How does one secure a tableau report when it is embedded in a web application?

Question

I'm new to Tableau and was wondering if someone could explain to me how report data is secured when the report is embedded in a website or web application (e.g. ASP.NET)? From my research, it looks like there are two ways to embed a Tableau report:

• Using an iFrame
• Through the Tableau JavaScript API

Neither of these methods seem very secure, however, without requiring the user to log in to the Tableau server, which would require a double-login (first login to the web application and then a second login to the Tableau server) and thus be undesirable.

Can someone post a link, or otherwise help me to understand how security works with Tableau reports? I am really impressed with Tableau, but don't understand this aspect yet.

Thank you in advance.

---

Environment:

• IIS server

• ASP.NET MVC web application utilizing Windows Authentication

Answer 1

You'll want to look into using what Tableau calls "Trusted Authentication." There are a few methods they give you to accomplish this, so it will depend mostly on your configuration.

The general idea is that you authenticate once with Tableau server and it returns a ticket that you can use (usually for the duration of the session). With that, you can essentially imitate any user, so if you have user-specific data it will work as though they logged in.

You will need administrator access to your Tableau server to configure this.

Here are the docs for Trusted Authentication:

http://onlinehelp.tableau.com/current/server/en-us/trusted_auth.htm