At Spiff we have built a connector that allows you to sync and pull data from reports and tables right out of Looker. Here are the basic steps on how you set up this connector to help automate your commissions. This will take place by creating a limited Spiff user inside your Looker account that is both limited by Data Access and Feature Access Controls. More details from Looker's side can also be found here: https://docs.looker.com/admin-options/tutorials/permissions
Feature Access limits what we can access via the API (you can limit it to pull data out of looks only) and the Data Access controls will let you limit our user to only see certain models (and only access the looks within those models).
1) Add a Spiff User inside of Looker.
Go to "Admin" => "Users" within your looker account. Click on the "Add Users" button near the top-left and enter an email address like "
" and make that user a "viewer" role only (our user should not be able to create new stuff in your Looker instance). Click the "Add Users" button at the bottom of the page and then click "done" on the next screen
2) New Permission Set (Feature Access)
First go to Admin => Users => Roles, and click on "New Permission Set". Named the new set "Spiff API Access" and only give it permission to "see looks", "download_with_limit" and "download_without_limit" (the limit here refers to whether or not the look defines a limited number of rows). See Screenshot.
3) New Model Group
You will probably want to make a new model that has all of the looks you need to run your commissions. Now you can go back to Admin => Users => Roles and click "New Model Set". I named mine "Spiff API Access" and gave it access only to the model that contains the looks I want to share. See Screenshot
4) New Role
Back on the roles page you can now click "New Role" and give it access to only the "Spiff API Access" permission set and the "Spiff API Access" model set that you just defined. I named mine "Spiff API Access" for consistency. See Screenshot.
5) Edit API User
Now you can go the users list and pick the user you want us to have access to. Instead of assigning the default "viewer" permission, you can give it only the "Spiff API Access" role. This means that this user will only ever be able to see or pull data from the looks that you have put into that one model that you entered into your new model group. See Screenshot 4.
6) Generate Client/Secret API
Go back to the user list click "edit" on the new spiff_access user and then click "edit keys". Click "New API3 Key" and then copy-and-paste the "client_id" and "client_secret" into an email and send that to your Spiff Onboarding Specialist.
This process will allow you to very carefully create one or two "Looks" that Spiff can access while keeping all of your LookML, Database Schema, Configuration, and other data Private. If you have any other questions please don't hesitate to reach out or chat in.