You'll also want to take a look at the sample SharePoint web part that comes with Tableau. It is written in C# and pretty much demonstrates what you're talking about. It automates the process of Trusted Authentication, essentially.
Hello, I was just wondering if you ever figured out a better way of doing this, Since I have been tasked with doing the same for my company. If possible, can you tell me the steps you took or can you recommend any articles to help me out as well?
Hi Emmanuel -
Can you describe what you don't like about the methods that have been described above? Have you looked at the sample code? It's pretty straight-forward. You're asking for a "better" way, but you'll need to tell us why you don't want to use the methods suggested.
Here is a little bit of insight into what we plan on doing;
We built a reporting portal where our users can access the dashboards. Our reporting portal is designed to show dashboards to external users who are not logged into the company network or via VPN, but do have an Active Directory User ID on our network
To accomplish this we currently have a dot-net web interface (which will be changed to SharePoint-2013 in near future).
This is the procedure to be followed when any User accesses the dashboard portal.
- The User will access web portal from anywhere.
2. The User will enter his AD login and be shown a dashboard reporting portal web page with dashboard images, each carrying a particular dashboard link.
3. When the User clicks on a particular dashboard image it should pass the User credentials along with the URL of the dashboard chosen and Tableau needs to identify that particular User and authorize the User credentials on the Tableau server (without asking for the User credentials again) and show the User the specified dashboard. We have implemented Kerberos on our Tableau server to access an SSAS Cube data source and show the appropriate data for that particular User.
I believe we are missing something because we are getting three prompts for sign on. A windows prompt, a domain prompt and then a tableau server prompt.
Do you have any idea on what we need to do or is what we are trying to achieve impossible?
Sending credentials on the query string is a very dangerous thing to do - anyone with even basic tools can steal the username and password from your users. You shouldn't do this. As far as I know, the technique you discovered just "happens to work", vs. something that is supported and considered a best practice.
You should use Trusted Authentication to do this work. Google "Tableau Trusted Authentication", and you will find the information you need to implement this SSO approach.
I need to implement Trusted Authentication to connect to dashboards on SharePoint site. At the moment there is a double log in, the user logs in to SharePoint side and then to Tableau Server.
I was reading the instructions carefully. On this step, "Get Ticket from Tableau Server "(http://onlinehelp.tableau.com/current/server/en-us/help.htm#trusted_auth_webrequ.htm%3FTocPath%3DServer%2520Administrato… ) I am trying to understand where do I need to update these information (we are using SAML configuration with OpenIdm for users authentication):
username=<username>(required): The username for a licensed Tableau Server user. If you are using Local Authentication the username can be a simple string (for example,
username=jsmith). If you are using Active Directory with multiple domains you must include the domain name with the user name (for example,
The path provided by Tableau: C:\Program Files\Tableau\Tableau Server\10.0\extras\embedding
Hi Laura -
If you already have a SAML IdP, there is no reason to use Trusted Tickets (officially known as Trusted Authentication) at all. Tableau has native support if SAML. Just configure Tableau to use your IdP for authentication and you'll be ready to go. Information on how to do this can be found in help.