I’ve did everything I would normally do on AWS (create the application, upload the IdP metadata, setup a unique Entity ID using the URL), but Tableau asked me for a certificate and a key which is new.
Since the Okta application doesn’t provide me with these details, I’ve searched for a while and found that you can create keys and certificates for applications using the API: Apps | Okta Developer
The API process went quite smooth, we generated a CSR, we “self-signed” it with a made up CA, uploaded the PEM back to Okta, so far so good… but the JWK provided by you only show me a public key, and Tableau expects a private key instead.
I’ve thought of making my own PEM and KEY files, but I haven’t found any endpoint to upload a KEY file to you, I can only generate new ones.
I’m not sure if I followed the correct procedure, or if something is missing on the guides I’ve followed
PS: It’s Tableau Server, on-premise on our own servers
Can you please check in your Okta administrative dashboard under Applications >> Tableau SAML application >> Sign On tab >> View Setup Instructions the SAML configuration details to see if this are the ones required by Tableau?
I’d recommend avoiding the RTFM routine entirely (not just here)… despite that, yes, I’ve read the manual. Have you? It doesn’t say where to get these certificates, it only says the following:
SAML certificate and key files— Click Select File to upload each of these files.
I’ve tried with a self-signed certificate + private key and it failed, but this time with a different error message apparently not related to the certificate itself: