Tableau Embedding API v3 lets you embed interactive Tableau dashboards in any web application. Here is how embedding works, what authentication options are available, and the licensing requirements you need to understand before building an embedded analytics product.
The quick answer
Tableau Embedding API v3 lets you embed interactive Tableau views (dashboards and individual sheets) in any web application — internal portals, customer-facing SaaS products, or external reporting websites. Embedding requires the Tableau JavaScript library, an HTML container element, and authentication credentials. The result is a fully interactive Tableau view rendered inside your application, with your application controlling filters, parameters, and user interactions.
The three questions that determine whether embedding is viable for your use case: What authentication model is required? What are the licensing implications? What customisation does your embedding need beyond the standard view?
How Tableau embedding works
The Tableau Embedding API v3 (JavaScript) initialises a Tableau view within a specified HTML element on your page. At minimum, embedding requires: the Tableau JavaScript API library included in the page, an HTML container div for the embedded view, a view URL from your Tableau Server or Tableau Cloud site, and credentials for the viewer.
When the page loads, the JavaScript library authenticates with Tableau, retrieves the view definition, and renders the interactive Tableau view inside your container element. The rendered view behaves like the native Tableau web view: filters work, tooltips appear, drill-through actions function, and users can interact with the visualisation as they would on Tableau Server directly.
The Embedding API v3 (introduced 2022) uses Web Components — a standard browser API — rather than the JavaScript-only approach of v1 and v2. Web Component syntax means embedding code is simpler and follows web standards more closely than the previous approach. The tableau-viz HTML element is declared in your HTML, Tableau's JavaScript processes it, and the view renders.
Authentication options
Authentication is the most complex aspect of Tableau embedding. The viewer must be authenticated to Tableau before the view will render.
### Connected Apps (recommended for most use cases)
**Tableau Connected Apps** (available on both Tableau Server and Tableau Cloud) allow your application server to generate a signed JSON Web Token (JWT) that authenticates users without requiring them to have Tableau accounts. The flow: your server generates a JWT signed with a Connected App secret, the JWT is passed to the Tableau Embedding API, Tableau validates the JWT and renders the view for the authenticated user.
Connected Apps are the recommended authentication mechanism for external-facing embedded analytics where Tableau accounts for every viewer are impractical or prohibitively expensive. They allow a single Tableau service account to generate tokens for multiple end users, mapping them to a Tableau user for permissions purposes.
Connected Apps support **direct trust** (your application server generates the JWT) and **OAuth 2.0 trust** (your application's OAuth 2.0 identity provider issues tokens that Tableau trusts). Direct trust is simpler to implement; OAuth trust is more appropriate when your application already uses an OAuth identity provider.
### Trusted Authentication (Server only, legacy)
Trusted Authentication creates a trusted relationship between your web server and Tableau Server: your web server requests a trusted ticket from Tableau Server for a specified username, Tableau Server returns a one-time ticket, and the embedding URL includes the ticket for authentication. Trusted Authentication is a Tableau Server-only feature (not available on Tableau Cloud) and is considered legacy — Connected Apps is the recommended approach for new implementations.
### Personal Access Tokens or credentials (development only)
For development and testing, you can authenticate with a username/password or Personal Access Token. This is not appropriate for production deployment — it embeds credentials in client-side code, which is a security risk.
Row-level security in embedded analytics
For embedded analytics where different users should see different subsets of data (multi-tenant SaaS, regional reporting, customer-facing analytics), Tableau provides two mechanisms:
**User filters**: Tableau calculates the current viewer's username and filters data based on it. Using the USERNAME() function in Tableau calculated fields, you can create filters that match data rows where a user column equals the current viewer. For Connected Apps authentication, the JWT's sub claim becomes the value returned by USERNAME().
**Row-level security via published data sources**: Define row-level security in a published data source using user attribute filters. Each viewer's effective row filter is controlled by their group membership or user attributes in Tableau Server, without embedding the filter logic in every workbook.
For more complex multi-tenant scenarios (customer-specific schemas, isolated data by tenant), connected application session attributes passed via JWT claims can parameterise queries or filters at render time.
