Download OpenAPI specification:Download
Versions: Tableau Server 2021.1 / Tableau Cloud March 2022 and later
This documentation describes the growing number OpenAPI endpoints being released alongside more than 150 classic REST endpoints that are currently in wide usage in the Tableau community.
There are some differences users of the classic endpoints will recognize when viewing these new endpoints.
Request bodies for these new REST endpoints must be formatted using JSON.
Endpoint URIs may contain a hyphen ('-') instead of an API version number, indicating that the resource is versioned separately from the numbered API release. For more information, see REST API and Resource Versions.
Starting in Tableau Server 2022.1 / Tableau Cloud March 2022, differences between releases will be noted in this reference.To view the previous version of this reference, see Tableau REST API OpenAPI Endpoints (v2021.4).
Enable and configure analytics extensions on sites and, for on premise installations, on servers. With these extensions you can extend Tableau dynamic calculations with languages like R and python, and with other tools and platforms. For more information, see Analytics Extensions API.
When upgrading from a server version less than 2020.2, analytics extensions must be enabled on each site even if external services were enabled on the server being upgraded. Connections for sites must be ported manually.
Using the analytics extensions settings methods you can:
Enables or disables analytics extensions on a server.
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
enabled | boolean |
{- "enabled": true
}
{- "enabled": true
}
Gets the enabled/disabled state of analytics extensions on a server.
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "enabled": true
}
Gets the enabled/disabled state of analytics extensions on a site.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "enabled": true
}
Enables or disables analytics extensions on a site.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
enabled | boolean |
{- "enabled": true
}
{- "enabled": true
}
Adds an analytics extensions connection for an external service to a site.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
connection_luid | string |
host | string Required. The location of an external service (TabPy, Rserve, EINSTEIN_DISCOVERY, Generic API, or other) that responds to your analytics extension requests. The case sensitive value must be a URI, IPv4 or IPv6 address that is a maximum of 255 Unicode characters. Starting in Tableau Server 2022.1 / Tableau Cloud April 2022, a host
address can include path information ( |
port | integer <int32> Required. Integer between 1 and 65535. |
is_auth_enabled | boolean For Tableau Cloud: The value is always true. For on premise Tableau servers: Optional. Set to true if authentication is enabled on the external service. If true, username and password are required. Default is false. |
username | string For Tableau Cloud: A username is always required. |
password | string For Tableau Cloud: A password is always required. |
is_ssl_enabled | boolean For Tableau Cloud: The value is always true. For on premise Tableau servers: Optional. Set to true if authentication is enabled on the external service. If true, username and password are required. Default is false. |
object (tableau.analyticsextensions.v1.ConnectionBrief) |
{- "connection_luid": "string",
- "host": "string",
- "port": 0,
- "is_auth_enabled": true,
- "username": "string",
- "password": "string",
- "is_ssl_enabled": true,
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
{- "connectionMetadataList": [
- {
- "connection_luid": "string",
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
]
}
Lists a site's analytics extension connections for external services.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "connectionMetadataList": [
- {
- "connection_luid": "string",
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
]
}
Deletes a specific analytics extension connection for an external service from a site.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: Can only be called by users with site or server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
connection_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "httpErrorCode": "string",
- "message": "string"
}
Get the details of a specified analytics extension connection to an external service.
Version: Available in API 3.11 (Tableau Cloud March 2021/ Server 2021.1) and later. Versioning Overview
Permissions: Can only be called by users with site or server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
connection_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "connection_luid": "string",
- "host": "string",
- "port": 0,
- "is_auth_enabled": true,
- "username": "string",
- "password": "string",
- "is_ssl_enabled": true,
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
Updates the details of specified analytics extension connection for an external service to a site.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: Can only be called by users with site or server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
connection_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
connection_luid | string |
host | string Required. The location of an external service (TabPy, Rserve, EINSTEIN_DISCOVERY, Generic API, or other) that responds to your analytics extension requests. The case sensitive value must be a URI, IPv4 or IPv6 address that is a maximum of 255 Unicode characters. Starting in Tableau Server 2022.1 / Tableau Cloud April 2022, a host
address can include path information ( |
port | integer <int32> Required. Integer between 1 and 65535. |
is_auth_enabled | boolean For Tableau Cloud: The value is always true. For on premise Tableau servers: Optional. Set to true if authentication is enabled on the external service. If true, username and password are required. Default is false. |
username | string For Tableau Cloud: A username is always required. |
password | string For Tableau Cloud: A password is always required. |
is_ssl_enabled | boolean For Tableau Cloud: The value is always true. For on premise Tableau servers: Optional. Set to true if authentication is enabled on the external service. If true, username and password are required. Default is false. |
object (tableau.analyticsextensions.v1.ConnectionBrief) |
{- "connection_luid": "string",
- "host": "string",
- "port": 0,
- "is_auth_enabled": true,
- "username": "string",
- "password": "string",
- "is_ssl_enabled": true,
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
{- "connection_luid": "string",
- "host": "string",
- "port": 0,
- "is_auth_enabled": true,
- "username": "string",
- "password": "string",
- "is_ssl_enabled": true,
