Problem statement
An Auth0 application with an embedded Tableau workbook and an SSO setup has been implemented. On successful login to the Auth0 app, the Tableau iframe displays the login page again. How can we prevent the additional login page from displaying?
Cause
The Tableau iFrame is considered a third-party application, as the iFrame SSO setup and the parent Auth0 application have different top-level domains. Many browsers do not allow the setting of third party cookies on the parent application’s side, so session information is not being shared properly. For example, Safari has Intelligent Tracking Prevention (ITP) enabled, which blocks third-party cookies from being set and third-party applications from reading cookies from the parent application.
Solution
To prevent this additional log-in page, use Google Chrome and allow third-party cookies:
- In Chrome, click the Chrome menu icon (three dots in the upper right)
- Click Settings.
- In the Privacy section, click Cookies and other site data.
- Make sure that Block third-party cookies and Block all cookies are not selected.
The other, more difficult, alternative is to set the Tableau iFrame and the parent Auth0 application domain as the same.