Tableau Server–Internal Users versus External Users

Tableau is a great product for creating and publishing visualizations. Internal users (part of your corporate domain) can publish visualizations – which the entire world (public users) can access.

This is a typical use case-  so I figured that the authentication model for such a use case would be well defined (for e.g. an LDAP based passing of credentials from public to internal domain).

However, there isn’t really a one-stop authentication mechanism which encompassed both external and internal users.

This forces you to separate out your CONTENT RENDERING (the public facing website) – and the CONTENT CREATION (the internal facing Tableau Server).

Built in Authentication Mechanisms

Their built-in TTA (Tableau Trusted Authentication) is one such mechanism – but this leads to creating (and managing) logins for EACH and EVERY public user that consumes a visualization. 

Yes – they  have a GUEST user concept which allows one to bypass individual login creations – but the GUEST user will not be part of your corporate domain – and hence will not be able to handle the INTERNAL use case (being able to PUBLISH visualizations)

SEPARATE out the PUBLIC FACING WEBSITE and the INTERNAL Tableau Server

So – to summarize, for your external users , simply use an external facing web server – which FETCHES the visualizations from the Tableau Server (INTERNAL) – using a javascript API.

JavaScript API Overview

Tableau’s JavaScript API helps integrate Tableau visualizations into your own web applications:

Here are some of the things that you can do with the JavaScript API:

• Display visualizations from Tableau Server, Tableau Public, and Tableau Online in web pages.
• Dynamically load and resize visualizations.
• Filter the data displayed in visualizations with HTML controls in the page.
• Select marks in visualizations.
• Respond to events in visualizations.
• Export visualizations to an image or PDF file.