KNOWLEDGE BASE

Error "Request-URI Too long" Publishing Via Connection with Okta SAML


Published: 24 Jan 2018
Last Modified Date: 14 Dec 2018

Issue

When publishing a workbook from Tableau Desktop to Tableau Server where Okta SAML authentication is enabled, the following error occurs: 
 
Request-URI Too Long
The requested URL's length exceeds the capacity limit for this server.

Environment

  • Tableau Desktop 10.5
  • Tableau Server 10.5
  • Okta SAML

Resolution

Configure the SAML IdP to use a redirect URL with 255 or fewer characters.

If this error is experienced after enabling multi-factored authentication (also known as MFA or 2FA), Okta Support will need to make a change on the IdP side to add the feature flag "HANDLE_MULTIPLE_VALUES_IN_REDIRECT_URL".  This flag will allow Okta to handle Tableau Desktop's redirects during multi-factor authentication.

Alternatively, disable SAML for use from Tableau Desktop.
Open a command prompt as an administrator and navigate to the Tableau Server bin directory, located by default at C:\Program Files\Tableau\Tableau Server\<version>\bin. Then run the following commands: 
 
tabadmin stop
tabdmin set wgserver.authentication.desktop_nosaml true
tabadmin config
tabadmin start

 
 

Cause

The Okta IdP is using a session redirect link to retrieve the session cookie, and the URL is too long for the internal web connection used by Tableau Desktop. See the section on "Retrieving a session cookie by visiting a session redirect link" at Session cookie in Okta's documentation. The limitation is similar to the one documented for Internet Explorer.
Did this article resolve the issue?