The Management Console of the WriteBackExtreme extension is the place to start your journey. With the Management Console you can manage and control the configuration and authorization of the schemas, database connections, extension updates and its users. The Management Console is a web application that can either be opened in a modal window in your Tableau dashboard or directly in your favorite browser. The entire extension (including the Management Console) will be hosted on-premise or in your private cloud behind your secure firewalls.
The URL of your Management Console is the base url of your WriteBackExtreme extension (that can be found in the trex file) with “/backend” as a suffix. The URL to the Management Console of the WriteBackExtreme Gallery Demo for instance is: https://gallery.demo.writebackextreme.com/backend/ user: writeback pass: adminadmin
Ease of use
Through the guiding web-interface of the Management Console you will be able to setup your write-back use case in minutes. After configuring your WriteBack use case in the Management Console you can instantly use it in Tableau Dashboards and share it with your fellow dashboard users. The Management Console is available to authenticated users. Authenticated users can manage users, extension updates, database connections and schema’s.
Management Console versus Front end configuration
Within the Management Console you can setup your Database connections and write back scenario’s (or schema’s). After you set up and stored a new schema and selected the database and module that fit your use case, you can start configuring the behavior and appearance of the extension in your Tableau Dashboard. This is what we call the Front-End configuration. The extension will automatically connect to the back-end and authenticate you. In the extension you will also be provided with a step by step setup. Here you can select your newly created use case and start doing write back actions! Let’s find out more about the pages you find in the Management Console.
Management Console functions
The Management Console allows you to
Username + Password
This is the basic username + password authentication method. You can configure username and password in the Users section. This method will force every user which uses the extension to login first.
Single Sign On (SSO)
A much requested feature for WriteBackExtreme is now available in WriteBackExtreme. This is of great value in conjunction with Tableau Server sync of Username/User Groups and group memberships. All users will need verified credentials to have access to the use of WriteBackExtreme on your dashboard. Save time and gain even more control on your access permissions in WriteBackExtreme.
WriteBackExtreme supports two pre-defined methods for Single Sign on (SSO).
NOTE: AZURE and OKTA presets will be removed and deprecated in a future release of WriteBackExtreme and that all SSO/SAML configurations need to be done via the manual option as of version 3.0.0 release.
Besides that we support the (tailor made) connection with other Identity Providers. This needs a bit more effort to setup but it enables the integration of most identity providers out there.
Example SSO – Azure configuration
Example SSO – OKTA configuration:
Follow our tutorial to set this up. The example uses an Azure setup for Single Signon (SSO).
Manual Identity provider (IDP): Here is where you can manually log in using your SSO credentials. Firstly enter your IdP Identifier (Entity ID) URL. The unique ID that identifies your application to your IDP. This value must be unique across all applications in your Active Directory tenant. Secondly the Login URL where to redirect to on the IDP and lastly the certificate the certificate should be in base64 format. Note: All set configuration should be tested before saving, make sure to hit ‘Apply config’ before you save the settings page! You can only save the SAML settings when the test is successful.
Example SSO Tailor made / Manual configuration:
For security reasons the strings are partially blanked.
Configure your SSO Login Return URL’s
It is very important to configure the return login URL’s in your SSO / Identity provider’s configuration:
Using the REST API you’re able to authenticate any user with Tableau Server or Tableau Online. If the Username and Password matches an account on Tableau Server the extension will start. This will need to be a local Tableau account, not a SSN. Fill in the details of your Tableau environment under the security tab. Note: This security method only works with Authentication Mode ‘Tableau’. You can find this on Tableau Server/Online on the Users page.
Create and share a pincode which all users will need to enter before having access to the extension. This can be any number combination digit between 4-6 digits. There’s an option to only allow administrators or all users.
This is the default authentication method, we recommend to only use for testing purposes. Usernames will be tracked using the username field in Tableau. It is the least secure, but it is perfectly usable in a closed environment. You can choose if Admin accounts can also use the extension. No authentication, any user with access to the dashboard can interact with the extension.
Windows Authentication for SQL connections
It’s now possible to leave the username and password empty when setting up the connection in the setup of the application. The application will recognize this and instead of login in with a fixed username password, it will use the AD (Active Directory) account of the user running the PHP application.
IP filtering for Management Console
By enabling this option, you can restrict the access to the Management Console for certain IPs of your choosing only. Making it even more safe!
Add the WHITELIST_IPS_MANAGEMENT_CONSOLE setting to the .ENV to enable.
Separate IPs by using ;
Make sure to encapsulate the IPs with double quotes “
A schema is the collection which contains everything about your use-case. The schema will contain information about the selected database, module, user groups and the configuration of the structure of the write-back table. Whenever you create a new schema you have to choose one of our modules first. Depending on the selected module the setup of your schema will be different.
Create a new schema
Below you will find the steps to create a new schema. In this example we create a schema with the DATA HELPER module. Click on the first image and a slideshow will show up. use your right arrow to see the next image, use your left arrow to see the previous image.
Below you see an animated gif that illustrates the entire process of creating a new schema. At the end of the animation it also shows how to edit an existing field, just by opening the schema, select the field you want to change and save your changes. The fields available to add to your form are listed below.
Single Line Text
Set Schema permissions
If you want your schema to be available for all users, you don’t have to set any permissions. If you want a selected group of users to enjoy the schema you set permissions on the schema. Below an animated gif on how to set permissions on a specific schema. If you want to learn how to create groups, click here.
Connections hold information about the connections to your databases. You only have to do this once for every database connection you would like to use for a WriteBack scenario. The username and password of a connection are stored safely and encrypted in our back-end.
A schema is connected to one of the available connections of the WriteBackExtreme module. You can have multiple schemas connected to one single connection. You can simply state that a connection is the authorized path to a database server and one database to store or edit write back information via the schemas within the available modules.
Read more about our supported databases in the ‘Supported Database’ section down below. You can also find more information about our database support in the road map section.
Create a new database connection
Below you will find the steps to create a new connection. In this example we create a connection to a MySQL database in the Gallery Demo of WriteBackExtreme. Click on the first image and a slideshow will show up. use your right arrow to see the next image, use your left arrow to see the previous image.
Below you see an animated GIF that illustrates the entire process of creating a new connection. You can also re-open a connection and change settings, although it is not recommended to change existing connections.
Whenever somebody opens a dashboard with the WriteBackExtreme extension inside, this user will automatically be authenticated and registered as a standard user in the Management Console of the Extension. If the user already exists in the Management Console and has access through a group to the schema, the extension will show. If the user does not exist or the group has no permissions on the schema that is used in the dashboard, the extension will throw an error.
Users are stored in the Management Console for several reasons. The WriteBackExtreme extension has a user-based license model. Therefore it is important to register every user which needs access to the extension. Secondly, by having the users in the Management Console, you can manage which users are able to use the schemas that are available by placing them in groups.
- A user belongs to one or more groups
- Permissions are not set on a user basis but on a user group basis (except for the admin permissions)
- In order to use the extension a user must be registered in the Management Console
- Row Level Security can be set up on a user basis, based on which group they’re in
Create a new (admin) user
All users that interact with the extension will be automatically registered in the WriteBackExtreme Management Console. In the Management Console you can transform a regular user to an admin or vice versa. Below you will find the steps to create a new user. Click on the first image and a slideshow will show up. use your right arrow to see the next image, use your left arrow to see the previous image.
Below you see an animated GIF that illustrates the entire process of creating a new user. You can also edit user properties just by clicking on a user and adjust the properties.
Groups are sets of users who need the same type of access to content. We require that you organize users into groups. You can then set permissions at the group level, to apply a set of capabilities to all users in the group. When you want a new write-back user, just add them to the groups that give the access they need.
