Securing a Dashboard

Follow the steps below to secure the dashboard:

If you are not in the process of creating a dashboard, sign into the portal.
Click Settings from on of the following locations.
- If you are in the process of creating a dashboard, click Settings from the dashboard design mode.
- If you are in the Dashboard Designer home page, click the Settings button that corresponds to the dashboard for which you want to enable security.
Update the dashboard security settings as follows:
- Permissions - Select user roles for the viewer and editor access to this dashboard, and remove the other user roles.
  
  The editor can only select from user roles that have been already created by the administrator. For more information, see Adding a User Role and Adding a New User and Assigning Roles.
  
  When the default user roles (e.g., Internal/Everyone) are deleted, the existing user's admin privileges get revoked. Therefore, before removing the existing user roles (e.g., Internal/Everyone) of a dashboard, ensure to first save the new user roles.
- OAuth Settings
  The gadgets used in WSO2 DS may have to communicate with third-party APIs to retrieve information. If required, you can enable OAuth to secure such communication as follows:
  - Click on the Enable option to enable OAuth. This displays the Identity Server URL.
  - Click on the refresh button, to register the dashboard for OAuth purposes. This registration process is automated in WSO2 DS; therefore, if the dashboard registration process is successful, you will receive the API Key and API Secret, which will be displayed in the OAuth settings section.
    
    The Access Token URL is the same for all the dashboards. However, the API Key and API Secret is unique for each dashboard. When a gadget in a specific dashboard needs to communicate with third-party APIs to retrieve information, the Identity Server, which is embedded within WSO2 DS, uses the dashboard specific API Key and API Secret to generate an OAuth token that is used for authentication purposes.