Configuring SCIM 2.0 provisioning with Tableau and PingFederate
Learn how to enable Tableau SCIM 2.0 Provisioning in PingFederate.
Before you begin
-
Configure PingFederate to authenticate against an LDAP identity repository containing the users requiring application access.
-
Configure PingFederate with the SCIM provisioning connector to support the SCIM 2.0 protocol.
-
Configure PingFederate with the Tableau SP connection.
-
Configure the PingFederate
run.propertiesfile to support provisioning.
Enable SCIM provisioning in Tableau
-
Sign on to Tableau with an administration account.
-
Go to Settings → Authentication.
-
In the Automatic Provisioning and Group Synchronisation (SCIM) section, select the Enable SCIM check box.
-
Click Generate New Secret.
This will generate a new API secret that PingFederate will use to authenticate to the Tableau SCIM endpoint.
Enable SCIM provisioning in the SP connection
-
In the PingFederate administrative console, select the Tableau SP connector.
-
On the Connection Type tab, select the Outbound Provisioning check box and in the Type list, select SCIM Connector.
-
On the Outbound Provisioning tab, select Configure Provisioning.
-
On the Target tab, in the SCIM Version list, select 2.0 and enter the SCIM URL and OAuth 2 Bearer Token obtained from Tableau.
-
Define a channel to obtain the user details:
-
Add the LDAP source and source location according to your user data source.
-
Configure attribute mappings.
The SCIM userName field must map to an email address.
+ image::ixz1640220648501.png[alt="Screen capture of PingFederate SP Connection channel attribute mapping page.",role="border-no-padding"]
-
Enable the channel.
-