locked
Azure SSO and SAML RRS feed

  • Question

  • Hello Team,

    I am configuring tableau with Azure saml authentication. However, when I was configuring tableau side, it asks saml certificate and saml key. I get the certificate from Azure but where I can get the key?

    I have downloaded the metadata file and that has key file but tableau needs in it pkcs format. How can I convert that string in proper format?

    Thanks,

    Akshay


    Akshay Vithalkar; MCTS(AD) MCTS(Network Infra) MCTS(Server Vitrtualization) MCITP(WindowsServer 2K8) MCSA(WindowsServer 2K8) MCTS(WindowsServer 2K12) MCTS(ExchangeServer 2013) MCTS(Office365 Identities and Requirements) MCTS(Enabling Office 365 Services)

    Tuesday, January 22, 2019 9:17 AM

All replies

  • Hello Akshay,

    According to the tutorial available here for Tableau integration, you can configure Tableau using just the Azure AD metadata file. 

    Azure AD uses only one certificate to sign the SAML tokens and the key is provided in the SAML certificate (base 64 / raw). 

    Can you include a screenshot of where exactly it is asking for IDP SAML key on the Tableau configuration page ?

    Tuesday, January 22, 2019 12:16 PM
  • 

    This is where its asking for key file. From where we can get this?


    Akshay Vithalkar; MCTS(AD) MCTS(Network Infra) MCTS(Server Vitrtualization) MCITP(WindowsServer 2K8) MCSA(WindowsServer 2K8) MCTS(WindowsServer 2K12) MCTS(ExchangeServer 2013) MCTS(Office365 Identities and Requirements) MCTS(Enabling Office 365 Services)

    Tuesday, January 22, 2019 2:28 PM
  • Hello Akshay,

    The metadata file from Azure should be uploaded in step 4. The section where it is asking for SAML key file , is for the configuration on Tableau. 

    In the Tableau doc, it is mentioned that 

    "Certificate key file. An RSA or DSA private key file that has the .key extension. RSA keys must be in in PKCS#1 or PKCS#8 format. The PKCS#1 cannot be password protected. To use a password-protected key file, you must configure SAML with a PKCS#8 file.

    The key file is used by Tableau Server, not the IdP. If you have an SSL certificate key file, you might be able to use it for SAML"

    From what I understand this is needed for Tableau SSL communication and should be generated on your own ,not from Azure. For SSO configuration with Azure AD this is not needed as tutorial available here. I would recommend reaching out to Tableau support to provide more details regarding this. 

    Wednesday, January 23, 2019 4:37 AM
  • Please let us know if this helped resolve your question and remember to "Mark as answer."
    Friday, February 8, 2019 6:20 PM
    Owner