Access Sites from Connected Clients

By default, Tableau Online allows users to access their sites directly from a Tableau client. It allows this access after the user provides credentials the first time they sign in from the client. A client in this case is a Tableau application or service that can exchange information with Tableau Online. Examples of Tableau clients include Tableau Desktop, Tableau Bridge, and Tableau Mobile.

Tableau Online establishes a connected client by creating a secure access token that uniquely identifies a user when the user signs in from the client.

Connected client requirement for Tableau Bridge

The default connected client option must remain enabled for the site to allow Tableau Bridge clients to run unattended and, if enabled, support multi-authentication with Tableau authentication. If connected clients are disabled for the site, Bridge can only support Tableau username and password authentication.

Note: If multi-factor authentication (MFA) is enabled with Tableau authentication, Bridge clients must be running Tableau Bridge version 2021.1 and later. For more information about Tableau with MFA, see About multi-factor authentication and Tableau Online(Link opens in a new window).

Opt out of allowing connected clients

Site admins can turn off this functionality, to require users to sign in explicitly each time they visit Tableau Online.

Opting out is recommended if SAML is enabled on your site, and you want to ensure that users do not have access to Tableau Online when they are removed from the IdP’s SAML directory.

  1. Sign in to Tableau Online with your site admin credentials.

  2. Select Settings, and then select the Authentication tab.

  3. Under Connected clients, clear the Let clients automatically connect to this Tableau Online site check box.

If you opt out of connected clients, keep the following points in mind:

  • Some clients provide a Remember Me check box, which users can select to remember their user name. Users always need to provide their password.

  • For sites configured for single sign-on using SAML authentication, users have direct access to the site after they sign in the first time. They can do this if they do not sign out explicitly by selecting the Sign Out link.

Remove a user’s connected clients

Site administrators can remove clients (access tokens) associated with a particular user, for example, if the user is no longer a member of the site or is seeing a message about exceeding the maximum number of clients in their account.

  1. Select Users, and on the Site Users page, select the link on the user's display name.

  2. On the user's page, select the Settings tab.

  3. In the Connected clients section, remove the appropriate clients.

Users also can go to their own account settings page to remove specific clients.

See also

Sign In to Tableau Online

OAuth Connections

Stay Connected with Automatic Sign-In(Link opens in a new window) (Tableau User Help)

Thanks for your feedback!