FWIW - my own testing shows that I can put a url action in a tool tip and "drill down" to another viz seamlessly without having to (re)authenticate. This is great.. I'd just like to understand the mechanics behind it.
Hey Jeff - the reason why this works is that your action filter ("drill down") occurs in the same vizql session that was created when you landed on the first report. If you were to plug another URL in your browser, you'd get an "expired ticket" error message because you'd be trying to use the same ticket with another URL...
Thanks Russell! So my assumption then based on your response is that the ticket is valid for the landing viz and any linked viz to which the user has the appropriate permissions. I also assume that if the session is idle for some period - 30 min. by default I believe - then the ticket will also expire. If that is the case I'd be interested to know how others are handling the potential timeout
If the user does anything which shows Tableau's chrome (UI), they will get logged out and thrown to the login screen. This is by design. Find/read the tableaulove blog post on restricted and unrestricted tickets to learn why.
If a user's session expires because they don't do anything for x minutes, they'll also get thrown to the login page when they begin interacting again. By design.
You could increase the timeout value or simply add some sort of "reload" button to your page which grabs a new ticket and re-renders from scratch.