Need a special offer?Find out if your project fits.
All documentation
  • Introduction
  • Connecting to Data Source
    1. Supported data sources
    2. Connecting to other data sources
  • Browser compatibility
  • Documentation for older versions
  • Configuring the authentication process

    This tutorial explains how to manage the authentication process when working with SQL Server Analysis Services (SSAS) via XMLA. We support two different approaches:

    1. Using roles from Analysis Services
    2. Using Windows authentication

    Note If you do not have XMLA configured (msmdpump.dll), we recommend using Flexmonster Accelerator — a special server-side utility developed by Flexmonster.

    Using roles from Analysis Services

    In SQL Server Analysis Services, access rights are provided based on roles. More information about role configuration can be found in this tutorial from Microsoft.

    After roles are configured in Analysis Services, they can be specified in Flexmonster reports by using the roles property. The following sample demonstrates how to specify roles:

    dataSource: { 
      type: "microsoft analysis services", 
      /* URL to msmdpump.dll */
      proxyUrl: "http://localhost/OLAP/msmdpump.dll", 
      catalog: "Adventure Works DW Standard Edition", 
      cube: "Adventure Works", 
      /* roles from SSAS, you can add multiple
         roles separated by comma */
      roles: "Sales Manager US" 

    Open the example on JSFiddle.

    Using Windows authentication


    To configure Windows authentication for the XMLA connection, do the following:

    Step 1. Allow the OPTIONS request

    In CORS, the browser sends the OPTIONS preflight request to the server. This request determines which request methods and headers the server allows.

    The OPTIONS preflight request cannot contain any credentials, so Windows Integrated Authentication will reject this request and ask for authentication. Thus, the server should always accept the preflight request. To allow the OPTIONS request, see the following guide: CORS tutorial.

    Step 2. Configure the data source on the client

    Windows authentication should be allowed on the client side as well. To enable the authentication on the client, set the withCredentials property of the DataSourceObject to true:

    var pivot = new Flexmonster({
      container: "pivotContainer",
      componentFolder: "node_modules/flexmonster/",
      toolbar: true, 
      report: {
        dataSource: {
          type: "microsoft analysis services",
          proxyUrl: "http://localhost/OLAP/msmdpump.dll",
          catalog: "Adventure Works DW Standard Edition",
          cube: "Adventure Works",
          withCredentials: true

    After applying the configurations, the requests to Microsoft Analysis Services will be performed using your current Windows user.

    What's next?

    You may be interested in the following articles: