Token auth not working when embedding full dashboard?


I just installed the latest version of Piwik and I am trying to embed piwik’s dashboard into my own CMS using the iframe code provided by Piwik. With standard widgets, the token_auth variable does the trick. However, with the dashboard embed code I have to be logged into my Piwik control panel first (I guess a session already needs to be open with Piwik) before my dashboard iframe will load. If I dont have a Piwik session open, I get the message “Error: You can’t access this resource as it requires an ‘view’ access for the website id = 1” …even if I add the token_auth variable to the source address in my iframe. Again it works fine with any standard widgets I’ve tried, but not the full dashboard widget.

Can anyone steer me in the right direction? Thanks :slight_smile:


known bug: Dashboard & Sparklines should work when embedded with token_auth · Issue #1353 · matomo-org/matomo · GitHub

oh okay thanks. that’s frustrating; it looks like priority on fixing this is low. is there a work around or 3rd party patch available?

For anyone else facing this issue, I worked around the problem by:

  1. Secure your the piwik virtual directory, or folder using basic auth
  2. Grant view access to the anonymous user in the Piwik user settings
  3. Add the basic auth credentials to the URL in the Iframe, ie.:

This adds an extra step to accessing the admin interface, but if you, like us, require the dashboard, can’t expose it to the general public, and don’t want to spend time developing a similar UI, this may be the best bet.

Good luck!


took me the better part of the day to “get here” after doubting my own instantiations.
the .htaccess kludge is nog an option for me. the idea would be to have ACL done
by my joomla installation and use a viewing account to display the dashboard for the
priviledged users without them having to remember “yet anonther” password.

reading the “jun 20, 2011” post above and the related trac issues show that this has
been around for a very long time (2years)

latest adition is a partial fix, it does not solve my challenge in including the dashboard
within my joomla CMS.

7 months ago it was bumped ( up ) in priority, would apreciate if we could see a fix.

anybody more insight into the planning of this ?

I hope to fix it in next 2 weeks!

looking forward to it! thanks Matt!