When your Tableau views use a Microsoft SQL Server Analysis Server data connection, you can set up the connection to require authentication, to ensure that only appropriate users can access particular views.
Connect to the data through a specific user account
Step 1
Open a new workbook and connect to Microsoft SQL Server Analysis Services.
Step 2
In the Analysis Services Connection dialog box, do the following tasks:
- Under Step 1, provide the location of the cube.
- Under Step 2, select Use a specific username and password, and type the credentials you want users to provide to access each view.
- Under Step 3, click Connect. For Tableau Desktop 6.1 and earlier, click Test Connection. If you see a notification that the connection to the database was successful, click OK.
- Under Steps 4 and 5, select a database from the list and a cube from the database.
- (Optional) Under Step 6, edit the connection name.
- Click OK.
Verify credentials are not embedded during workbook publishing
Ensure that passwords are not saved and credentials are not embedded in published workbooks.
Step 1
Open a workbook, select Server > Publish Workbook, and sign in to Tableau Server.
Step 2
In the Publish Workbook to Tableau Server dialog box, click Authentication.
Step 4
In the Authentication dialog box, verify the authentication method used for the data source, and click OK. In this example, the authentication method is Prompt User, which is expected.
Step 5
In the Publish Workbook to Tableau Server dialog box, click Publish.
Use Tableau Server to allow users to save credentials
Note: When you use this approach for views published to Tableau Server or Tableau Online, subscriptions are disabled. Users can subscribe to views that do not require credentials or have them embedded.
To provide added control over workbooks, as an administrator, you can allow workbook publishers the ability to attach passwords to published workbooks.
Step 1
Sign in to Tableau Server using your administrator username and password.
Step 2
On the Maintenance page, under Settings, select Embedded Credentials and Saved Passwords.
These settings allow the user the options of saving the password and embedding credentials.
Step 3 (optional)
Clear the Enable Guest check box.
The user should have to provide credentials only once. By selecting the Saved Passwords check box, you allow the user to reconnect across multiple-browser sessions and machines. This is a server-side setting; that is, there are no cookies or browser session requirements.