OAuth User for Superset
In IIn order to use user authentication in Superset by an OpenLMIS instance an additional user has been to be created in OpenLMIS. It is the specific superset user with authorizedGrantTypes set to authorization_code. Credentials for this user are in the settings.env file in the selv-v3-configuration repository.
Since 3.9 OLMIS version, it is also required to fill the redirecturi column set to [superset url]/oauth-authorized/openlmis value (example: 'https://reporting.test.selv.org.mz:8088/oauth-authorized/openlmis')
Security
Security is handled via User Roles and Users. A User is a distinct login with a password, and is tied to an email address. There can only be one User per email address. A User Role is the list of actions that a User can do in Superset. 'Admin' user has Admin role and this user has access to all Superset functions.
Other application users have OLMIS_Gamma role assigned to them which limits their ability to view existing reports and create new reports. Users with the OLMIS_Gamma role cannot edit or delete existing reports.
...