Connecting to Tableau with SSO
You can use AtScale's branded Tableau connector to connect to Tableau Desktop and Server via SSO.
Prerequisites
-
You must use Microsoft Entra ID (with OpenID Connect) as your identity provider. For instructions on configuring this, see Configuring Microsoft Entra ID with OpenID Connect.
-
If you're connecting to Tableau Server, it must be configured as follows:
- Port 15432 must be open so Tableau Server can receive data from AtScale.
- TLS must be enabled. For more information, refer to the Tableau documentation.
Configuring AtScale
In order to connect to Tableau via SSO, make the following changes to the AtScale global settings. For instructions, see Configuring Global Settings.
tableau.pgwire.client.protocol = atscale_pgwire
tableau.connector.type = atscale_pgwire
tableau.pgwire.authentication = username_password
(Note that this is a custom global setting.)tableau.pgwire.authentication = oauth
(Note that this is a custom global setting.)
Configuring Tableau Desktop
-
Download the following files:
- Tableau AtScale Postgres connector (automatic download)
- Postgres Driver (Java 8)
-
Move the PostgreSQL driver to
~/Library/Tableau/Drivers
. -
Move the AtScale connector to
~/My Tableau Repository/Connectors
. -
In AtScale, redeploy the catalog you want to connect to, then download its
.tds
file. For instructions, see Deploying a Catalog. -
Open the
.tds
file.
Tableau opens a window in your browser to authenticate. If it is successful, you can begin working in Tableau Desktop as normal.
Configuring Tableau Server
-
On Tableau Server:
-
Download the following files:
- Tableau AtScale Postgres connector (automatic download)
- Postgres Driver (Java 8)
-
Move the AtScale Posgres connector to
C:\Program Files\Tableau\Connectors
. -
Move the Postgres Driver to
C:\Program Files\Tableau\Drivers
. -
Import the AtScale SSL cert(s) to Tableau Server.
-
Restart Tableau Server.
-
-
Log in to the Tableau Server Browser as an admin and do the following:
-
Go to Settings > General > OAuth Clients Registry.
-
Click Add OAuth Client and complete the following fields:
- Connection Type: Select AtScale by AtScale.
- OAuth Provider: Enter
atscale_keycloak
. - OAuth Instance URL: Enter the URL for AtScale.
- Client ID: Enter
atscale-tableau-connector
. - Redirect URL: Enter
<tableau server url>/auth/add_oauth_token
.
-
Click Add OAuth Client.
-
-
Log in to AtScale as an admin user and do the following:
- Open the main menu and select Security. The Identity Broker opens.
- In the left-hand navigation, click Clients.
- Click the
atscale-tableau-connector
client, then click the Settings tab. - In the Access settings section, locate the Valid redirect URIs field and add a new URI. This should be the URL for Tableau Server, with
/auth/add_oauth_token
appended.
-
In Design Center, redeploy the catalog you want to connect to, then download its
.tds
file. For instructions, see Deploying a Catalog. -
Open the
.tds
file in Tableau Desktop and publish it to Tableau Server. -
Log in to Tableau Server and open the workbook.
-
Log in using your AtScale credentials.
If login is successful, you can begin working in Tableau Server as normal.