Author: Geetika Bansal
Introduction
In a federated environment, user authentication is separated from user access with the use of one or more external entities that provide independent authentication of user credentials. The authentication is then passed to one or more services, enabling users to access the services through SSO (Single Sign-on).
One of the providers that is generally used for the cloud-based SSO is Okta.
Tableau Online is the analytics platform which is fully hosted on cloud, that allows your organization to build, share, and collaborate around data discoveries. By implementing Okta integration with Tableau Online, the user can ensure appropriate and secured access via user provisioning and SAML single sign on, to keep their teams moving at the speed of insight.
Steps to be followed:
1. Create users in Tableau Online and choose SAML2.0 as authentication
2. Go to Settings -> Authentication -> okta.com (SAML) -> Edit connection
3. Save Tableau Online entity ID and Assertion Consumer Service URL
4. Import metadata from Okta and input fields IdP entity ID and SSO service URL
5. Test your connection
6. Login to Okta Admin platform
7. Go to Directory -> People -> Add people
8. Input mandatory fields and then click on Save
Note:
Enter kipi id in Username
Create same users in Tableau Online instance with kipi id
You can choose to set password as - Set by User or Set by Admin and accordingly user will be able to login in Okta
9. Navigate to Applications -> Applications -> Browse App Catalog
10. Choose Tableau Online from search panel and click on Add
11. Enter Application Label
12. Click on Next and move to Sign-On Options
13. Choose Sign-On Option as SAML 2.0
14. Click on View Setup Instructions
15. Save Identity Provider metadata and input details in point 4
Note: Pick IdP entity ID and SSO service URL from Identity provider metadata
16. Enter saved details from point 3 in below highlighted fields
17. After setting up, click on Done
18. Your Tableau online application will be created.
19. Assign people created above to your Tableau online application
20. All people assigned to Snowflake application will be visible
21. A green indicator for enable of SAML 2.0 will be visible
22. Login in Okta end user dashboard again
Note: Whenever user logins who is not an Okta Admin, has to login via Okta end user URL
23. Go to my apps -> Tableau Online
24. User should be able to login successfully without asking for credentials
Conclusion
After implementing the above steps, the user can secure their information access and provide a seamless end-user sign-in experience, which is robust, highly secure, and trustworthy.
Reference Link : https://help.tableau.com/current/online/en-us/saml_config_okta.htm