Author: Geetika Bansal
In a federated environment, user authentication is separated from user access with the use of one or more external entities that provide independent authentication of user credentials. The authentication is then passed to one or more services, enabling users to access the services through SSO (Single Sign-on).
Okta is one of the providers generally used for cloud-based SSO.
Tableau Online is the analytics platform that is fully hosted on the cloud, which allows your organization to build, share, and collaborate around data discoveries. By implementing Okta integration with Tableau Online, the user can ensure appropriate and secured access via user provisioning and SAML single sign-on, to keep their teams moving at the speed of insight.
Steps to be followed:
1. Create users in Tableau Online and choose SAML2.0 as the authentication.
2. Go to Settings -> Authentication -> okta.com (SAML) -> Edit connection
3. Save Tableau Online entity ID and Assertion Consumer Service URL
4. Import metadata from Okta and input fields IdP entity ID and SSO service URL
5. Test your connection
6. log in to Okta Admin platform
7. Go to Directory -> People -> Add people
8. Input mandatory fields and then click on Save
Enter kipi id in Username
Create same users in Tableau Online instance with kipi id
You can choose to set the password as - Set by User or Set by Admin and accordingly, the user will be able to login in Okta.
9. Navigate to Applications -> Applications -> Browse App Catalog
10. Choose Tableau Online from the search panel and click on Add
11. Enter the Application Label
12. Click on Next and move to Sign-On Options
13. Choose Sign-On Option as SAML 2.0
14. Click on View Setup Instructions
15. Save Identity Provider metadata and input details in point 4
Note: Pick IdP entity ID and SSO service URL from the Identity provider metadata
16. Enter saved details from point 3 in the below-highlighted fields
17. After setting up, click on Done
18. Your Tableau online application will be created.
19. Assign people created above to your Tableau online application
20. All people assigned to Snowflake application will be visible
21. A green indicator for enabling SAML 2.0 will be visible
22. Login to Okta end-user dashboard again
Note: Whenever user logins who is not an Okta Admin, he has to log in via Okta end user URL
23. Go to my apps -> Tableau Online
24. User should be able to log in successfully without asking for credentials
After implementing the above steps, the user can secure their information access and provide a seamless end-user sign-in experience, which is robust, highly secure, and trustworthy.