GitHub user dosubot[bot] added a comment to the discussion: Need to bypass the
SSO login page when coming from another platform, but if using standalone
sjperset need to Loginvia the Oauth provider itself
<!-- Answer -->
When you enable OAUTH2 in Superset, the `/login` page displays a "Sign in with
{provider}" button for each configured OAuth provider, not a traditional
username/password form. This UI is rendered in React and adapts based on your
`AUTH_TYPE` config—so with OAUTH2, you'll see only the OAuth sign-in button(s)
unless you customize further
[(source)](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset-frontend/src/pages/Login/index.tsx).
Superset does not natively support bypassing the login page based on the
request origin or referrer. Extending `IndexView` is not the right approach for
this—`IndexView` only handles the root (`/`) route and redirects to the welcome
page; it doesn't control authentication or the login process
[(source)](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/initialization/__init__.py).
To implement conditional login bypass (e.g., auto-login if coming from another
platform, but require OAuth login for standalone users), the recommended
pattern is to create a custom authentication view (by subclassing `AuthDBView`
or `SupersetAuthView`) and/or a custom security manager. In your custom view,
you can check for a token, header, or other indicator in the request—if
present, programmatically log in the user and redirect; otherwise, show the
standard login UI
[(example)](https://github.com/apache/superset/discussions/32472):
```python
from flask_appbuilder.security.views import AuthDBView, expose
from flask_login import login_user
from flask import redirect, request
class CustomAuthDBView(AuthDBView):
@expose('/login/', methods=['GET', 'POST'])
def login(self):
token = request.args.get('token')
if token == 'SOME_TOKEN_VALUE':
user =
self.appbuilder.sm.find_user(username=request.args.get('username'))
if user:
login_user(user)
return redirect(self.appbuilder.get_url_for_index)
return super(CustomAuthDBView, self).login()
from superset.security import SupersetSecurityManager
class CustomSecurityManager(SupersetSecurityManager):
authdbview = CustomAuthDBView
# In your superset_config.py:
CUSTOM_SECURITY_MANAGER = CustomSecurityManager
```
This lets you support both flows: users redirected from another platform with a
valid token can bypass the login page, while standalone users still see the
OAuth login button and authenticate normally
[(reference)](https://github.com/apache/superset/discussions/32424).
Remember to handle security carefully—validate any tokens or headers you use
for bypass, and ensure session management is robust. All customization should
be done via the `CUSTOM_SECURITY_MANAGER` config, not by modifying `IndexView`.
<!-- Dosu Comment Footer -->
*To reply, just mention [@dosu](https://go.dosu.dev/dosubot).*
---
<sup>How did I do?
[Good](https://app.dosu.dev/response-feedback/d41ed69b-f2e9-44be-b8d2-8d9c5a9fd792?feedback_type=great_response)
|
[Irrelevant](https://app.dosu.dev/response-feedback/d41ed69b-f2e9-44be-b8d2-8d9c5a9fd792?feedback_type=irrelevant_answer)
|
[Incorrect](https://app.dosu.dev/response-feedback/d41ed69b-f2e9-44be-b8d2-8d9c5a9fd792?feedback_type=incorrect_sources)
|
[Verbose](https://app.dosu.dev/response-feedback/d41ed69b-f2e9-44be-b8d2-8d9c5a9fd792?feedback_type=too_verbose)
|
[Hallucination](https://app.dosu.dev/response-feedback/d41ed69b-f2e9-44be-b8d2-8d9c5a9fd792?feedback_type=hallucination)
| [Report
🐛](https://app.dosu.dev/response-feedback/d41ed69b-f2e9-44be-b8d2-8d9c5a9fd792?feedback_type=bug_report)
|
[Other](https://app.dosu.dev/response-feedback/d41ed69b-f2e9-44be-b8d2-8d9c5a9fd792?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=github)&
nbsp;[](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/34532)
GitHub link:
https://github.com/apache/superset/discussions/34532#discussioncomment-13989081
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
