- Generate a public certificate and private key pair.
- In order to successfully complete the integration between JumpCloud and Tableau, you must use an administrator account in Tableau.
- How to configure User authorization.
Configure the Service Provider: Part 1
- Navigate to
https://sso.online.tableau.com/and login to Tableau Online as an administrator.
- Select on the Settings tab.
- Select on Authentication.
- In the Authentication types section, check the box for Single sign-on with SAML.
- Copy the Tableau Online entity ID.
- Select Download signing and encryption certificate.
- Leave Tableau open.
Configure the JumpCloud SSO Application
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
- Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
- In the SP Entity ID field, paste the Tableau online entity ID you copied from Tableau.
- In the ACS URL field, copy the Assertion Consumer Service URL (ACS) from Tableau and paste.
- Select Upload SP Certificate and upload the certificate you downloaded from Tableau.
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- (Optional) In the Display Label field, enter a label that will appear under the Service Provider logo within the JumpCloud User console.
- Select Activate.
- Select Export Metadata for Tableau.
Configure the Service Provider: Part 2
- Back in Tableau, in the Import Metadata File Into Tableau Online section, upload the metadata file that you downloaded from JumpCloud.
- Select Apply (the IdP Entity ID and SSO Service URL fields should now be filled).
- In the Match Assertions section, in the Identity Provider Assertion Name column, enter ‘EmailAddress’ for the Email field, enter ‘FirstName’ for the First name field, and enter ‘LastName’ for the Last name field.
- In the Select Users section, select Add Users.
- To manually enter the email addresses of users for SSO authentication, select Enter Email Addresses, enter the email addresses separated by semicolons, select the role for the added users, and select Create.
- To import the email addresses of users for SSO authentication, select Import From File to upload the file and select Import Users.
Validate SSO authentication workflows
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
- Navigate to your Service Provider application URL.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.