Tableau Prep Builder uses Tableau’s data connectors, calculation language, and governance structure, making it possible to get you up to speed quickly and ready to collaborate at any point in the analytical process. Reference Materials Toggle sub-navigation.Teams and Organizations Toggle sub-navigation. Plans and Pricing Toggle sub-navigation.You can use the following file as a template to create your own OAuth file, however, make sure you update it with your specific information like the client ID. Select Sign In to connect to Amazon Athena. If more than one OAuth client exists, a Creator can choose as needed.) (If only one OAuth client exists, it will be the default. Select the OAuth Provider configured in Step 3.In the connection dialog, enter the appropriate connection parameters and ARN for the role you want Tableau to assume.(i.e., AssumeRoleWithWebIdentity).Ĭomplete the following steps in Tableau Server or Tableau Cloud or Tableau Desktop. Step 4 allows Tableau to provide the OIDC Identity Token received from Okta (after the user authenticates), along with the IAM Role provided by the user to AWS.ĪWS is able to validate the token and signature from Okta, extract the user ID from the token, look up the mapping of user to IAM role, and either permit or block Tableau from Assuming the Role on the user’s behalf. This step is done in AWS, for detailed instructions see Grant users and groups access to AWS resources in Amazon documentation. Create a policy for the federated identity in AWSĬreate an AWS trust relationship that allows the Tableau federated identity application (clientID) to be trusted to Assume Role with Web Identity. Save the OAuth config file to the “OAuthConfigs” folder in your My Tableau Repository folder.Open your OAuth Config file from the directory you saved it in.Īdjust the ClientID, Client Secret, authUri and tokenUri in the XML file with the information from your Okta app for Tableau Desktop.If you don’t have an OAuth Config file, you can find an example at the bottom of this page or on our Github Page, under OAuth Config file Tableau Desktop Note: This step requires the use of an OAuth Config file. Complete the following steps to set up the OAuth Client. The user, after authenticating themselves, is delegating permission to Tableau to act on their behalf. Step 3: Implement the OAuth Client in Tableau Warning: The OAuth Config File string needs to match what you entered in the Okta UI to successfully create the Tableau application. To get started, see Applications and connections, in Okta documentation. Step 2: Create OAuth Client applications for Tableau in Okta For detailed instructions go to Amazon documentation. This step requires setup in both Okta and AWS. Step 1: Setup Okta as an IdentitSet upvider in AWS IAM Identity Center Note: In-depth instructions are only available for the steps in Tableau. Tableau will receive and use OAuth Access and Refresh tokens to connect to the data source. When properly configured, when a user attempts to connect to Data, Tableau will automatically send the user to the Identity Provider to authenticate themselves, and consent to delegating permission to their data. This example uses OAuth to connect Tableau to Data. This document assumes the reader already has an Okta and AWS account. The following example shows the multi-step process to create a 3 way trust and federated OAuth solution between Tableau, Okta, and AWS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |