boldbi · MadeshGiri · Feb 26, 2026 · Feb 19, 2026
diff --git a/Controllers/EmbedDataController.cs b/Controllers/EmbedDataController.cs
@@ -1,16 +1,12 @@
 using System;
 using System.Collections.Generic;
-using System.Linq;
 using System.Net.Http;
-using System.Threading.Tasks;
 using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using BoldBIEmbedSample.Models;
 using Newtonsoft.Json;
-using Microsoft.AspNetCore.Mvc.Razor;
-using Microsoft.AspNetCore.Mvc.ViewEngines;
 using System.IO;
+using System.Text;
 
 namespace BoldBIEmbedSample.Controllers
 {
@@ -64,72 +60,60 @@ public string GetDashboards()
         {
             var token = GetToken();
 
-            using (var client = new HttpClient())
-            {
-                client.BaseAddress = new Uri(GlobalAppSettings.EmbedDetails.ServerUrl);
-                client.DefaultRequestHeaders.Accept.Clear();
-                client.DefaultRequestHeaders.Add("Authorization", token.TokenType + " " + token.AccessToken);
-                var result = client.GetAsync(GlobalAppSettings.EmbedDetails.ServerUrl + "/api/" + GlobalAppSettings.EmbedDetails.SiteIdentifier + "/v2.0/items?ItemType=2").Result;
-                string resultContent = result.Content.ReadAsStringAsync().Result;
-                return resultContent;
-            }
+            using var client = new HttpClient();
+            client.BaseAddress = new Uri(GlobalAppSettings.EmbedDetails.ServerUrl);
+            client.DefaultRequestHeaders.Accept.Clear();
+            client.DefaultRequestHeaders.Add("Authorization", token.TokenType + " " + token.AccessToken);
+            var result = client.GetAsync(GlobalAppSettings.EmbedDetails.ServerUrl + "/api/" + GlobalAppSettings.EmbedDetails.SiteIdentifier + "/v2.0/items?ItemType=2").Result;
+            string resultContent = result.Content.ReadAsStringAsync().Result;
+            return resultContent;
         }
 
         public Token GetToken()
         {
-            using (var client = new HttpClient())
-            {
-                client.BaseAddress = new Uri(GlobalAppSettings.EmbedDetails.ServerUrl);
-                client.DefaultRequestHeaders.Accept.Clear();
+            using var client = new HttpClient();
+            client.BaseAddress = new Uri(GlobalAppSettings.EmbedDetails.ServerUrl);
+            client.DefaultRequestHeaders.Accept.Clear();
 
-                var content = new FormUrlEncodedContent(new[]
-                {
+            var content = new FormUrlEncodedContent(new[]
+            {
                     new KeyValuePair<string, string>("grant_type", "embed_secret"),
                     new KeyValuePair<string, string>("Username", GlobalAppSettings.EmbedDetails.UserEmail),
                     new KeyValuePair<string, string>("embed_secret", GlobalAppSettings.EmbedDetails.EmbedSecret)
                 });
-                var result = client.PostAsync(GlobalAppSettings.EmbedDetails.ServerUrl + "/api/" + GlobalAppSettings.EmbedDetails.SiteIdentifier + "/token", content).Result;
-                string resultContent = result.Content.ReadAsStringAsync().Result;
-                var response = JsonConvert.DeserializeObject<Token>(resultContent);
-                return response;
-            }
+            var result = client.PostAsync(GlobalAppSettings.EmbedDetails.ServerUrl + "/api/" + GlobalAppSettings.EmbedDetails.SiteIdentifier + "/token", content).Result;
+            string resultContent = result.Content.ReadAsStringAsync().Result;
+            var response = JsonConvert.DeserializeObject<Token>(resultContent);
+            return response;
         }
 
         [HttpPost("[action]")]
-        [Route("AuthorizationServer")]
-        public string AuthorizationServer([FromBody] object embedQuerString)
+        [Route("TokenGeneration")]
+        public string TokenGeneration()
         {
-            var embedClass = JsonConvert.DeserializeObject<EmbedClass>(embedQuerString.ToString());
-            var embedQuery = embedClass.embedQuerString;
-            // User your user-email as embed_user_email
-            embedQuery += "&embed_user_email=" + GlobalAppSettings.EmbedDetails.UserEmail;
-            //To set embed_server_timestamp to overcome the EmbedCodeValidation failing while different timezone using at client application.
-            double timeStamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
-            embedQuery += "&embed_server_timestamp=" + timeStamp;
-            var embedDetailsUrl = "/embed/authorize?" + embedQuery + "&embed_signature=" + GetSignatureUrl(embedQuery);
-
-            using (var client = new HttpClient())
+            var embedDetails = new
             {
-                client.BaseAddress = new Uri(embedClass.dashboardServerApiUrl);
-                client.DefaultRequestHeaders.Accept.Clear();
+                email = GlobalAppSettings.EmbedDetails.UserEmail,
+                serverurl = GlobalAppSettings.EmbedDetails.ServerUrl,
+                siteidentifier = GlobalAppSettings.EmbedDetails.SiteIdentifier,
+                embedsecret = GlobalAppSettings.EmbedDetails.EmbedSecret,
+                dashboard = new  // Dashboard ID property is mandatory only when using BoldBI version 14.1.11.
+                {
+                    id = GlobalAppSettings.EmbedDetails.DashboardId
+                }
+            };
+
+            //Post call to Bold BI server
+            var client = new HttpClient();
+            var requestUrl = $"{embedDetails.serverurl}/api/{embedDetails.siteidentifier}/embed/authorize";
 
