Getting started
SAS Visual Analytics SDK
The va-report-components library enables you to use the power of SAS Visual Analytics in your own
websites and HTML applications. You can embed entire reports with the <sas-report> custom HTML
element, embed a single object with the <sas-report-object> element, or connect to your reports
with our JavaScript API.
Learn more about va-report-components
SAS Content SDK
The content-components library provides a set of components and APIs that enable you to render
tiles representing items (such as Report and Models) stored in the SAS Viya platform. It also
enables you to use SAS content items to drive your own processes or to interact with SAS Visual
Analytics SDK.
Learn more about content-components
SAS Authentication Library for the Browser
The sas-auth-browser library provides an API that allows for an application or web page to ensure
that a user is authenticated before making SAS API calls or using SAS web components. Currently only
cookie-based authentication is supported.
Learn more about sas-auth-browser
SAS Viya Platform setup
These SDKs require connecting directly to the SAS Viya platform. You need administrator credentials to make these changes using SAS Environment Manager.
Note: The configuration changes listed below should all be made to the global context, applying to all services. Restart all services after making the changes.
Enable Cross-Origin Resource Sharing
By default, your SAS Viya platform deployment is not set up to allow access to REST API endpoints
from different domains. This is needed in order to connect to the SAS Viya platform from the domain
that is hosting your HTML page. This domain needs to be added to the allowOrigins property in your
SAS Viya platform deployment's CORS configuration. This can be done by following the
Configure
Cross-Origin Resource Sharing documentation. Note that the allowedOrigins property does not
support using the value * to support all origins. You must explicitly add your domain or a list of
domains.
Cross-Site Request Forgery
The SAS Viya platform protects against Cross-Site Request Forgery (CSRF) by blocking requests where
the HTTP Referer Header does not match the URI of the requested resource or the allowedUris CSRF
configuration property. The domain of the site using the SAS Visual Analytics SDK must be allowed in
the CSRF configuration by setting allowedUris to a regular expression that matches the domain. For
example, the regular expression .* will match all domains. See
SAS
Help Center for more information.
Cross-Site Cookies
The SAS Visual Analytics SDK requires the use of cookies to handle authentication with the SAS Viya
platform Logon service. Browsers require that the response setting the cookie explicitly enable
cross-site cookies by setting samesite=none on the response header. This is not the default for
the SAS Viya platform, so you must configure it to support the SAS Visual Analytics SDK. The
sameSite configuration option in the sas.commons.web.security.cookies definition should be set
to None, and should be applied globally to all services. See
SAS
Help Center for more information.
Note: If you have enabled settings that block cookies in your web browser, then the SAS Visual Analytics SDK cannot authenticate with the SAS Viya platform. Check your settings to make sure your web browser allows third-party cookies.
HTTPS
It is also a requirement that the SAS Viya platform be accessed using the HTTPS protocol in order for web browsers to allow cross-site cookies to be set by the SAS Viya platform. This requires that TLS (Transport Layer Security) be enabled on your SAS Viya platform deployment. See SAS Help Center for more information.
Allow guest access
The SAS Visual Analytics SDK has the option to connect to the SAS Viya platform using guest authentication. This requires that the SAS Viya platform be set up to enable guest access, and that the guest user has access to the appropriate report content and data. For more information, see SAS Help Center.