Skip to main content
Basedash supports two types of embedding:
  • Dashboard embedding: Embed a dashboard as a read-only, interactive view in an iframe.
  • Full app embedding: Embed the full Basedash app (dashboards + chat) inside your product with JWT SSO.

Dashboard embedding

Dashboard embedding is best when you want to show a specific dashboard inside another app.

Create an embed

  1. Open the dashboard in Basedash
  2. Click Share in the dashboard header
  3. Enable the Embedding toggle
  4. Copy the iframe snippet (or copy the plain URL)
Embeds use a share link with the /shared/{id} path. 
<iframe
	src="https://charts.basedash.com/shared/xyz789"
	width="100%"
	height="600"
	frameborder="0"
	allowfullscreen
></iframe>

Show or hide dashboard filters

In the share dialog, you can configure whether dashboard filters are visible in the embed. This is useful when you want a clean, fixed view (hidden filters) versus an explorable view (shown filters).

Preset variable values via URL

If your dashboard uses variables, you can preset them via query parameters on the share link.
  • Use evar_{variableSyntax}={base64Value}
  • Values are Base64 encoded
  • URL-encode the Base64 string (for example, via encodeURIComponent)
  • Only variables enabled for public sharing are supported
Example (the value 12345 is Base64 encoded as MTIzNDU=): 
<iframe
	src="https://charts.basedash.com/shared/xyz789?evar_user_id=MTIzNDU="
	width="100%"
	height="600"
	frameborder="0"
></iframe>

Full app embedding

Full app embedding is for customer portals where you want users to access Basedash inside your product, including building dashboards and chatting with the Basedash agent against their own data. Full app embedding uses JWT-based SSO inside an iframe:
  1. Your backend generates a short-lived JWT for the current end user
  2. The iframe loads a Basedash SSO URL (/api/sso/jwt?jwt=...)
  3. Basedash validates the token, creates a session, and redirects into your organization

JWT SSO iframe URL

<iframe
	src="https://charts.basedash.com/api/sso/jwt?jwt=YOUR_JWT"
	width="100%"
	height="800"
	frameborder="0"
></iframe>

JWT claims

Your JWT must include:
  • email: The user’s email
  • orgId: Your Basedash organization id
  • exp: Expiration timestamp (keep tokens short-lived)
  • iat: Issued-at timestamp
Optional claims:
  • firstName
  • lastName
  • role: ADMIN or MEMBER (used when creating a new member; defaults to MEMBER)
The token should be signed with your organization’s embed JWT secret (typically using HS256).

Allowed embed origins

If your organization has an allowed origins list configured, Basedash will reject embeds that load from any other origin. Make sure the embedding page’s origin is included, and avoid using a referrer policy that strips the Referer header.

Troubleshooting

If the iframe shows an error page, the most common causes are:
  • Missing JWT parameter: your iframe URL is missing ?jwt=...
  • Embedding not enabled: embedding isn’t enabled for your organization
  • Origin not allowed: add your site’s origin to the allowed origins list