Which three types of authentications can you use to implement single-sign-on (SSO) authentication to Tableau Server? (Choose three.)
Correct Answer: A,C,D
Single Sign-On (SSO) allows users to authenticate once (e.g., via a corporate identity provider) and access Tableau Server without re-entering credentials. Tableau Server supports several SSO methods:
* OpenID Connect (OIDC): An OAuth 2.0-based protocol for SSO, configured via Tableau's SAML settings with an OIDC-compatible IdP (e.g., Google, Okta).
* Kerberos with Active Directory: A ticket-based SSO protocol, widely used in Windows environments with AD integration.
* SAML: A flexible SSO standard using XML assertions, supporting various IdPs (e.g., ADFS, PingFederate).
Let's evaluate:
* Option A (OpenID Connect): Correct. OIDC is an SSO method, implemented as a SAML variant in Tableau Server, enabling seamless login.
* Option C (Kerberos with Active Directory): Correct. Kerberos provides SSO in AD environments, delegating authentication to the domain controller.
* Option D (Security Assertion Markup Language - SAML): Correct. SAML is a core SSO method in Tableau, widely adopted for enterprise integrations.
* Option B (Local Authentication): Incorrect. Local Authentication uses Tableau's internal user database, requiring manual credential entry-no SSO support.
Why This Matters: SSO enhances user experience and security by leveraging existing identity systems, reducing password fatigue.