Data Security

Tableau provides several ways for you to control which users can see which data. For data sources that connect to live databases, you can also control whether users are prompted to provide database credentials when they click a published view. The following three options work together to achieve different results:

  • Database login account: When you create a data source that connects to a live database, you choose between authenticating to the database through Windows NT or through the database’s built-in security mechanism.

  • Authentication mode: When you publish a data source or a workbook with a live database connection, you can choose an Authentication mode. Which modes are available depends on what you choose above.

  • User filters: You can set filters in a workbook or data source that control which data a person sees in a published view, based on their Tableau Server login account.

The table below outlines some dependencies with the above options:

Database Connection Options Data Security Questions
Database login account uses... Authentication mode Is database security possible per Tableau Server user? Are user filters the only way to restrict which data each user sees? Are web caches shared among users?
Active Directory credentials (Windows Authentication)

Kerberos service account

No Yes Yes

Impersonate via server Kerberos service account

Yes No* No
Viewer enters their credentials Yes No* No




User name and password

Prompt user: Viewers are prompted for their database credentials when they click a view. Credentials can be saved. Yes No No
Embedded credentials: The workbook or data source publisher can embed their database credentials. No Yes Yes
Impersonate via embedded password: Database credentials with impersonate permission are embedded. Yes No* No

* Because it can create unexpected results, Tableau recommends that you not use this authentication mode with user filters.

User filters, the embedded credentials option and the impersonation modes have similar effects—when users click a view, they are not prompted for database credentials and they see only the data that pertains to them. However, user filters are applied in the workbook by authors, and the impersonation authentication modes rely on security policies defined by administrators in the database itself.

Thanks for your feedback!Your feedback has been successfully submitted. Thank you!