SSO To Tableau Online


#1

Hi !

I have a webapp that shows tableau online views incrusted. But when i want to see it in the site, tableu requires a log in and i want to remove that log in , and make it in the backend when the user log to my application. I tried to configure the okta with tableau , but i cant make the log in the backend. When i want to see the tableau online views , the tableau log in page appears and i cant avoid it.

Any suggestions ?


#2

If you use Okta as your SAML identity provider (IdP), you can use the information in this topic to set up SAML authentication for your Tableau Online site.

Note: These steps reflect a third-party application and are subject to change without our knowledge. If the steps described here do not match the screens you see in your IdP account, you can use the generic SAML configuration steps, along with the IdP’s documentation.

Open the Tableau Online SAML settings
To configure the Okta application, you will need to use information from the Tableau Online SAML settings.

Sign in to your Tableau Online site as a site administrator, and select Settings > Authentication.

On the Authentication tab, select Enable an additional authentication method > SAML.

Add Tableau Online to your Okta applications
Open a new browser tab or window, and sign in to your Okta administrator console.

On the Applications tab, search for Tableau, and then add the Tableau Online application.

This opens the General Settings tab, where you enter Tableau Online SAML information.

Switch to the tab or window where you opened the Tableau Online SAML configuration settings, and in Step 1 of those settings, select and copy the Tableau Online entity ID.

Return to the Okta admin console general settings, and paste the URL into the corresponding field.

Repeat the previous two steps for the Assertion Consumer Service (ACS) URL.

(Optional) If you have more than one Tableau training Online site, consider including the site name in the Application label field, to help users know which site to select when they sign in.

Click Next to open the Assign to People tab and select the users you want to approve for single sign-on access to Tableau Online.

Click Next, and make sure users’ email addresses appear in the Username field.
Click Done.

The People tab shows the users you added.

Click the Sign On tab, and then click View Setup Instructions to complete the remaining steps provided by Okta.

(Optional) Enable iFrame embedding
When you enable SAML on your site, you need to specify how users sign in to access views embedded in web pages. These steps configure Okta to allow authentication using an inline frame (iFrame) for embedded views. Inline frame embedding may provide a more seamless user experience when signing-on to view embedded visualizations. For example, if a user is already authenticated with your identity provider and iFrame embedding is enabled, the user would seamlessly authenticate with Tableau Server when browsing to pages that contain an embedded visualizations.

Caution: Inline frames can be vulnerable to a clickjack attack. Clickjacking is a type of attack against web pages in which the attacker tries to lure users into clicking or entering content by displaying the page to attack in a transparent layer over an unrelated page. In the context of Tableau Online, an attacker might try to use a clickjack attack to capture user credentials or to get an authenticated user to change settings. For more information about clickjack attacks, see Clickjacking on the Open Web Application Security Project website.

Open a new browser tab or window, and sign in to your Okta administrator console.

On the Home page, click Admin to open the Administrator Dashboard.

On the Settings menu, click Customization.

Under iFrame Embedding, select Allow iFrame embedding.

Add users to the SAML-enabled Tableau site
After you complete the Okta configuration steps, return to your Tableau Online site.

Complete the SAML connection by adding the users you assigned in the Okta admin console to Tableau Online.