- A group contains 1 or more users
- A group belongs to 1 or more schemas
- A group has a set of permissions
Create a new group
Below a demonstration of how to create a group in the WriteBackExtreme Management Console.
Connect with Tableau
Here is where you’ll be connecting with your Tableau environment. Connect and import all your users and user groups directly in to your WriteBackExtreme environment.
This authentication method uses the REST API to authenticate with Tableau Server/Cloud. If the Username and Password matches an account on Tableau Server the extension will start. Note: When Tableau Server/Cloud is connected with an IDP via SSO, we recommend you using the PAT(Personal Access Token) method.
Connect to Tableau Cloud or Tableau Server
To connect to Tableau Server tick the ‘Use Tableau Server to Sync’ untick to connect to Tableau Cloud. Follows these steps for both connections, when connecting to Tableau Cloud you will need to choose the online region before entering details.
Tableau Server connection
When using Tableau server we required the full URL of the Server. When changing this configuration will reset the connection information form. Enter the URL of your Tableau Server and below the Tableau API version.
Username & Password: Enter your Tableau credentials, make sure you are using an Tableau Server administrator account.
Tableau Token name and secret: Make sure you are using a PAT from a Tableau Server administrator account. To find more about how to get tokens visit: https://help.tableau.com/current/server/en-us/security_personal_access_tokens.htm
Note: Personal Access Tokens will expire if they are not utilized for 15 consecutive days. If they are regularly used more frequently than every 15 days, an access token will expire after 1 year, and need to be replaced with a newly created one.
Test connection and connect
Once all details have been added you can then test the connection, hit the test button then connect to the site you wish to sync, then hit apply, then save. You have now successfully connected.
Sync Users and Groups
Now you’ve connected to your desired environment, sync the users and groups from your environment to WriteBackExtreme. You will see the list of the groups from your Tableau environment for you to choose the group(s) you wish to import.
You can use the command codes here to fully automate the synchronization of users and groups between Tableau and WriteBackExtreme. You can execute these commands on your server using Cron or Windows Task Scheduler. Note: Groups and users will not be deleted, only updated and/or created.
The command can be different per operating system. In general one of the commands will suffice. Sometimes it is necessary to add the full path to the ‘php’ or ‘php.exe’ (on Windows) executable.
Your license is stored in the Enterprise Customer portal which is available for authorized users within your organization. To update your license you must
- Login to the Enterprise Customer Portal
- Select the menu option “Licenses”
- Copy the WriteBackExtreme license to the clipboard by clicking the appropriate black button
- Login to your WriteBackExtreme Management Console (backend)
- Open the menu “Upgrade & License”
- Click the button “Change License”, a popup window will be shown
- Paste the License key you copied to the clipboard in step 3
- Now press “Validate & Store” to apply the new license key for WriteBackExtreme
- Check if your expected changes are applied to your WriteBackExtreme instance. If not start again at step 1
- Log out of the WriteBackExtreme Management Console (backend)
Below a screencast of the entire process. The screencast starts with the obtaining of the license via the Enterprise Customer portal. After obtaining the license (copied to the clipboard) in the Enterprise Customer portal it shows how to proceed after logging in to the Management Console of WriteBackExtreme.
If you need access to your extension file (.trex) of WriteBackExtreme you can download it here directly from your management console, the .trex will instantly download once clicked.
Full Laravel log history is stored and can be accessed from here
To head back to the front page of the WriteBackExtreme documentation page, click here.
This will sign you out of the management console.
OTAP support enables you to easily import/export schemas from test to production or from environment A to environment B. While using this all IDs and references will stay the same making it very easy to migrate your workbooks as well. Schemas can be migrated between different database drivers. Importing a schema will only import the schema structure, data is not migrated.
To import a schema to your environment head to the schema tab and you will see an import button.
Here you can connect to select the connection where to import your schema. Upload the Json file that has been exported, if you are important in the same environment as where you exported, be sure to rename the label and table.