![]() ![]() OAUTH_CAP_SUPPORTS_HTTP_SCHEME_LOOPBACK_REDIRECT_URLS Use this when your authorization server doesn’t allow dynamic port ranges for localhost/native apps. Only relevant for desktop apps (Tableau Desktop and Prep). Use this if Client secrets are expected in the query parameter instead of the request header. OAUTH_CAP_CLIENT_SECRET_IN_URL_QUERY_PARAM Only use if you define a USERINFO_URI in oauthConfig file to retrieve the userinfo in a separate request Used to protect against CSRF attacks, more details: If set to true, we are using S256 by default. Whether your OAuth provider PKCE requires code_challenging_method passed in. OAUTH_CAP_PKCE_REQUIRES_CODE_CHALLENGE_METHOD Whether your OAuth provider supports PKCE, more details: See Instance URL/Custom Domain for more information. OAUTH_CAP_SUPPORTS_CUSTOM_DOMAIN only works for embedded OAuth config. The OAuth config will specify the relative paths for the URLs, and the end user will have to provide the IDP hostname when creating a new connection. Capability NameĮnable this if your IDP has different URLs. This set of OAuth Config capabilities is not shared with the regular connector capabilities. It is usually not needed to define your own field, and this field will not be able to participate in any OAuth flow. Use together with OAUTH_CAP_SUPPORTS_GET_USERINFO_FROM_ID_TOKEN If you have openid as your scope this field is returned and can be used to retrive userinfo. Used to refresh access token.ĭefaults to the time when the token is sent to Tableau For example this maps Tableau’s ACCESSTOKEN field to access_token in the authorization server response. The XML elements accessTokenResponseMaps and refreshTokenResponseMaps define a relationship between Tableau field names to fields in the authorization server response. ![]() If not defined will use accessTokenResponseMaps by default Key value pair that maps a refresh token request response attribute to Tableau recognized attribute Key value pair that maps an initial token request response attribute to Tableau recognized attribute Uses Java regex pattern syntax, which is similar to PCRE. Use to validate against your OAuth instance Url. ![]() If OAUTH_CAP_SUPPORTS_CUSTOM_DOMAIN is set this is a relative path to the instance URL like /oauth2/v2.0/userinfo If OAUTH_CAP_SUPPORTS_CUSTOM_DOMAIN is set this is a relative path to the instance URL like /oauth2/v2.0/token If OAUTH_CAP_SUPPORTS_CUSTOM_DOMAIN is set this is a relative path to the instance URL like /oauth2/v2.0/authorize This element can be specified multiple times, one for each port. See redirectUrisDesktop Format below for the URL format. This will configure the URL for the authorization response browser redirect. Only required when OAUTH_CAP_FIXED_PORT_IN_CALLBACK_URL is set to true. This is not considered a secret and will be stored in plain textĬlient Secret you registered for Tableau Desktop When using an external/custom config this must begin with the prefix “custom_”.Ĭlient ID you registered for Tableau Desktop This is a required attribute if there are multiple OAuth configs defined for a connector. The dbclass must be same with as the class attribute in manifest.xml The connector class which this OAuth config applies to. is the parent element for all fields below. ![]() Here we discuss the structure of this file. The OAuth Config file ( XSD) is identified in the main plugin manifest using the element. The OAuth Config file defines your connector’s OAuth configuration and also provides the ability to customize how the OAuth flow should work. server dbname sslmode authentication username The OAuth Config File To enable OAuth for your connector add an field in the manifest.xml and link to an oauthConfig.xml you created, described below. How to Enable OAuth for a Plugin Connectorįirst check your database and driver documentation to make sure it supports OAuth.
0 Comments
Leave a Reply. |