Embedding API capabilities
Beyond simply displaying a view, the Embedding API v3 exposes methods and events for programmatic control:
**Filtering**: apply filters to the embedded view programmatically. applyFilterAsync() sets filter values from your application code — change a filter in your application UI and update the Tableau view in response, without requiring the user to interact with Tableau's filter controls.
**Parameters**: set Tableau parameter values from your application code. Parameters in Tableau (like date range selectors, granularity toggles) can be driven by controls in your host application.
**Export**: trigger PDF, image, or data downloads from the embedded view programmatically. exportPDFAsync(), exportImageAsync(), exportDataAsync() — trigger these actions from your application's UI rather than Tableau's native export buttons.
**Events**: listen to events from the embedded view — selection changes, filter changes, custom button clicks (via Tableau Extensions), mark selection. Your application can respond to user interactions in Tableau and update other parts of the page.
**Navigation**: navigate between sheets in a workbook, switch between tabs, trigger dashboard actions — all from application code.
Tableau Extensions
Tableau Extensions are web applications embedded within a Tableau dashboard that extend its functionality. Extensions run inside a dashboard container, communicate with the Tableau API to read and modify the dashboard, and can connect to external services.
Common extension use cases: custom navigation elements, custom export options, write-back functionality (users add comments or annotations that are stored in an external database), integrating data from an external API into a Tableau view, custom date pickers or parameter controls with better UX than native Tableau.
Extensions are built as web applications (HTML, CSS, JavaScript) using the Tableau Extensions API. They run in an iframe within the dashboard, have access to the dashboard's data and filter state, and can display custom UI.
For organisations building custom analytics products on Tableau, extensions allow significant UI customisation beyond what native Tableau dashboard design supports.
Licensing for embedded analytics
Licensing is the most common surprise in embedded Tableau deployments. The details:
**Standard Tableau licensing** (Creator, Explorer, Viewer) covers your organisation's employees accessing Tableau via the Tableau web interface or embedded within internal applications. If you are embedding Tableau in a customer-facing application that external users access, standard per-user licensing is not appropriate — it would require every external user to have a Tableau licence.
**Tableau Embedded Analytics** is a separate commercial arrangement for embedding in applications accessed by users outside your organisation. Two commercial models:
**Per-user licensing**: external users are licenced as Tableau Viewers ($15/user/month list price). Appropriate when the number of external users is known and manageable.
**Core-based licensing** (Legacy capacity licensing): a capacity licence covers unlimited external users. More economical when the user base is large or anonymous (public-facing applications). Core-based licensing requires a minimum server capacity purchase; pricing is negotiated.
Contact Tableau's sales organisation to verify your specific licensing requirements before building an embedded product. Deploying a customer-facing Tableau embedding under a standard Server or Cloud licence without the Embedded Analytics commercial arrangement is a licence violation.
Performance in embedded deployments
Embedded Tableau views load and render with the same performance characteristics as native Tableau web views — they are the same rendering engine. The performance optimisations that apply to Tableau Server in general apply to embedded views:
**Extract-based data sources**: live query performance depends on the underlying database. Extract-based data sources serve results from Snowflake's in-memory VizQL engine, decoupled from source database load. For embedded analytics where consistent load time is a requirement, extract-based data sources are more reliable.
**Initial load time**: the Tableau JavaScript library and view definition must load before the view renders. Minimise this with CDN-served JavaScript libraries and views that are sized appropriately (not too many marks, not excessively complex calculated fields).
**View complexity**: embedded views should follow the same design principles as any Tableau dashboard — fewer marks, simpler queries, pre-aggregated data sources. A Tableau view that takes 8 seconds to load natively will take 8 seconds to load embedded. See Tableau Server performance tuning guide for the optimisation framework.
For the Tableau architecture context (Server vs Cloud, licensing, and the end-of-life considerations that affect long-term embedded analytics investment), see Tableau Server vs Tableau Cloud. For building automation around Tableau — including the REST API calls that complement embedded analytics workflows — see Tableau REST API guide.
Our Tableau consulting practice builds embedded analytics solutions for organisations building customer-facing analytics products and internal portal embedding. If you are evaluating Tableau embedding for a specific use case, book a free 30-minute audit.
A former Microsoft data architect audits your data foundation, identifies your top priorities, and sends you a written plan. Free. No pitch.
Book a Call →