As you know, we're OEM and we rely heavily on integration and API. One of the thing we dislike a bit is how trusted authentication works. I get the concept, and it's good... Except when we get to do DEMOs and your server is remote, and your app is local (laptop). So trusted authentication breaks more often than not.
This week, I was working with the REST API - it works great once you get a hang of it. And I was thinking...
When we use the API, we typically connect as an admin, or at least a site admin (else why would you need to add users, projects and such?). So our system is an admin on the Tableau Server, and is connecting to do all kind of interactions...
So, what if you implemented the following:
1. In the app, I use the REST API to "SignOn" as an admin (or Site Admin). At that point, you sort of "trust me" anyway; wherever I am.
2. When a user wants to see a workbook in my app, I could call a REST method, something like getTrustedTicket(forUser, forWorkbook);
3. Then, the app would pass back the ticket and everything continues as planned, as if the server was a trusted host.
Would that be possible? I feel like this wouldn't break the security scheme, and it would simplify SO MUCH the integration.