Need to bypass the SSO login page when coming from another platform, but if using standalone sjperset need to Loginvia the Oauth provider itself

[user1500177]

Isnt Apache superset already having a /login page for normal login , if I updat either with OAUTH2 is it gonna get replace with a sign in button for that single oauth provider??

What I need is to bypass this page somehow , that is if the person has logged in to a platform whi h later redirects to Superset

Instandalone superset , still need the login via Oauth provider, but if the person comes from the other platform then I don't need him to login seperately

The I am planning to extend the IndexView class and update the 1st page that is gonna be shown directly.

[dosubot[bot]]

When you enable OAUTH2 in Superset, the /login page displays a "Sign in with {provider}" button for each configured OAuth provider, not a traditional username/password form. This UI is rendered in React and adapts based on your AUTH_TYPE config—so with OAUTH2, you'll see only the OAuth sign-in button(s) unless you customize further (source).

Superset does not natively support bypassing the login page based on the request origin or referrer. Extending IndexView is not the right approach for this—IndexView only handles the root (/) route and redirects to the welcome page; it doesn't control authentication or the login process (source).

To implement conditional login bypass (e.g., auto-login if coming from another platform, but require OAuth login for standalone users), the recommended pattern is to create a custom authentication view (by subclassing AuthDBView or SupersetAuthView) and/or a custom security manager. In your custom view, you can check for a token, header, or other indicator in the request—if present, programmatically log in the user and redirect; otherwise, show the standard login UI (example):

from flask_appbuilder.security.views import AuthDBView, expose
from flask_login import login_user
from flask import redirect, request

class CustomAuthDBView(AuthDBView):
    @expose('/login/', methods=['GET', 'POST'])
    def login(self):
        token = request.args.get('token')
        if token == 'SOME_TOKEN_VALUE':
            user = self.appbuilder.sm.find_user(username=request.args.get('username'))
            if user:
                login_user(user)
                return redirect(self.appbuilder.get_url_for_index)
        return super(CustomAuthDBView, self).login()

from superset.security import SupersetSecurityManager

class CustomSecurityManager(SupersetSecurityManager):
    authdbview = CustomAuthDBView

# In your superset_config.py:
CUSTOM_SECURITY_MANAGER = CustomSecurityManager

This lets you support both flows: users redirected from another platform with a valid token can bypass the login page, while standalone users still see the OAuth login button and authenticate normally (reference).

Remember to handle security carefully—validate any tokens or headers you use for bypass, and ensure session management is robust. All customization should be done via the CUSTOM_SECURITY_MANAGER config, not by modifying IndexView.

To reply, just mention @dosu.

---

^{How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other}