Authentication and Security

Sign in to Tableau's REST API directly — no library — and know exactly what TSC does for you under the hood.

beginner30 min4 steps

Why it matters

TSC wraps the REST API, but it doesn't cover every endpoint, and when something breaks you'll be reading raw REST responses. Signing in once by hand — POST the credentials XML, pull the token out, send it back as X-Tableau-Auth — is the fastest way to understand every Tableau API error you'll ever see.

Prompt Recipe

Write a Python script using only the requests library that authenticates against the Tableau REST API: POST a signin request to /api/3.19/auth/signin with a Personal Access Token in the XML payload, parse the auth token and site id out of the response with xml.etree.ElementTree, make one authenticated call (list the site's workbooks) sending the token as the X-Tableau-Auth header, then sign out. Read the server URL, token name, token value, and site content-url from environment variables. On a 401, print which of the three likely causes it is: expired token, wrong site content-url, or wrong API version.

Step 1Creating a Personal Access Token

Step-by-Step PAT Creation

1

Access User Settings

Log into Tableau Server and navigate to your user account settings.

2

Navigate to Personal Access Tokens

Find the "Personal Access Tokens" section in your settings.

3

Create New Token

Click "Create New Token" and provide a descriptive name for your token.

4

Save Token Details

Copy and securely store both the token name and secret value.

Step 2Setting Up Your Environment

Environment Configuration

Before making API calls, set up your environment with the necessary credentials and configurations.

# Environment Variables
export TABLEAU_SERVER_URL="https://your-server.com"
export TABLEAU_TOKEN_NAME="your_token_name"
export TABLEAU_TOKEN_SECRET="your_token_secret"
export TABLEAU_SITE_NAME="your_site_name"

Important Security Note

Never hardcode credentials in your source code. Always use environment variables or secure configuration files.

Step 3Making Your First API Call

Authentication Request

Let's make your first authenticated request to the Tableau Server REST API to get an authentication token.

import requests
import xml.etree.ElementTree as ET

# Server configuration
server_url = "https://your-server.com"
api_version = "3.19"
site_name = "your_site_name"

# Authentication payload
auth_payload = f"""
<tsRequest>
<credentials personalAccessTokenName="{token_name}" 
     personalAccessTokenSecret="{token_secret}">
<site contentUrl="{site_name}" />
</credentials>
</tsRequest>
"""

# Make authentication request
auth_url = f"{server_url}/api/{api_version}/auth/signin"
response = requests.post(auth_url, data=auth_payload)

print(f"Status: {response.status_code}")
print(f"Response: {response.text}")

Success!

If successful, you'll receive an authentication token that can be used for subsequent API calls.

Step 4Best Practices and Next Steps

Authentication Best Practices

Do's

  • • Use environment variables
  • • Implement proper error handling
  • • Set appropriate token expiration
  • • Monitor token usage

Don'ts

  • • Hardcode credentials
  • • Share tokens publicly
  • • Ignore authentication errors
  • • Use overly broad permissions

Ready for the Knowledge Check!

Congratulations! You've completed all the tutorial steps. Now it's time to test your understanding with our knowledge check questions. Click "Complete Tutorial" to unlock the quiz.

Got what you came for? Mark the stop and the line fills in beneath you.