1 Reply Latest reply on Oct 30, 2017 5:03 AM by lenaic.ridinger

    Subscription/alerts within viz - User visibility to other users

    Thad Wellington

      Let me set the stage:


      We are using Tableau Server, but are using a separate portal to embed our vizzes for our customers. We have done this for several reasons, the main being that it allows us to have all our customer's tools in a single location. They can use our service and get the analysis in a streamlined interface.


      We're getting ready to allow customers to subscribe to vizzes and use data-driven alerts as well (it has been disabled up to this point). The problem/question I have is this: when a user creates a subscription/alert, they can add other users to that subscription/alert. We have 15,000+ users and do not want someone to subscribe others outside of their group/organization for obvious reasons (data security for one). We have a set of vizzes that all of those users can access because we control the data at the row level. Assuming we have sets of users in groups, is there any way to limit which users can be added to the alert?


      For example, Jane works for Company ABC and has 20 other people in her company (grouped as users in Tab Server). John works for Company XYZ and has 50 others in his company and group. When Jane creates an alert, she can see John and all of his employees because they are all users in Tab Server. However, their individual company data is restricted at the row-level so in normal situations, they will never see each other's data. In an alert, however, the viz is generated for Jane and sent to whomever is a recipient of it.  In the default behavior of the alert, Jane could add John, even accidentally, to the alert because his name appears in the search results of the recipients' box. Jane should not even have visibility to John or his group in order to prevent this.


      tl;dr: we need users to see only a subset of the total number of users on Tableau Server when creating alerts or subscriptions in a viz. Is this achievable through permissions or API?