We're currently working on a setup where different customers can see their own data in our Cloudera data lake. So when a customer looks at sample data or profiling data they should only see the row of their own data. I'm currently working on a solution for the profiling data.
For this I want a service account for that customer to do the profiling. This service account can also only see the rows for that customer. I was thinking of creating a component for this that reads a database table with lists of customers, url resources and CIs (Hive tables) to profile. And then use a Json call that runs a GraphQL command to run the profiling as the correct service account.
Unfortunately the url resource in the Json Call is the only part that cannot be parameterized (as far as I can see). The url resource has the authentication (One Desktop server connection), so that will not be the way to go then.
Alternatively I was thinking of using authorization in the HTTP Header. Like this.
But some experiments show that the Json Call ignores this. It will use the authorization in the One Desktop server connection anyway. This also happens when I define the server connection with authorization is Basic or None.
Is there any other way around this without creating components per customer?
I'm also working on a Python solution, should the One Desktop way not be working. So it's not a big deal if it wouldn't work. But my team is better versed in One Desktop than Python, so the One Desktop way is preferred.
