Tableau Connector for Apache CouchDB

Build 24.0.9060

Configuring a Connection

After Installing the Connector you can connect and create a Data Source for data in Apache CouchDB.

Setting Up a Data Source

Complete the following steps to connect to the data:

  1. Under Connect | To a Server, click More....
  2. Select the data source called Apache CouchDB by CData.
  3. Enter the information required for the connection.
  4. Click Sign In.
  5. If necessary, select a Database and Schema to discover what tables and views are available.

Using the Connection Builder

The connector makes the most common connection properties available directly in Tableau. However, it can be difficult to use if you need to use more advanced settings or need to troubleshoot connection issues. The connector includes a separate connection builder that allows you to create and test connections outside of Tableau.

There are two ways to access the connection builder:

  • On Windows, use a shortcut called Connection Builder in the Start menu, under the CData Tableau Connector for Apache CouchDB folder.
  • You can also start the connection builder by going to the driver install directory and running the .jar file in the lib directory.

In the connection builder, you can set values for connection properties and click Test Connection to validate that they work. You can also use the Copy to Clipboard button to save the connection string. This connection string can be given to the Connection String option included in the connector connection window in Tableau.

Connecting to Apache CouchDB

Apache CouchDB supports three types of authentication:

  • Basic: Basic username/password authentication.
  • JWT: Authentication with JWT token.
  • None: Anonymous access for databases that are public.

If you want your users (or JWT tokens) to have access to only specific databases, you have to configure the admin_only_all_dbs option in the Apache CouchDB instance to grant all users access to the "/_all_dbs" endpoint which is required by the connector for listing tables. Otherwise the connector won't be able to connect, because the endpoint will throw an authentication error.

Basic Authentication

Set the following to connect to data:

  • AuthScheme: Basic.
  • Url: The Url of your Apache CouchDB instance. For example: http://localhost:5984
  • User The Apache CouchDB user account used to authenticate.
  • Password The Apache CouchDB password associated with the authenticating user.

JWT Authentication

The following connection properties are required and must always be specified:

  • AuthScheme: JWT.
  • Url: The Url of your Apache CouchDB instance. For example: http://localhost:5984.

From here you can:

1. Set the following so that the connector automatically generates (and refreshes if applicable) the tokens for you:

Required

  • JWTSubject: The name of the user to assign to the JWT token.
  • JWTAlgorithm: The algorithm to use for the JWT token signature.
  • JWTKeyType: The type of the encryption key.
  • JWTKey: The encryption key used to sign the JWT token generated by the connector.

Optional

  • JWTIssuer: The issuer of the JWT token.
  • JWTExpiration: How long the JWT token should remain valid, in seconds.
  • JWTHeaders: A collection of extra headers that should be included in the JWT header.
  • JWTClaims: A collection of extra claims that should be included in the JWT payload.
  • CredentialsLocation: The location of the settings file where the JWT token is saved.

2. Or you can generate the tokens yourself manually and pass them to the connector by using the JWTToken connection property.

Generating the key pair

When using asymmetric algorithms to sign the tokens, you must generate a private/public key pair. For that, a cryptographic library like OpenSSL can be used. For example: 

# generate private key
openssl genrsa --out private_rsa256.pem 2048

# extract public key
openssl rsa -in private_rsa256.pem -pubout > public_rsa256.pem

JWT Configurations

Refer to CouchDB JWT Authentication Documentation for the following.

The alg and sub are required claims and will always be validated by the Apache CouchDB instance. Other required claims can be configured in the server (see required_claims). In that case, you must use JWTHeaders and JWTClaims so that the connector can include those additional claims when generating the JWT token.

You can use roles_claim_name or the roles_claim_path options to assign roles to the JWT tokens.

Refer to the following example for configuring the server and the connector:

server configuration

[chttpd]
...
authentication_handlers = {chttpd_auth, jwt_authentication_handler}, {chttpd_auth, cookie_authentication_handler}, {chttpd_auth, default_authentication_handler}
admin_only_all_dbs = false
...

[jwt_auth]
...
required_claims = exp
roles_claim_path = my.nested._couchdb\.roles
rsa:rsa_256 = -----BEGIN PUBLIC KEY-----\nYOUR_PUBLIC_KEY\n-----END PUBLIC KEY-----\n
...
connector configuration

Url=http://localhost:5984;
JWTSubject=JWT User 1;
JWTAlgorithm=RS256;
JWTKeyType=PEMKEY_FILE;
JWTKey=PATH_TO_FOLDER\private_rsa256.pem;
JWTHeaders=kid : rsa_256 | Custom Header 1 : Test 1;
JWTClaims= my : eyJuZXN0ZWQiOnsiX2NvdWNoZGIucm9sZXMiOlsidXNlcjIiXX19 | Custom Claim 1 : Test 1;

Anonymous

Set the following to connect to data:

  • AuthScheme: None.
  • Url: The Url of your Apache CouchDB instance. For example: http://localhost:5984
  • PublicDatabases: A comma-separated list of public databases to list as tables.

Next Step

See Using the Connector to create data visualizations.

Copyright (c) 2024 CData Software, Inc. - All rights reserved.
Build 24.0.9060