I am trying to build an app in Laravel that uses the OneLogin API to provide a seamless integration with their data. Part of the users' data is displayed in an embedded Tableau view (hosted on Tableau Online).
- I have successfully added the Tableau app in OneLogin.
- I have also setup the SAML authentication - working
- Laravel app can get a token and assertion via API from OneLogin
My understanding is that the SAML assertion is supposed to authenticate the user whose details were sent as part of the assertion, however, after receiving the assertion and redirecting to the view with the embedded Tableau view, the user is prompted to log in.
This kind of defeats the purpose of the assertion.
User prompted to log in:
Application storage:
Am I missing (misusing) the purpose of the assertion?
Should the assertion be added to the session?
How can I authenticate the user once without having them providing credentials for all the services used in the app?