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
Lists basic details of each analytics extension connection available for a specified workbook, including connection type and name.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can be called by users that have permissions to the specified workbook. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
workbook_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "connectionMetadataList": [
- {
- "connection_luid": "string",
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
]
}
Gets basic details, including connection type and name, of the analytics extension connection to an external service that the specified workbook is currently using.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can be called by users that have permissions to the specified workbook. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
workbook_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "connectionMetadataList": [
- {
- "connection_luid": "string",
- "connection_brief": {
- "connection_name": "string",
- "connection_type": "UNDEFINED"
}
}
]
}
Remove the currently used analytics extension connection to an external service from the specified workbook. The connection remains configured, and is available for further usage by the workbook.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can be called by users that have permissions to the specified workbook. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
workbook_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "httpErrorCode": "string",
- "message": "string"
}
Updates the analytics extension connection to external service currently used by a workbook.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can be called by users that have permissions to the specified workbook. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
workbook_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
workbook_luid | string |
connection_luid | string |
{- "workbook_luid": "string",
- "connection_luid": "string"
}
{- "workbook_luid": "string",
- "connection_luid": "string"
}
In February 2024, Tableau's Ask Data and Metrics features and their REST API methods will be retired in Tableau Cloud and Tableau Server version 2024.1. With advances in natural language technologies, we're developing an improved interface that will make it easier to ask questions of your data and stay on top of changes. For more information, see How Tableau AI and Tableau Pulse are reimagining the data experience.
Retired in API 3.22 (Cloud February 2024 / Server 2024.2)
In February 2024, Tableau's Ask Data and Metrics features and their REST API methods will be retired in Tableau Cloud and Tableau Server version 2024.1. With advances in natural language technologies, we're developing an improved interface that will make it easier to ask questions of your data and stay on top of changes. For more information, see How Tableau AI and Tableau Pulse are reimagining the data experience.
Version: Available in API 3.16 ( Tableau Cloud June 2022 / Server 2022.3) and later. Versioning Overview
Permissions: This method can be called by users who have Create permissions for lenses on the site. Permissions Overview
License: No additional license required.
Access Scope:
tableau:lenses:create
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
name | string Required. Name of the lens . Maximum length is 300 characters. |
datasource_id | string Required. The LUID of the data source the lens is associated with. |
project_id | string Required. The LUID of the project to create the lens in. |
description | string Optional. The description of the lens. Maximum length is 4000 characters. |
is_feedback_enabled | boolean Required. Default is |
Array of objects (tableau.nlp.lens.publicrest.v1.FieldDetail) Optional. The fields of the lens. If not specified, a lens with all the qualifying fields from the data source will be created. A lens field contains synonyms used for natural language query, to map words that might be used to mean the same thing as the name of fields or the values fields might have. |
{- "name": "string",
- "datasource_id": "string",
- "project_id": "string",
- "description": "string",
- "is_feedback_enabled": true,
- "fields": [
- {
- "graph_id": "string",
- "custom_label": "string",
- "custom_description": "string",
- "field_synonyms": [
- "string"
], - "value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
]
}
]
}
{- "lens": {
- "id": "string",
- "name": "string",
- "site_id": "string",
- "datasource_id": "string",
- "project_id": "string",
- "owner_id": "string",
- "description": "string",
- "repository_url": "string",
- "is_feedback_enabled": true,
- "fields": [
- {
- "graph_id": "string",
- "custom_label": "string",
- "custom_description": "string",
- "field_synonyms": [
- "string"
], - "inherited_field_synonyms": [
- "string"
], - "value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
], - "inherited_value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
]
}
], - "recommended_visualization_groups": [
- {
- "name": "string",
- "description": "string",
- "recommended_visualizations": [
- {
- "expression": "string",
- "interpretation": "string",
- "colloquial_alias": "string"
}
]
}
]
}
}
Retired in API 3.22 (Cloud February 2024 / Server 2024.2)
In February 2024, Tableau's Ask Data and Metrics features and their REST API methods will be retired in Tableau Cloud and Tableau Server version 2024.1. With advances in natural language technologies, we're developing an improved interface that will make it easier to ask questions of your data and stay on top of changes. For more information, see How Tableau AI and Tableau Pulse are reimagining the data experience.
Returns a list of ask data lenses in a site.
Version: Available in API 3.16 ( Tableau Cloud June 2022 / Server 2022.3) and later. Versioning Overview
Permissions: This method can be called by any user. Responses will include only the lenses to the user has access to. Permissions Overview
License: No additional license required.
Access Scope:
tableau:lenses:read
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "lenses": [
- {
- "id": "string",
- "name": "string",
- "site_id": "string",
- "datasource_id": "string",
- "project_id": "string",
- "owner_id": "string",
- "description": "string",
- "repository_url": "string"
}
]
}
In February 2024, Tableau's Ask Data and Metrics features and their REST API methods will be retired in Tableau Cloud and Tableau Server version 2024.1. With advances in natural language technologies, we're developing an improved interface that will make it easier to ask questions of your data and stay on top of changes. For more information, see How Tableau AI and Tableau Pulse are reimagining the data experience.
