Configuration Guide
After running the Setup Wizard, use the Settings screen to fine-tune databases, access control, viewer behavior, and security.
On this page
Database Connections
ReportBridge connects to your existing databases to render reports. Configure one or more PostgreSQL or SQL Server connections in the Settings screen.
PostgreSQL
Provide the host, port, database name, and credentials. ReportBridge uses read-only connections with READ ONLY transactions for all report queries.
SQL Server (Legacy)
For reports not yet converted, provide MSSQL connection details. The AI conversion pipeline reads from SQL Server and generates equivalent PostgreSQL queries.
Tip: Use the Test Connection button in Settings to verify connectivity before saving. The test checks TCP reachability and authentication.
Access Control
ReportBridge supports group-based access control. Assign Domo groups (or standalone groups) to organizations to control who sees what.
Admin Groups
Members can access the Admin app: manage reports, run conversions, configure settings, and view audit logs.
Viewer Groups
Members can access the Viewer app: browse and view published reports within their assigned organization.
Super Admins
Configure super admin groups in Global Settings to grant cross-organization access for platform operators.
Viewer Settings
Customize the report viewing experience for your end users.
- Session modes — Live (Lambda connected), Fallback (cached catalog), or Demo (sample data).
- Theme — Dark and light modes with automatic detection.
- Sidebar — Resizable and pinnable with category grouping, search, favorites, and recently viewed.
- Deep linking — Share report URLs with
#report=Namehash parameters.
Security
ReportBridge enforces multi-layer security by default. Key settings:
API Key Authentication
Per-tenant HMAC-derived keys. Admin and viewer keys are separate.
Row-Level Security
PostgreSQL RLS on 8 workspace tables. Every query scoped by instance_id.
Password Masking
13 sensitive fields masked as [configured] in API responses.
Rate Limiting
Per-action per-minute limits at Lambda level plus API Gateway throttling.
Report Server
The report rendering server runs on AWS EC2 behind an Application Load Balancer with auto-renewing SSL. Configuration:
- Host URL — Set in Settings under Report Server. Points to your ALB endpoint (e.g.,
reports.report-bridge.com). - Embed auth — Reports are embedded via iframe with HMAC-SHA256 signed URLs. Configure the embed secret in Settings.
- Shared data sources — The report server connects to customer databases using shared data source credentials configured per-organization.
Cache & Performance
ReportBridge caches configuration and catalog data to minimize database round-trips:
- Config cache — 5-minute TTL. Automatically busted when you save settings.
- Connection pooling — PostgreSQL pools with max 5 connections, 60s idle timeout. Pools are recreated if connection parameters change.
- Query timeouts — Configurable per-organization via
query_timeout_msandconnect_timeout_ms.