Generate the Access Token and Frontdoor URL for Tableau Next Embedding
To complete the authentication process, you need to generate an access token and a frontdoor URL. Use the generated Frontdoor URL as the authCredential value when you initialize the SDK.
To generate the token without creating logic for single sign-on, you can use this command to get the access_token. In this command, the location references your Salesforce org and client_id and client_secret are the values that you copied and saved from the OAuth Settings.
For more information on Salesforce OAuth flows and access tokens, see
- User-Agent OAuth Authentication Flow
- OAuth 2.0 User-Agent Flow
- Portal Authentication Using OAuth 2.0 and Salesforce Site
Frontdoor URLs are used to bridge into UI sessions, giving users uninterrupted access to Salesforce and other apps. It uses an existing session to automatically log users into a new UI with making them enter their credentials again. For Tableau Next embedding, only the embedded components need and use the frontdoor URL.
Frontdoor URLs are short-lived. For session refresh, a new frontdoor URL must be generated.
For information on how to use the UI Bridge API to generate frontdoor URLs, see Generate a frontdoor URL to Bridge into UI Sessions.
- Don't hardcode OAuth tokens or frontdoor URLs in your client-side code.
- Pass credentials to the browser only when strictly necessary. Credentials can be scrapped from the browser by malicious actors.
The SDK provides a logout() method to terminate the Salesforce session.
Using the logout() method logs out all other Salesforce sessions running in the same browser. Consider this impact as you design your user logout flow.