-                var result = client.GetAsync(embedClass.dashboardServerApiUrl + embedDetailsUrl).Result;
-                string resultContent = result.Content.ReadAsStringAsync().Result;
-                return resultContent;
-            }
-        }
+            var jsonPayload = JsonConvert.SerializeObject(embedDetails);
+            var httpContent = new StringContent(jsonPayload, Encoding.UTF8, "application/json");
 
-        public string GetSignatureUrl(string message)
-        {
-            var encoding = new System.Text.UTF8Encoding();
-            var keyBytes = encoding.GetBytes(GlobalAppSettings.EmbedDetails.EmbedSecret);
-            var messageBytes = encoding.GetBytes(message);
-            using (var hmacsha1 = new System.Security.Cryptography.HMACSHA256(keyBytes))
-            {
-                var hashMessage = hmacsha1.ComputeHash(messageBytes);
-                return Convert.ToBase64String(hashMessage);
-            }
+            var result = client.PostAsync(requestUrl, httpContent).Result;
+            var resultContent = result.Content.ReadAsStringAsync().Result;
+
+            return JsonConvert.DeserializeObject<dynamic>(resultContent).Data.access_token;
         }
     }
-}
-
+}
diff --git a/Views/EmbedData/DashboardListing.cshtml b/Views/EmbedData/DashboardListing.cshtml
@@ -17,15 +17,15 @@
         var siteIdentifier = "@ViewBag.SiteIdentifier";
         var environment = "@ViewBag.Environment";
         var embedType = "@ViewBag.EmbedType";
-        var authorizationServerUrl = "@Url.Action("AuthorizationServer", "EmbedData")";
         var getDashboardsUrl = "@Url.Action("GetDashboards", "EmbedData")";
+        var tokenGenerationUrl = "@Url.Action("TokenGeneration", "EmbedData")";
     </script>
 </head>
 
 <body onload="Init()">
     <div id="container">
         <div class="header-section">
-            <div id="grid-title">All Dashboard</div>
+            <div id="grid-title">All Dashboards</div>
         </div>
         <div id="panel">
         </div>

diff --git a/Views/EmbedData/_Host.cshtml b/Views/EmbedData/_Host.cshtml
@@ -16,7 +16,7 @@
         var siteIdentifier = "@ViewBag.SiteIdentifier";
         var environment = "@ViewBag.Environment";
         var embedType = "@ViewBag.EmbedType";
-        var authorizationServerUrl = "@Url.Action("AuthorizationServer", "EmbedData")";
+        var tokenGenerationUrl = "@Url.Action("TokenGeneration", "EmbedData")";
     </script>
 </head>
 

diff --git a/wwwroot/js/Index.js b/wwwroot/js/Index.js
@@ -35,18 +35,31 @@ function ListDashboards(data) {
     }
 }
 
+function getEmbedToken() {
+    return fetch(tokenGenerationUrl, { // Backend application URL
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({})
+    })
+        .then(response => {
+            if (!response.ok) throw new Error("Token fetch failed");
+            return response.text();
+        });
+}
+
 function renderDashboard(dashboardId) {
-    this.dashboard = BoldBI.create({
-        serverUrl: rootUrl + "/" + siteIdentifier,
-        dashboardId: dashboardId,
-        embedContainerId: "dashboard",
-        width: "100%",
-        height: "100%",
-        authorizationServer: {
-            url: authorizationServerUrl  
-        }
-    });
+    this.getEmbedToken()
+        .then(accessToken => {
+            const dashboard = BoldBI.create({
+                serverUrl: rootUrl + "/" + siteIdentifier,
+                dashboardId: dashboardId,
+                embedContainerId: "dashboard",
+                embedToken: accessToken
+            });
 
-    console.log(this.dashboard);
-    this.dashboard.loadDashboard();
+            dashboard.loadDashboard();
+        })
+        .catch(err => {
+            console.error("Error rendering dashboard:", err);
+        });
 };