Last Modified Date: 11 Apr 2018
- Tableau Server
- Tableau Online
Option 1:Use Trusted Authentication to embed views without requiring a login.
Option 2:Allow in-frame authentication.
Note: Enabling this ability requires disabling Clickjack protection, introducing an increased exposure to clickjacking attacks.
For Tableau Server configured to use Server-Wide SAML:
- Open a command prompt as an Administrator on the computer where Tableau Server is installed.
- Navigate to the Tableau Server bin directory.
- Execute the following commands:
tabadmin set wgserver.saml.iframed_idp.enabled true
For Tableau Online, or for Tableau Server configured to use Site-Specific SAML:
Ensure the below two options are properly configured under Settings > Authentication:
- Set the Default authentication type for embedded views to SAML.
- Under Embedding options, select Authenticate using an inline frame (less secure; not supported by all IdPs).
CauseBy default, Tableau Server and Tableau Online embedded views open a separate window for SAML IdP authentication to minimize the risk of Clickjacking.
Additional InformationFor more information about clickjacking, see Clickjacking at OWASP (Open Web Application Security Project)
Thank you for providing your feedback on the effectiveness of the article.
Open new Case
Training and Tutorials