During the troubleshooting of SAML authentication issues in Tableau Server, what is a common area to investigate?
A. The network bandwidth and latency between the Tableau Server and the SAML provider
B. The time synchronization between Tableau Server and the SAML identity provider
C. The storage capacity of the Tableau Server to handle SAML requests
D. The version compatibility of the web browser used to access Tableau Server
B. The time synchronization between Tableau Server and the SAML identity provider
Explanation:
Why B is Correct?
SAML assertions are time-sensitive and typically valid for only a few minutes.
If the clocks on Tableau Server and the SAML identity provider (IdP) are not synchronized, authentication fails with errors like "Invalid timestamp" or "Assertion expired."
Tableau’s SAML Troubleshooting Guide lists this as a primary check.
Why Other Options Are Incorrect?
A. Network bandwidth: SAML exchanges are lightweight (KB-sized); latency rarely causes failures.
C. Storage capacity: Irrelevant—SAML operates via HTTP requests, not disk storage.
D. Browser version: While browsers must support SAML, mismatches usually cause clear errors (e.g., "Unsupported protocol").
Reference:
SAML 2.0 Core Specification (Section 2.3.2 on time conditions).
Final Note:
B is the most common SAML failure point. Always confirm time sync before investigating deeper (A/C/D).