Steps to configure SAML SSO for Tableau
About Tableau
Tableau is a software platform designed to make data analysis accessible to users across various skill levels. It enables individuals and organizations to create complex visualizations without requiring extensive technical knowledge. Users can connect to multiple data sources, including spreadsheets, databases, and cloud services, allowing for flexible data integration and exploration.
The following steps will help you enable single sign-on (SSO) for Tableau from Identity360.
Prerequisites
- The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications. For more information, refer to pricing details.
- Log in to Identity360 as an Admin or Super Admin.
- Navigate to Applications > Application Integration > Create New Application, and select Tableau from the applications displayed.
Note: You can also find Tableau from the search bar located at the top.
- Under the General Settings tab, enter the Application Name and Description.
- Enter the Account ID for your Tableau account from your Tableau Cloud entity ID. Get the Tableau Cloud entity ID by logging in to Tableau and navigating to Settings > Authentication. Check Enable an additional authentication method, select SAML from the Authentication drop-down, and under the Tableau Cloud metadata section, copy the Tableau Online entity ID value. For example, if your Tableau Cloud entity ID is https://sso.online.tableau.com/public/sp/metadata/e6cac781-5781-4c64-b380-9728fde933d3, then your Account ID is e6cac781-5781-4c64-b380-9728fde933d3.
- Under the Choose Capabilities tab, choose SSO and click Continue.
General Settings of SSO configuration for Tableau.
- Under Integration Settings, navigate to the Single Sign On tab and click Metadata Details. Download the metadata file to be uploaded during the configuration of Tableau in Identity360 by clicking Download from the Metadata field.
Integration Settings of SSO configuration for Tableau.
Tableau (service provider) configuration steps
- Log in to Tableau with admin privileges.
- Navigate to Settings > Authentication.
- Check Enable an additional authentication method and select SAML from the Authentication drop-down.
Tableau SAML SSO setup.
- Under the Tableau Cloud metadata section, copy the Tableau Online entity ID value. This will be used for entering the Account ID in step 5 of prerequisites.
Obtaining the Tableau entity ID.
- Under the Upload metadata to Tableau section, click Choose a file, and upload the metadata file you downloaded in step 7 of the prerequisites.
Tableau SAML SSO configuration.
- Under the Map attributes section, update the values in the IdP Assertion Name column as follows:
- Username: Type NameID.
- Select the First and Last name radio button.
- First name: Type FirstName.
- Last name: Type LastName.
- Under the Choose default for embedded views section, select the Authenticate in a separate pop-up window radio button.
- Click Save Changes.
Mapping attributes for SSO In Tableau.
Identity360 (identity provider) configuration steps
- Switch to Identity360's application configuration page.
- Enter the Relay State parameter, if necessary.
Note: Relay State is an optional parameter used with a SAML message to remember where you were or to direct you to a specific page after logging in.
- Click Save.
Integration Settings of SSO configuration for Tableau.
- To learn how to assign users or groups to one or more applications, refer to this page.
Your users will now be able to sign in to Tableau through the Identity360 portal.
Note: For Tableau, both SP-initiated and IdP-initiated flows are supported.
Steps to enable MFA for Tableau
Setting up MFA for Tableau using Identity360 involves the following steps:
- Set up one or more authenticators for identity verification when users attempt to log in to Tableau. Identity360 supports various authenticators, including Google Authenticator, Zoho OneAuth, and email-based verification codes. Click here for steps to set up the different authenticators.
- Integrate Tableau with Identity360 by configuring SSO using the steps listed here.
- Now, activate MFA for Tableau by following the steps mentioned here.
How does MFA for applications work in Identity360?