Configuration on Tableau Server or Tableau Cloud
When embedding dashboards and reports from Tableau Server in external websites and apps, such as monday.com, additional configuration on Tableau Server may be required.
Depending on how you have Tableau Cloud configured, this step may also be required.
Your Tableau administrator can limit the sites where embedding is allowed or disable embedding entirely. If your embedded view doesn't load, check with your administrator to make sure that the site where you have embedded it is on the embedding allow list.
For more information, see Tableau Site Settings for Embedding on the Tableau help website.
Prerequisites
Administration access to your Tableau Server or Cloud instance
Procedure
If your Tableau administrator restricts embedding, then the Tableau Cloud Embedded app will need to be whitelisted so that your dashboards and reports can be displayed in monday.com.
The Tableau Cloud Embedded app is hosted on the following domains, which will need to be whitelisted:
https://monday.dsapps.info
https://everyday.dsapps.infoAside: A list of all domains used by David Simpson Apps is available at https://dsapps.dev/policies/domains/.
Unfortunately, Tableau has no admin user interface to check whether domain whitelisting is required, so you have to interact with the Tableau REST API. For this we recommend Postman.
Step One: Enable Personal Access Tokens and create one
To best interact with the Tableau REST API, you should create a personal access token (PAT). Personal access tokens are disabled by default, so as an administrator, you will need to enable them first.
Details of the procedure are available in this short video:
https://youtu.be/NZ_DwfxsDskHow to check domain allow lists for embedding
Details of how to check domain allow lists for embedding are available in this short video:
https://youtu.be/910Ruq1FDnsFurther information
From Tableau 2022.2 onwards, Tableau site administrators can use the Tableau REST API (version 3.16 and later) to change the default settings.
To view the current settings, use the Tableau REST API Get Embedding Settings for a Site method. The URI takes the form:
<server>/api/<api-version>/sites/<site-id>/settings/embedding.To change the settings, use the Update Embedding Settings for a site method. The settings have two options:
unrestrictedEmbeddingandallowList.
URI |
|
|---|---|
Parameters | Description |
| (Boolean) Controls whether the site allows unrestricted embedding. The default setting is |
| (string) A space-delimited list of websites where embedding views is allowed. |
By default, the unrestrictedEmbedding value is set to true, enabling all websites to embed Tableau views, and the allowList value is an empty ("") string. If unrestrictedEmbedding is set to false, only sites that appear on the allowList are able to embed views. Web applications that use Tableau connected apps with direct trust for authentication are not affected by the embedding site settings. See the Tableau Site settings for embedding and connected apps for more information.
View site settings for embedding
To view the settings, login to Tableau using the Tableau REST API. See Sign In.
Using the token returned by signing in and the site id, you can query the site for the embedding settings, see Get Embedding Settings for a Site.
The following shows the results of such a query. These settings show the default configuration that allows unrestricted embedding.
{
"site": {
"settings": [
{
"allowList": "",
"unrestrictedEmbedding": true
}
],
"id": "abcd1234-ab12-ab12-ab12-abcd1234abcd"
}
}
Restrict embedding to websites on the allowlist
To restrict embedding so that only the web site that you specify are allowed to embed views from this Tableau site, you need to set unrestrictedEmbedding to false. You then specify the websites you want to allow in the allowList. The allowList is a space-delimited list of sites. You can use wildcards and port numbers, following the Content Security Policy standard outlined for sources.
To update the settings, login to Tableau using the Tableau REST API. See Sign In.
Using the credentials token returned by signing in and the site id, update the site for the embedding settings, by sending a request packet with the updated settings. See Update Embedding Settings for a site.
For example, the following request packet restricts embedding views to just three websites, including a local computer used for testing.
{
"site": {
"settings": [
{
"allowList": "https://monday.dsapps.info https://*.mycompany.com",
"unrestrictedEmbedding": false
}
],
"id": "abcd1234-ab12-ab12-ab12-abcd1234abcd"
}
}Further reading
https://help.tableau.com/current/api/embedding_api/en-us/docs/embedding_api_site.html
For information about using the Tableau REST API to configure the Tableau site settings for embedding, see Get Embedding Settings for a Site and Update Embedding Settings for a site.