How to Build a Secure Analytics Portal in 3 Minutes With AI Coding Tools

Your team just landed a new client who needs a branded data portal with role-based access, embedded dashboards, and strict data isolation. Normally, that means weeks of scaffolding, manual integration, backend routing, and security reviews before anyone sees a working prototype. But in a June 2026 Domo AI livestream, an entire build for that took about three minutes in a terminal.

In it, Isaac Thacker, partner solutions engineer, live-built a fully functioning, secure web portal with embedded Domo analytics, complete with user-level permissioning and programmatic filtering, using Claude Code and Domo Skills.

This post breaks down the step-by-step framework Isaac demonstrated so you can replicate it with your own data, your own dashboards, and the AI coding tool of your choice.

Why embedded analytics portals take so long to build

Traditional embedded analytics portal development follows a familiar grind: standing up a frontend framework, wiring authentication, integrating dashboard components, building a filtering layer so different roles see different data, testing every permutation, and repeating.

Each of those steps introduces its own dependencies, and the security layer alone—making sure a regional manager never glimpses another region's numbers—can eat days of development and quality assurance time. For teams under pressure to deliver customer-facing analytics fast, that timeline is a problem.

The approach Isaac demonstrated changes that dynamic. AI handles the boilerplate while the developer focuses on architecture decisions and governance configuration.

Step 1: Set up your AI coding environment with Domo Skills

Before writing a single line of code, Isaac loaded a set of pre-built Domo Skills into Claude Code. Think of Skills as packaged instructions that tell the AI coding tool how to interact with specific Domo capabilities — embed, authentication, data visualization, code engine, and more.

This step matters because it gives the AI context about your platform's application programming interfaces (APIs), authentication patterns, and data structures. Without that context, the AI is guessing. With it, the generated code aligns with how Domo actually works.

The takeaway for your team: whichever AI coding tool you choose (Claude Code, Cursor, Gemini, or another) the quality of the output depends on the quality of the instructions you feed it. Pre-built Skills eliminate the prompt engineering guesswork.

Step 2: Prompt for the full portal architecture in one shot

Isaac's prompt asked Claude Code to do four things at once: Stand up a React web portal, create two test accounts with different permission levels, embed a Domo dashboard, and start a local development server.

That single prompt replaced what would normally be separate sprints for frontend scaffolding, user management, dashboard integration, and dev environment configuration. Within minutes, Claude Code generated a working React application for a fictitious company called "Motocorp" with an embedded Domo dashboard ready for testing.

The key here is specificity. Isaac did not ask for "a portal." He described the architecture, the permission model, and the expected behavior. As Isaac put it during the session: "You still need to understand the architecture, the technologies, how this all fits together. But you don't have to do the building yourself."

Step 3: Configure role-based data filtering on the Domo side

This is where governance enters the picture, and where Domo's architecture gives IT and security teams something to feel good about.

Isaac configured two roles for the demo portal. A VP-level account could see data across all regions. A manager-level account could see only the "Central" region. The critical detail: that filtering happens on the Domo side before data ever reaches the portal. The portal never receives unauthorized data in the first place.

That distinction matters for compliance and audit. Unlike client-side filtering where the data ships to the browser and JavaScript hides what the person should not see, Domo's approach uses programmatic filtering and Personalized Data Permissions (PDP) to enforce data isolation at the platform level. There is no chance of unauthorized access through browser developer tools, API interception, or front-end manipulation.

For IT teams evaluating embedded analytics, this is the question worth asking any vendor: Does filtering happen before or after the data leaves the platform?

Step 4: Test, iterate, and scale

With the portal running locally, Isaac walked through both accounts to verify the filtering. The VP saw all regions. The manager saw only Central. The dashboard was fully interactive, and the permissions held.

From here, deploying to production means connecting your hosting environment, linking your identity provider, and scaling your permission model as needed. But the foundation that used to take weeks is already built and tested.

Domo provides the governance layer throughout: role-level permissioning, PDP, data isolation, and auditability. The AI coding tool accelerated the development, but Domo handles the parts that keep security and compliance teams confident.

What this means for your team

The framework Isaac demonstrated isn't limited to one AI tool or one type of portal. It applies anywhere your organization needs to deliver embedded analytics with strict data governance: client portals, partner dashboards, internal operations views, or customer-facing data products.

So, AI handles the scaffolding and Domo handles the governance, which frees developers to focus on the architecture decisions that actually require human judgment.

Watch the full livestream

Isaac's three-minute portal build is just one piece of the livestream. The session also covers how to layer AI chat capabilities directly into the embedded experience—letting portal visitors ask questions about the data in natural language—and how to iterate with Claude Code when scaling from a handful of accounts to 50 or 100 distinct permission profiles.

Watch the full livestream.