Reverting the proxy URL (base URL) setting in Sisense Linux L2021.1.0+
Introduction
Sisense allows configuring the application to be accessed behind a reverse proxy. There are two main steps to do so:
- Create and configure a reverse proxy server (e.g. Nginx or Apache) to proxy traffic from the desired URL to the Sisense server.
- Update the Proxy (Base) URL in the Sisense settings.
In cases when the first step was not finished or was misconfigured, proceeding with the second step may lock you out of the application, preventing you from reverting the Proxy URL changes in Sisense.
This guide explains how to revert the changes via REST API and Sisense admin credentials.
For more details about the proxy configurations please refer to https://community.sisense.com/t5/knowledge-base/reverse-proxy-with-nginx-ssl-configuration/ta-p/5358
Step-by-Step Guide
Option 1 - API request
Generating a Bearer token via REST API
Send the POST /api/v1/authentication/login request:
Body (Using x-www-form-urlencoded)
|
Property
|
Value
|
|
username
|
The username you log in to Sisense with
|
|
password
|
The password you log in to Sisense with
|
The resulting HTTP request should look like:
POST /api/v1/authentication/login HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded
Example of the content:
username=user%40example.com&password=12345678
The response body will contain a JSON with the “access_token” entry, for example:
{
"success": true,
"message": "",
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiNjcyZTEzZjk4YzI0NmEwMDFkNTQ0ZjRjIiwiYXBpU2VjcmV0IjoiZmVkM2EyYzctMjdkYS1kNGNjLWFjNTktYmRlNTVkZWI3NmJlIiwiYWxsb3dlZFRlbmFudHMiOlsiNjcyZTEzZjk4YzI0NmEwMDFkNTQ0ZjU5Il0sInRlbmFudElkIjoiNjcyZTEzZjk4YzI0NmEwMDFkNTQ0ZjU5IiwiZXhwIjoxNzMxNjgwMzk0LCJpYXQiOjE3MzEwNzU1OTR9.UPEtpUkThvG8nWoGqNNDozZZyS-BjeTjjCyZodof8qg",
"profile": {},
"tenantId": "672e13f98c246a001d544f59",
"roleName": "super",
"userId": "672e13f98c246a001d544f4c"
}
Sending a POST request to update Sisense settings
- Send the POST /app/configuration/configurations/system/list request:
Headers:
Authorization: “Bearer eyJhbGciO…”
* Replace the token with a token generated in the previous step.
Body (raw, JSON):
{"base":{"webServer.proxyurl":null}}
- Wait 3-5 minutes until Sisense applies the changes and restarts the relevant services.
- Log into Sisense using a direct non-proxied address.
Option 2 - Server Access (for On-Prem installations)
- Connect to a server with configured kubectl:
- In case of a single node - the Sisense server
- In case of a Sisense-installed Kubernetes - the first node of the cluster
- In case of Cloud Kubernetes - the bastion machine
Run the following commands:
1. kubectl exec -it -n sisense $(kubectl get po -n sisense -l app=configuration -o name | tail -n 1) -- bash
* Replace the “sisense” namespace if you use a non-default namespace
2. node node_modules/@sisense/sisense-configuration/bin/sisense-conf setbase webServer.proxyurl null -p -c ${ZOOKEEPER_CONN_STRING}
3. Wait 3-5 minutes until Sisense applies the changes and restarts the relevant services.
4.Log into Sisense using a direct non-proxied address.
Conclusion
It is important to deploy and configure a reverse proxy server before introducing the configuration changes to the Sisense application. Failing to do so may lock you out of Sisense UI and you will have to use one of the above programmatic approaches to revert the configuration changes.
