Set up Tableau as the SP and EAA as the IdP

This procedure describes how to set up the Tableau application as a service provider (SP) and EAA as the identity provider (IdP).

Complete the following steps to configure Tableau as the SP and EAA as the IdP.

How to

  1. Access Tableau.
    1. Click TRY IT FOR FREE and enter the information to register.
    2. After you register, check your mail for an activation message.
    3. Access your personalized site with your login information.
  2. Configure EAA as the IdP for a custom SaaS application for Tableau but do not deploy the application at this stage.
  3. Configure Tableau as the SP.
    1. Log in to the Tableau site you created.
    2. Click Settings in the top panel.

      tableau settings
    3. Click the Authentication tab. Under Authentication types, click Enable an additional authentication method and select access.com (SAML).

      enable tableau settings
    4. Click Edit Connection… to expand the screen to complete the steps to set up SAML for single sign-on.

      tableau SSO settings
    5. Select one of the options from Export metadata from Tableau Online:
      • Click the Export metadata tab. Copy and save the metadata information.
      • Copy the Tableau Online Entity ID and Assertion Consumer Service URL (ACS) URLs and click Download Certificate.

      Use the information from either option to fill in the EAA SAML settings in the next step.

  4. Go back to the EAA application you started earlier.
    1. In the SAML Settings section under the SAML SETTINGS tab either import the Tableau metadata file from the previous step, or manually enter the Entity ID, ACS URL, and certificate information.
    2. Under the SAML SETTINGS tab IDP info fields, copy the contents of the Entity ID and SSO URL fields, and download the Signing certificate.
    3. As required by the application, configure user attribute name declarations that will be passed as SAML attributes. User attribute declarations are needed if the application requires specific attributes in addition to the default AD attributes. You may need to declare the attributes first before mapping them to AD attributes. See Create user attributes in EAA. You will need this information to complete the next step.
  5. Go back to the Tableau application.
    1. In the Authentication field, paste the information from the previous step into the Import metadata file into Tableau Online fields for the IdP entity ID and SSO Service URL or browse for the certificate file that you save into the IdP metadata file field.

      Tableau Import Metadata fields
    2. Configure the Match attributes names (assertions) in the EAA IdP SAML configuration to the corresponding attribute names on Tableau Online.

      Tableau match attributes screen
  6. Configure the EAA IdP SAML settings for the application you started in Step 2 under the SAML SETTINGS tab.
    1. In the SAML Settings section of the EAA application, enter the required information to configure the SAML settings: Entity ID, SSO (ACS) URL, NameID format, NameID attribute and Single Logout URL, and other fields. See Configure EAA as the IdP for a custom SaaS application for more information.
    2. Click Save and go to Deployment.
    3. On the DEPLOYMENT tab, click Deploy application.