I haven't run into this issue as we do not use SAML, however we do have dashboards embedded in outside portals. Is there an option for you to leverage the trusted authentication model as this is setup to take credentials from your portal server, retrieve a trusted ticket from TS, and then use the redeemed trusted ticket for the remainder of the session. The problem could be that Tableau 9 introduced a new internal process called vizportal that handles authentication, but if you're coming from an outside app, then perhaps it doesn't fully leverage this process.
Thank You for your reply.
I have been looking into Trusted Authentication and the sparkler adaptor as a potential solution. However the username in salesforce is set up to be the users email address. The username in Tableau is from our active directory username. So I imagine we would still have some kind of issue unless we are able to pass through the correct username somehow.
I was wondering if the username discrepancy might also play into why this isn’t working based on the current configuration, however since we did not see this behavior with 8.2 I don’t know why that would have changed unless as you stated it has something to do with the new vizportal process.