Summary

Write-Back allows users to choose from three SSO authentication options, being:

• Kerberos
• SAML
• OpenID Connect

On the following pages, you can find extra information to configure SAML and OpenID.

• Kerberos on Write-Back Server
• OpenID Connect on Write-Back Server
• SAML on Write-Back Server

Authentication workflow with SAML or OpenID

Write-Back supports SAML or OpenID for single-sign-on meaning that users previously authenticated on Tableau Server can use immediately Write-Back without having to log in again. These authentication methods rely on redirects between the Service Provider (Write-Back) and your Identity Provider. 

With SAML or OpenID enabled as authentication options, the application experience is a little different since a new popup will open where the requests to the IDP will happen. As such, when the authentication process is being triggered a new tableau pop-up will come up. This corresponds to the request for the IDP to authenticate the user.  Below are the screens that will show up.

This means a new popup will open in order to request authentication.

The below screens show the new popup after the requests to the IDP happen.

Here you will receive a message regarding the authentication success	Or if something fails you will be redirected to this error screen

If you close the window manually and do not let the login process complete you will be redirected to this page.