Tableau Row Level Security

DataSelf Web Browser (Tableau Embedded Server) can embed row-level security into a data source. The data that the User sees on a report is pre-filtered according to that User's DataSelf Web Browser login name. This allows a publisher to create a single master report, but every User sees only the records appropriate to that user.

Tutorial on Setting Row Level Security

The Tutorial on Setting Row Level Security uses the example of setting row-level security for Sales reports by salesperson.

The concept:

On selected TDS extract filters, create a filter calculation, like SalespersonFilter, to let users see only the data where the salesperson’s email is equal to their Tableau user login (which is their email address).

UNLESS they are a member of the Data Unlimited Access group.

Security at All Levels

Security Tool	Security Type	Description & Capabilities
ETL+	User name & Password	Changes to load and refresh features
SQL Data warehouse	User name & Password	Access to data warehouse, view creation, data modification
Tableau Data Source	Row Level Security	Controls who can see each individual row in a particular Tableau data source, such as Sales Invoice.
Tableau Data Source	Column Level Security	Controls who can see each column(dimension/measure) in a particular Tableau data source, such as Cost of Goods Sold or Gross Profit.
Tableau Group Permissions	Group Membership	Groups can be used to control permissions for large areas of the business, datasources, workbooks, and can also be incorporated into the Row Level Security.
Tableau User Permissions	Individual Permissions	Individual permissions can be used as exceptions to group permissions, but will not overwrite row or column level security.
Tableau User Role	Role Assignment	User roles like "Site Admin", "Explorer", "Viewer", and "Unlicensed" can overwrite group/user permissions, work with them, limit them, or revoke them completely, respectively.
Tableau Server Login	User name & Password	First line of login defense.