Staying Secure Is Simple with Tableau 9.1

Every new release of Tableau includes new capabilities for enterprise deployments. These include investments in security, performance, reliability, and scalability.

Keeping our users in the flow of analysis empowers them to ask and answer their own questions at the speed of thought. Users should be able to access the data they need without having to think about connecting to disparate data sources.

With Tableau 9.1, we are making it even easier to integrate Tableau Server with the authentication and authorization standards that you already have in place. In addition to our existing support for standards like Kerberos, SAML, SSL, and Active Directory, we are taking big steps to support other widely-used authentication types. Tableau 9.1 includes support for client certificates, scheduled AD group sync, SAML logout redirect, and SSO for SAP HANA.

Client Certificates

Tableau Server supports a number of authentication mechanisms including Active Directory, SAML, Trusted Tickets, and local authentication specific to Tableau Server. In Tableau 9.1, we’ve added support for client certificates for mutual SSL authentication.

When your users connect to Tableau Server, Tableau Desktop and your browser will authenticate and establish a secure connection seamlessly, without asking for credentials. This encrypts and authenticates all communication between services for users with a public or a private key system and introduces another level of security to Tableau Server.

Our support for client certificates works on desktop and browser platforms (including mobile browsers). And if you are using smart cards to supply the certificate, you’re covered there as well.

Scheduled AD Group Sync

In addition to improving access for end users, we also wanted to simplify tasks for administrators.

In Tableau 9.0, we made significant enhancements to our integration with Active Directory. We focused on improving performance and reliability of our Active Directory syncing infrastructure.

In Tableau 9.1, we took it a step further. Now, all you have to do is set up your connection with Active Directory, set a group sync schedule, and click go. It’s that simple! Manage user and content permissions centrally without having to manually add users to Tableau Server or write custom scripts. Let Tableau’s improved AD sync do the work for you. And if you do need advanced control, use the REST APIs.

SAML Logout Redirect

If you use SAML, Tableau 9.1 lets you specify where your users land after logging out of a session. You can redirect the user to your corporate identity provider (IdP) or wherever makes most sense for their workflow.

The SAML logout capability terminates each user session with a standards-compliant solution that provides for logout actions initiated by Tableau Server or your organization's SAML IdP. This lets the users end their sessions on demand with a seamless end-to-end single sign-on experience with Tableau Server.


We are also adding support for single sign-on to your data in SAP HANA. We recognize that many Tableau users store their data in HANA, and we want to remove all friction from the connection experience.

Supporting self-service analytics at scale entails leveraging existing security and authentication infrastructure while simplifying data access for every Tableau user. We’re committed to helping IT organizations build a culture of self-service analytics through continuous improvements in reliability, security, performance, and manageability.

Subscribe to our blog