Skip to main content

Documentation Index

Fetch the complete documentation index at: https://support.configview.com/llms.txt

Use this file to discover all available pages before exploring further.

Part 1: Looker Data Ingestion

Set up a Looker API key so ConfigView can pull your Looker configuration into the dashboard — identity, access controls, content permissions, database connections, scheduled deliveries, alerts, and SSO settings.

Step 1: Create an API Key

  1. In Looker, click your avatar in the top-right and go to Admin.
  2. Under Users, click Users.
  3. Find the user you want the key to belong to (a dedicated service-account user is recommended) and click Edit.
  4. Scroll to API Keys and click Edit Keys.
  5. Click New API Key.
  6. Document the Client ID and Client Secret — the secret is only shown once.
Note: The user that owns the API key must have the Admin role. ConfigView reads admin-only endpoints — all users’ scheduled plans and alerts, database connections, content metadata access, and LDAP/SAML/OIDC/password configuration — so a non-Admin key will fail health checks on most scripts. A dedicated service-account user with the Admin role is strongly recommended over a personal account.

Step 2: Add the Credentials to ConfigView

  1. Go to your ConfigView dashboard: https://{companyname}.configview.com/admin/secret/
  2. Click Add Secret
  3. Create the following secrets:
    • LOOKER_CLIENT_ID: The Client ID from Step 1
    • LOOKER_CLIENT_SECRET: The Client Secret from Step 1
    • LOOKER_BASE_URL: Your Looker subdomain (the part before .cloud.looker.com in your Looker URL)
  4. Click Save

Step 3: Enable the Looker App in ConfigView

  1. Go to: https://{companyname}.configview.com/admin/cron/
  2. You should see Looker in the list of available apps
  3. Select the scripts you want to run.
  4. Click Save

Step 4: Verify

  1. Go to: https://{companyname}.configview.com/admin/status/
  2. Run the Looker health check.
  3. All checks should pass.
If a check fails, verify that your secrets are saved correctly and the API key user has the required role.

What ConfigView ingests from Looker

Once the scripts run, the following data domains are captured. All tables include a run_at column for historical tracking, so you can see how your Looker configuration changes over time. Identity & access
  • Users, groups, and user attributes (looker_users, looker_groups, looker_attributes, looker_user_attributes)
  • Roles, permission sets, model sets (looker_roles, looker_permission_sets, looker_model_sets)
  • Role / group memberships (looker_role_users, looker_role_groups, looker_group_users, looker_group_groups)
Content & data sources
  • Folders and content metadata (looker_folders, looker_content_metadata)
  • Content metadata access — who can see what folders/dashboards/looks (looker_content_metadata_access)
  • Database connections (looker_connections)
Activity & automation
  • Scheduled plans / report deliveries across all users (looker_scheduled_plans)
  • Alerts across all owners (looker_alerts)
Authentication configuration
  • LDAP, SAML, OIDC, and password policy settings (looker_ldap_config, looker_saml_config, looker_oidc_config, looker_password_config)

Permissions required (Looker side)

The Admin role grants everything ConfigView needs. For reference, the underlying Looker permissions used are: see_users, manage_models, see_schedules, see_alerts, see_lookml, see_logs, manage_homepage and the various see_*_config permissions. None of these are scope-style OAuth grants — they’re standard Looker role permissions assigned via the Admin panel.