Site-SAML Redirection to Error Screen with Keycloak IDP when encrypted assertion is enabled

Published: 06 Dec 2023
Last Modified Date: 11 Dec 2023


Server-wide SAML authentication with Idp provider Keycloak is configured successfully on Tableau Server. However, when attempting to set up Site-SAML, it fails with the following error in SAML service logs:

INFO  c.t.s.w.o.c.OnPremErrorController - There's some error with IDP configuration. So redirecting to error page configured in the error redirect url.

User-added image

User-added image


  • Tableau Server 2023.1.3
  • Linux 
  • Keycloak


Disable the encryped assertion in IdP site settings.
Below is an example of IdP settings for Keycloak.

User-added image
Did this article resolve the issue?