The URL of your Management Console is the base url of your WriteBackExtreme extension (that can be found in the trex file) with “/backend” as a suffix. The URL to the Management Console of the WriteBackExtreme Gallery Demo for instance is: https://gallery.demo.writebackextreme.com/backend/ user: writeback pass: adminadmin
Ease of use
Through the guiding web-interface of the Management Console you will be able to setup your write-back use case in minutes. After configuring your WriteBack use case in the Management Console you can instantly use it in Tableau Dashboards and share it with your fellow dashboard users. The Management Console is available to authenticated users. Authenticated users can manage users, extension updates, database connections and schema’s.
Management Console versus Front end configuration
Within the Management Console you can setup your Database connections and write back scenario’s (or schema’s). After you set up and stored a new schema and selected the database and module that fit your use case, you can start configuring the behavior and appearance of the extension in your Tableau Dashboard. This is what we call the Front-End configuration. The extension will automatically connect to the back-end and authenticate you. In the extension you will also be provided with a step by step setup. Here you can select your newly created use case and start doing write back actions! Let’s find out more about the pages you find in the Management Console.
Management Console functions
The Management Console allows you to
Username + Password
This is the basic username + password authentication method. You can configure username and password in the Users section. This method will force every user which uses the extension to login first.
Single Sign On (SSO)
A much requested feature for WriteBackExtreme is now available in WriteBackExtreme. This is of great value in conjunction with Tableau Server sync of Username/User Groups and group memberships. All users will need verified credentials to have access to the use of WriteBackExtreme on your dashboard. Save time and gain even more control on your access permissions in WriteBackExtreme.
WriteBackExtreme supports two pre-defined methods for Single Sign on (SSO).
NOTE: AZURE and OKTA presets will be removed and deprecated in a future release of WriteBackExtreme and that all SSO/SAML configurations need to be done via the manual option as of version 3.0.0 release.
Besides that we support the (tailor made) connection with other Identity Providers. This needs a bit more effort to setup but it enables the integration of most identity providers out there.
Example SSO – Azure configuration
Example SSO – OKTA configuration:
Follow our tutorial to set this up. The example uses an Azure setup for Single Signon (SSO).
Manual Identity provider (IDP): Here is where you can manually log in using your SSO credentials. Firstly enter your IdP Identifier (Entity ID) URL. The unique ID that identifies your application to your IDP. This value must be unique across all applications in your Active Directory tenant. Secondly the Login URL where to redirect to on the IDP and lastly the certificate the certificate should be in base64 format. Note: All set configuration should be tested before saving, make sure to hit ‘Apply config’ before you save the settings page! You can only save the SAML settings when the test is successful.
Example SSO Tailor made / Manual configuration:
For security reasons the strings are partially blanked.
Configure your SSO Login Return URL’s
It is very important to configure the return login URL’s in your SSO / Identity provider’s configuration:
Using the REST API you’re able to authenticate any user with Tableau Server or Tableau Online. If the Username and Password matches an account on Tableau Server the extension will start. This will need to be a local Tableau account, not a SSN. Fill in the details of your Tableau environment under the security tab. Note: This security method only works with Authentication Mode ‘Tableau’. You can find this on Tableau Server/Online on the Users page.
Create and share a pincode which all users will need to enter before having access to the extension. This can be any number combination digit between 4-6 digits. There’s an option to only allow administrators or all users.
This is the default authentication method, we recommend to only use for testing purposes. Usernames will be tracked using the username field in Tableau. It is the least secure, but it is perfectly usable in a closed environment. You can choose if Admin accounts can also use the extension. No authentication, any user with access to the dashboard can interact with the extension.
Windows Authentication for SQL connections
It’s now possible to leave the username and password empty when setting up the connection in the setup of the application. The application will recognize this and instead of login in with a fixed username password, it will use the AD (Active Directory) account of the user running the PHP application.
By enabling this option, you can restrict the access to the Management Console for certain IPs of your choosing only. Making it even more safe!
Add the WHITELIST_IPS_MANAGEMENT_CONSOLE setting to the .ENV to enable.
Separate IPs by using ;
Make sure to encapsulate the IPs with double quotes “