During the troubleshooting of OpenID Connect integration issues in Tableau Server, what common factor should be examined?
A. The load balancing configuration of the Tableau Server
B. The redirection URI specified in the OpenID Connect provider and Tableau Server configuration
C. The encryption strength of the SSL certificate on the Tableau Server
D. The storage capacity on the Tableau Server for caching user tokens
B. The redirection URI specified in the OpenID Connect provider and Tableau Server configuration
Explanation:
Why B is Correct?
Redirection URI mismatches are the most common cause of OpenID Connect (OIDC) failures.
The exact URI (including protocol https://, path, and trailing slashes) must match identically in:
The OIDC provider’s app registration (e.g., Azure AD, Okta).
Tableau Server’s OIDC configuration (tsm authentication oidc).
Even minor discrepancies (e.g., http:// vs. https:// or missing /) will break authentication.
Why Other Options Are Less Likely?
A. Load balancing: Relevant for general server performance but unrelated to OIDC’s authentication flow.
C. SSL encryption strength: OIDC requires HTTPS, but failures are due to configuration errors, not certificate strength.
D. Token storage capacity: Rarely an issue—Tableau Server handles token caching efficiently.
Steps to Verify the Redirection URI:
Compare with the OIDC provider’s settings:
Ensure URIs match exactly (e.g., https://tableau.example.com/oidc/callback).
Test authentication: Use browser developer tools to check for redirect_uri errors.
Reference:
Tableau’s OIDC Troubleshooting Guide lists URI mismatches as the top issue.
OpenID Connect RFC 6749 mandates exact redirect URI matching.
Final Note:
Always start with B—90% of OIDC issues stem from URI mismatches. If resolved, then check SSL (C) or provider logs.