1 of 1 people found this helpful
Most of our customers go the 2) route and make sure that the user is authenticated to your external IdP before trying to access an embedded view. This provides a much better user experience. Once you do that you can configure Tableau Server so that it does not show the Orange login button (it will without the setting change)
Please see this documentation Using Clickjacking Protection in Tableau Server | Tableau Software
The key configuration setting on Tableau Server is:
tabadmin set wgserver.saml.iframed_idp.enabled true
When this is enabled and you have already authenticated to the Idp then Tableau will authenticate transparently to the Idp and show the view without a login prompt from Okta.