GitHub user rohitm-espl added a comment to the discussion: 404 Not Found When
Calling `/api/v1/dashboard/:id/embedded` Despite Valid Login + CSRF
@dosu
In my case I **already know the dashboard slug/ID**, and my goal is
specifically to call the **embedded metadata endpoint** that Superset itself
uses when loading embedded dashboards in the UI:
```
GET /api/v1/dashboard/:slug/embedded
```
This endpoint **does exist** in Superset 2.x / 3.x and should return:
```json
{
"result": {
"uuid": "<embedded_uuid>",
...
}
}
```
The problem is that I am consistently getting:
```json
{ "message": "Not found" }
```
**even though:**
* Embedding *is* enabled
* The dashboard has an embedded record already
* I am authenticated with a valid access token
* I send both `x-csrftoken` and the Superset `session` cookie
The issue turned out **not** to be endpoint correctness, but rather **the
session cookie not being valid** for the authenticated user — because
`/api/v1/security/csrf_token/` must be called **with the Authorization
header**, and the resulting session cookie must be **persisted and reused**
across requests. If the session and CSRF token don’t match, Superset silently
returns 404 on embedded endpoints.
GitHub link:
https://github.com/apache/superset/discussions/35997#discussioncomment-14879280
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
