TLDR: using keycloak as IdP and OpenID. i can receive a token using an external request but not using Tableau's internal authentication
==========================================================================================
Hello,
I have recently installed my new tableau Server and I'm trying to get external authentication working using the OpenID protocal and Keycloak as an IdP. I am able to retrieve tokens from Keycloak using the chrome add-on postman, however when ever I try to log onto tableau I am prompted with a window/message from keycloak saying "Invalid parameter: redirect_uri". I can provide more information about my keycloak setup, but i have a feeling that is functioning as intended.
My tableau setup:
vizportal.openid.client_id: Tableau_Server
vizportal.openid.client_secret: <it's a secret>
vizportal.openid.config_url: http://localhost:8180/auth/realms/demo/.well-known/openid-configuration
The redirect URI is a fixed location (or I dont know how to change it): http://TableauHost/vizportal/api/web/v1/auth/openIdLogin
Keycloak documentation requires that a json file be added to my applications WEB-INF folder, this seems out of my reach as an admin and not a tableau dev. the file is simple and describes all the information that is present in the configuration, however I'm guessing it wants to send the file as part of the POST request.
Hey Dillon,
I was actually the person James brought onto your call with Tableau Support to assist.
We were able to solve the problem by re-configuring the IdP to allow a different redirect URI. There were a few other factors that were also specific to your configuration, those don't need to be discussed here as they will vary for each environment.
Either way, I'm glad we were able to resolve the issue!
