuation" style="color:#393A34">(</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token triple-quoted-string string" style="color:#e3116c">&#x27;&#x27;&#x27;</span><br></span><span class="token-line" style="color:#393A34"><span class="token triple-quoted-string string" style="color:#e3116c"> Enable maxAge for the cookie &#x27;session&#x27;</span><br></span><span class="token-line" style="color:#393A34"><span class="token triple-quoted-string string" style="color:#e3116c"> &#x27;&#x27;&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> session</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">permanent </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">True</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token comment" style="color:#999988;font-style:italic"># Set up max age of session to 24 hours</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">PERMANENT_SESSION_LIFETIME </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> timedelta</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">hours</span><span class="token operator" style="color:#393A34">=</span><span class="token number" style="color:#36acaa">24</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token keyword" style="color:#00009f">def</span><span class="token plain"> </span><span class="token function" style="color:#d73a49">FLASK_APP_MUTATOR</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">app</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> Flask</span><span class="token punctuation" style="color:#393A34">)</span><span class="token plain"> </span><span class="token operator" style="color:#393A34">-</span><span class="token operator" style="color:#393A34">&gt;</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">None</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> app</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">before_request_funcs</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">setdefault</span><span class="token punctuation" style="color:#393A34">(</span><span class="token boolean" style="color:#36acaa">None</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">[</span><span class="token punctuation" style="color:#393A34">]</span><span class="token punctuation" style="color:#393A34">)</span><span class="token punctuation" style="color:#393A34">.</span><span class="token plain">append</span><span class="token punctuation" style="color:#393A34">(</span><span class="token plain">make_session_permanent</span><span class="token punctuation" style="color:#393A34">)</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><h3 class="anchor anchorWithStickyNavbar_mojV" id="feature-flags">Feature Flags<a class="hash-link" href="#feature-flags" title="Direct link to heading"></a></h3><p>To support a diverse set of users, Superset has some features that are not enabled by default. For
example, some users have stronger security restrictions, while some others may not. So Superset
allow users to enable or disable some features by config. For feature owners, you can add optional
functionalities in Superset, but will be only affected by a subset of users.</p><p>You can enable or disable features with flag from <code>superset_config.py</code>:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">FEATURE_FLAGS </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token punctuation" style="color:#393A34">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;CLIENT_CACHE&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">False</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;ENABLE_EXPLORE_JSON_CSRF_PROTECTION&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">False</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;PRESTO_EXPAND_DATA&#x27;</span><span class="token punctuation" style="color:#393A34">:</span><span class="token plain"> </span><span class="token boolean" style="color:#36acaa">False</span><span class="token punctuation" style="color:#393A34">,</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token punctuation" style="color:#393A34">}</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>A current list of feature flags can be found in <a href="https://github.com/apache/superset/blob/master/RESOURCES/FEATURE_FLAGS.md" target="_blank" rel="noopener noreferrer">RESOURCES/FEATURE_FLAGS.md</a>.</p><h3 class="anchor anchorWithStickyNavbar_mojV" id="secret_key-rotation">SECRET_KEY Rotation<a class="hash-link" href="#secret_key-rotation" title="Direct link to heading"></a></h3><p>If you want to rotate the SECRET_KEY(change the existing secret key), follow the below steps.</p><p>Add the new SECRET_KEY and PREVIOUS_SECRET_KEY to <code>superset_config.py</code>:</p><div class="codeBlockContainer_I0IT language-python theme-code-block"><div class="codeBlockContent_wNvx python"><pre tabindex="0" class="prism-code language-python codeBlock_jd64 thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_mRuA"><span class="token-line" style="color:#393A34"><span class="token plain">PREVIOUS_SECRET_KEY </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;CURRENT_SECRET_KEY&#x27;</span><span class="token plain"> </span><span class="token comment" style="color:#999988;font-style:italic"># The default SECRET_KEY for deployment is &#x27;21thisismyscretkey12eyyh&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">SECRET_KEY </span><span class="token operator" style="color:#393A34">=</span><span class="token plain"> </span><span class="token string" style="color:#e3116c">&#x27;YOUR_OWN_RANDOM_GENERATED_SECRET_KEY&#x27;</span><br></span></code></pre><button type="button" aria-label="Copy code to clipboard" class="copyButton_wuS7 clean-btn">Copy</button></div></div><p>Then run <code>superset re-encrypt-secrets</code></p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="theme-doc-footer-edit-meta-row row"><div class="col"><a href="https://github.com/apache/superset/tree/master/docs/docs/installation/configuring-superset.mdx" target="_blank" rel="noreferrer noopener" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_dcUD" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_foO9"></div></div></footer></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages navigation"><div class="pagination-nav__item"><a class="pagination-nav__link" href="/docs/installation/installing-superset-from-scratch"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installing From Scratch</div></a></div><div class="pagination-nav__item pagination-nav__item--next"><a class="pagination-nav__link" href="/docs/installation/networking-settings"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Additional Networking Settings</div></a></div></nav></div></div><div class="col col--3"><div class="tableOfContents_cNA8 thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#configuring-superset" class="table-of-contents__link toc-highlight">Configuring Superset</a><ul><li><a href="#configuration" class="table-of-contents__link toc-highlight">Configuration</a></li><li><a href="#using-a-production-metastore" class="table-of-contents__link toc-highlight">Using a production metastore</a></li><li><a href="#running-on-a-wsgi-http-server" class="table-of-contents__link toc-highlight">Running on a WSGI HTTP Server</a></li><li><a href="#configuration-behind-a-load-balancer" class="table-of-contents__link toc-highlight">Configuration Behind a Load Balancer</a></li><li><a href="#custom-oauth2-configuration" class="table-of-contents__link toc-highlight">Custom OAuth2 Configuration</a></li><li><a href="#flask-app-configuration-hook" class="table-of-contents__link toc-highlight">Flask app Configuration Hook</a></li><li><a href="#feature-flags" class="table-of-contents__link toc-highlight">Feature Flags</a></li><li><a href="#secret_key-rotation" class="table-of-contents__link toc-highlight">SECRET_KEY Rotation</a></li></ul></li></ul></div></div></div></div></main></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2022,
The <a href="https://www.apache.org/" target="_blank" rel="noreferrer">Apache Software Foundation</a>,
Licensed under the Apache <a href="https://apache.org/licenses/LICENSE-2.0" target="_blank" rel="noreferrer">License</a>. <br>
<small>Apache Superset, Apache, Superset, the Superset logo, and the Apache feather logo are either registered trademarks or trademarks of The Apache Software Foundation. All other products or name brands are trademarks of their respective holders, including The Apache Software Foundation.
<a href="https://www.apache.org/" target="_blank">Apache Software Foundation</a> resources</small><br>
<small>
<a href="https://www.apache.org/security/" target="_blank" rel="noreferrer">Security</a>&nbsp;|&nbsp;
<a href="https://www.apache.org/foundation/sponsorship.html" target="_blank" rel="noreferrer">Donate</a>&nbsp;|&nbsp;
<a href="https://www.apache.org/foundation/thanks.html" target="_blank" rel="noreferrer">Thanks</a>&nbsp;|&nbsp;
<a href="https://apache.org/events/current-event" target="_blank" rel="noreferrer">Events</a>&nbsp;|&nbsp;
<a href="https://apache.org/licenses/" target="_blank" rel="noreferrer">License</a>
</small></div></div></div></footer></div>
<script src="/assets/js/runtime~main.9b07dba6.js"></script>
<script src="/assets/js/main.f67bdcb9.js"></script>
</body>
</html>