In SAML, the user's browser will handle the communication between OneLogin and Tableau Server.
Basically, the user will hit Tableau Server, Tableau Server will realize they need authenticated - forward them to OneLogin's login page, then after logging in, the user will be forward back to TS with some POST data that will authenticate them to Tableau.
All transmissions happen with encoded POST data in the user's browser, so OneLogin does not need to be trusted by Tableau Server.
(Here is some information on the process from a blog I wrote awhile back: https://www.interworks.com/blog/daustin/2013/11/27/saml-integration-tableau-81)
Thank you for your explanation, but unfortunately I missed out on specifying that the architecture is needed when developing a php app, so that is why I was asking about a 3rd party software, that would handle the SAML assertion.
Does it make sense?
Wouldn't the PHP app be a separate unrelated server that also connects back to ONELogin (Unrelated to the Tableau piece)?
If you are looking for PHP software to parse SAML though - I recommend SimpleSAML. It is OpenSource and gives a lot of flexibility in setup.