If external viewers have an active session, everything in embedded cards and dashboards will load correctly. If they do not have an active session, external viewers will see a login screen in most browsers but are blocked completely in Safari.
To avoid seeing the Domo login screen in the private embed iframe, SSO integrations were formerly configured in very old deployments of Domo Everywhere that started way back in 2017.
Those SSO configurations are blocked in Safari today because of their reliance on cookies. After Domo releases this new header authentication flow, SSO will work seamlessly even in an iframe.
In the meantime, the majority of Domo Everywhere customers focused on distributing the view experience have already migrated to the modern token-based approach. This is done by replacing PDP policies for each external user with programmatic filters in secure server-side code. This is documented in detail here.
Here is how the authentication process flows:
Migrating from PDP to programmatic filters delivers numerous other benefits beyond cookies. Filtering is now done according to the user profiles already in your host system. You no longer need to rebuild access policies in PDP. Nor do you need to create individual user accounts in Domo for each external viewer. You can show the approved content and rows for each user all through a service account that acts as a proxy for every other viewer.
Even though the changes for the edit experience will apply in 2023, all these benefits are ready for you today in the view experience. We encourage you to try these new authentication options today whether you are an existing customer or a prospect interested in a free trial: https://www.domo.com/embedded-analytics.