The following is a summary of the steps in Azure AD to synchronize its SAML with DataSelf’s Tableau server. This should allow Office 365 (O365) users to leverage Azure’s Single Sign-on (SSO) and multi-factor authentication (2FA, MFA) features for Tableau Server users.

  1. Ask for your Tableau SAML metadata file.

  2. When you receive the XML metadata file, go to your Azure AD, register an Enterprise app using the Tableau Server template from the Azure AD Gallery and import the provided XML metadata in the Set up single sign on SAML settings.

  3. Edit the Basic SAML Configuration adding ‘’ to the Sign on URL. Click Save.

  4. Grant user access to Tableau in the Users and Groups section of the newly created application.
    For more see Assign Azure AD roles to users.

  5. Edit the User Attributes & Claims adding a new claim: username with the value user.othermail and ensure that the Unique User Identifier claim has the value: user.prinicipalname. Click Save.

  6. Export the Federation Metadata XML to a file and send it to DataSelf.

  7. Send DataSelf the name of an existing Tableau user that can be used to test the SAML authentication.

More references