Embedded Views Passing Through Guest Instead of AD Username
Published: 04 Jun 2015 Last Modified Date: 11 Aug 2020
Embedded views are not passing the user name through to Tableau Server. The views are showing the user as Guest. If testing with the same user clicking the link directly (remove url parameter embed=y), the correct username is displayed using Active Directory, with "Enable automatic logon" checked.
The above applies to shared links because 'embed=y' is part of the link, by default.
The behavior is expected behavior with Tableau Server. To force AD authentication you will need to make sure the guest user permissions are to deny viewing, which forces the fallback to the authentication system. This is recommended permissions setting on all project sites where you need to force active directory logons to deny viewing for guest users. In this way newly published workbooks inherit the guest deny access.
The guest feature was designed this way to facilitate the business case of wanting to share a view on a public website where users do not need to be authenticated or on a private website or page where authentication is handled by the site itself.