1. Titles and Toolbars

    2. Homepage

    3. Curator Styles

    4. Group Overrides

    1. Pages Overview

    2. Tiles

    3. Error Pages

    4. SSRS Embedding

    5. Explorer

    6. User Customized Metrics

    1. Tutorials

    2. Search

    3. Managing Menus

    4. Menu Items

    5. Keywords

    6. Files

    7. Notices

    8. Loading Screens

    1. Embedded Tableau Server Views

    2. Thumbnails

    3. Tagged Workbooks

    4. Favorites

    5. Email Subscriptions

    6. Data Export

    7. Download Workbook

    8. Share Workbook

    9. Custom Views

    10. Pause/Resume Changes

    11. Dashboard Titles

    1. Filters

    2. Parameters

    3. Apply Button

    4. Filter Categories

    5. Hidden Sticky Filters/Parameters

    6. Specify Filter Sheet

    7. Mark Commenting

    8. URL Action Overrides (Link Target)

    9. Hidden Dashboards

    10. Replace Dashboard URLs

    11. Site Switcher

    12. Cache Filter/Parameter Options

    1. Data Manager Basics

    2. Web Data Connector (WDC)

    3. Connecting to Data Manager

    4. User Commenting

    5. Field Calculations

    1. Overview and Enabling

    2. Report Builder: Scheduled Reports Option

    3. Report Builder: Email Option

    4. Report Builder: Watermark Text

    1. Automatic License Provisioning

    2. Just-in-time (JIT) Provisioning

    3. Users and Groups

    4. Reset User's Password

    1. Frontend User Permissions

    2. Password Change

    3. Password Reset

    4. Password Expiration and Complexity

    1. E-mail Configuration

    1. Force SSL

    2. Trusted Tickets

    3. Basic HTTP Authentication

    1. Import / Export

    2. Backend Users

    3. Frontend Users

    4. Updating License Key

    5. Linux: Cron Troubleshooting

    6. Filesystem Permissions

    7. Backend Administrator Password Reset

    8. Dependency Updates

    9. Manual Restoration of Curator Backup

    10. Updating Curator Logging

    11. Third Party Cookies

    12. Troubleshooting Load Times

    13. Curator Backup

    14. Taking a Manual Full Backup

    1. System Upgrade

    2. Disable Curator Upgrades

    3. Offline Upgrades (Airgapped)

    4. Troubleshooting Upgrades

    1. Scripts

    2. Commands

    3. Subscription Routing

    1. Curator API Overview

    2. Integration

    3. Curator API

    4. Tableau API

    5. Content

    6. User API

    1. Username Mapping

Setup: Authentication

Okta (SAML)

Provisioning Users on Okta

For provisioning users with Okta, you will need to have a user created in both Okta and Tableau server - their username's must match (the "Application username format" step in #4 below).

Once the user logs in, their username in Okta needs to match a username of a user on Tableau Server.

1. Curator Setup

If you have not installed Curator (e.g. Apache, MySQL, PHP, and dependencies) you can do this with the commands in the Installation documentation.

Also ensure you have connected to your Tableau Server instance following the Tableau Server connections steps.

2. Tableau Setup

Tableau Online
Tableau has excellent documentation on connecting Okta to Tableau Online. https://onlinehelp.tableau.com/current/online/en-us/saml_config_okta.htm

Make sure to follow the additional setup steps in the Tableau Online documentation.

Tableau Server
To ensure that after a user signs in to SAML via Curator they do not have to re-sign in to the embedded Tableau Server dashboard (Note: this will only work in conjunction with changing iFrame settings on Okta in step #3 as well):

On your Tableau Server run the command below:

tsm configuration set -k wgserver.saml.iframed_idp.enabled -v true

Next, either run:

tsm pending-changes apply
tsm restart

Or open TSM in your browser and click Pending Changes at the top of the page then click 'Apply Changes and Restart'.

3. Enable iframing for Tableau's Okta App

In the Okta system, ensure you have turned ON iFrame embedding by going to "Settings->Customization". The Tableau Documentation has this marked as "optional": it is not optional for Curator installs unless you are satisfied with forcing your users log in twice to access Tableau content on Curator

4. Okta App Setup

Create a new Application. Navigate to Applications -> Create New App. Note: This will be in addition to the one you already setup for Tableau Online

We recommend naming this app either "Curator" or your preferred name for your branded analytics site.

When filling out the details for the application:

  • For the Single sign-on URL paste in the URL to the homepage of Curator
  • For Audience URI (SP Entity ID) put in the Curator URL without the trailing /, or http/https
  • Select Email (or the format that matches Tableau Server usernames) as the "Application username format"
  • Add an additional attribute of username with the value "user.email" (or the format that matches Tableau Server usernames)

5. Curator Setup

In the SP settings for Curator in Okta, navigate to the "Sign On" tab and click "Identity Provider metadata" to generate a XML metadata file. If this link isn't present you can scroll down and click the "View SAML setup instructions" button on the right-hand side of the screen.
In the Curator backend settings, go to the Settings > Security > Authentication Settings tab. From the authentication list select "SAML". You can use the "Import SAML Metadata" button to import the XML file you generated from Okta. Alternatively, you can manually enter the information:

  • For the Entity ID put the "Audience URI (SP Entity ID)" you filled in before.
  • For the SignOn URL, put the "Identity Provider Single Sign-On URL" URL found in the setup section.
  • For the IdP ID, put the "Identity Provider Issuer" from the setup section.
  • For the SignOut URL, put the URL of the application /login/signout (IE: https://mydomain.okta.com/login/signout)
  • Open the "SAML Advanced" section. For the Certificate, open the metadata XML file, copy the certificate text, and paste it in the field.

6. Optional Setup

You may want to select a few options to make the login process more streamlined. First, set the Curator application to "Auto-launch" in the "edit application" section on Okta.

You may also wish to hide the Tableau Online icon from users. You can do this in the edit application area for the Tableau Online app. Under "App Settings", select "Do not display application icon to users".

You can also select a custom sign-out page to point the user back to Curator so that they don't end up in a weird Okta loop. To do this, go to Settings->Customization->Signout Page. Make the signout page the URL of your Curator URL.