Allow Saved Access Tokens
After you configure Tableau Server for OAuth, you can decide to allow users to manage their own OAuth credentials, or you want to manage them centrally. If you want users to manage their own, you need to enable user profile settings from the server.
Note: If you have not yet configured your server to enable OAuth data connections, see the related topics listed below.
Note: Single-use refresh tokens are not supported for OAuth connections to Tableau at this time. In most cases, you can set up your identity provider (such as Okta or Redshift IDC) to use rolling refresh tokens instead. For more information, see your provider’s OAuth documentation.
Sign in to Tableau Server as a server administrator.
Single-site: Click Settings > General.
Multisite: In the site menu, click Manage All Sites and then click Settings > General.
In the Saved Credentials section, select the following:
Allow users to save passwords for data sources (allows users to save their individual credentials with data sources).
Allow users to save OAuth access tokens for data sources
Click Save.
After you tick these boxes, users will see a Manage Credentials section in their profile settings, where they can add access tokens for OAuth data connections.
Managing credentials centrally
Server administrators alternatively can manage OAuth credentials centrally. This can work well, for example, if multiple users work from the same data, and you have a dedicated user account for your data provider.
To manage credentials centrally, you do the following:
Clear the tick boxes described in the preceding procedure.
Edit connection information as data sources are published.
When you edit the connection, you embed credentials that use an OAuth access token instead of an individual’s user name and password.
When the settings for saving passwords and access tokens are not enabled, the Manage Credentials section is excluded from users’ profile settings.