Import an existing ask data lens on a server to a site, and optionally transform the metadata of the lens in the process.
Version: Available in API 3.16 ( Tableau Cloud June 2022 / Server 2022.3) and later. Versioning Overview
Permissions: This method can only be called by server administrators or site administrators. Permissions Overview
License: No additional license required.
Access Scope:
tableau:lenses:create
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
The request and response bodies for a lens import each have two parts: the first describes the attributes of the lens being imported, and the second describes transformations, which are changes to the lens metadata, to apply during import.
Use the entire response object from a request to the Get ask data lens method in your import request body.
Lens attributes that can optionally be transformed include name, data source, project, and owner. The original metadata of a lens is replaced by the transformation metadata in the new project the lens is imported to. While lens_transformation
is optional in an import request, a transformation definition will be needed in most cases.
Example transformation use cases
To publish a lens to a new site with modified metadata, sign in to the new site and include the following in your request:
"lens_transformations": {
"datasource_id": "<data_source_LUID_in_new_site>",
"project_id": "<project_LUID_in_new_site>",
"owner_id": "<lens_owner_LUID_in_new_site>"
"name": "<new name of the lens>",
"description": "<new description of the lens>",
}
To publish a lens to a different project in the same site, while signed in to the site, use:
"lens_transformations": {
"project_id": "new project id",
}
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
object (tableau.nlp.lens.publicrest.v1.Lens) Details of the lens to be imported. | |
object (tableau.nlp.lens.publicrest.v1.LensTransformation) Optional. The details of transformation to perform on the lens during import. |
{- "lens": {
- "id": "string",
- "name": "string",
- "site_id": "string",
- "datasource_id": "string",
- "project_id": "string",
- "owner_id": "string",
- "description": "string",
- "repository_url": "string",
- "is_feedback_enabled": true,
- "fields": [
- {
- "graph_id": "string",
- "custom_label": "string",
- "custom_description": "string",
- "field_synonyms": [
- "string"
], - "inherited_field_synonyms": [
- "string"
], - "value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
], - "inherited_value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
]
}
], - "recommended_visualization_groups": [
- {
- "name": "string",
- "description": "string",
- "recommended_visualizations": [
- {
- "expression": "string",
- "interpretation": "string",
- "colloquial_alias": "string"
}
]
}
]
}, - "lens_transformations": {
- "name": "string",
- "description": "string",
- "datasource_id": "string",
- "project_id": "string",
- "owner_id": "string"
}
}
{- "lens": {
- "id": "string",
- "name": "string",
- "site_id": "string",
- "datasource_id": "string",
- "project_id": "string",
- "owner_id": "string",
- "description": "string",
- "repository_url": "string",
- "is_feedback_enabled": true,
- "fields": [
- {
- "graph_id": "string",
- "custom_label": "string",
- "custom_description": "string",
- "field_synonyms": [
- "string"
], - "inherited_field_synonyms": [
- "string"
], - "value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
], - "inherited_value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
]
}
], - "recommended_visualization_groups": [
- {
- "name": "string",
- "description": "string",
- "recommended_visualizations": [
- {
- "expression": "string",
- "interpretation": "string",
- "colloquial_alias": "string"
}
]
}
]
}
}
Retired in API 3.22 (Cloud February 2024 / Server 2024.2)
In February 2024, Tableau's Ask Data and Metrics features and their REST API methods will be retired in Tableau Cloud and Tableau Server version 2024.1. With advances in natural language technologies, we're developing an improved interface that will make it easier to ask questions of your data and stay on top of changes. For more information, see How Tableau AI and Tableau Pulse are reimagining the data experience.
Delete an ask data lens.
Version: Available in API 3.16 ( Tableau Cloud June 2022 / Server 2022.3) and later. Versioning Overview
Permissions: This method can be called by users with administrator and lens owner permissions. Permissions Overview
License: No additional license required.
Access Scope:
tableau:lenses:delete
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
lens_id required | string The LUID of the lens to be deleted. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "lens": {
- "id": "string",
- "name": "string",
- "site_id": "string",
- "datasource_id": "string",
- "project_id": "string",
- "owner_id": "string",
- "description": "string",
- "repository_url": "string",
- "is_feedback_enabled": true,
- "fields": [
- {
- "graph_id": "string",
- "custom_label": "string",
- "custom_description": "string",
- "field_synonyms": [
- "string"
], - "inherited_field_synonyms": [
- "string"
], - "value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
], - "inherited_value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
]
}
], - "recommended_visualization_groups": [
- {
- "name": "string",
- "description": "string",
- "recommended_visualizations": [
- {
- "expression": "string",
- "interpretation": "string",
- "colloquial_alias": "string"
}
]
}
]
}
}
Retired in API 3.22 (Cloud February 2024 / Server 2024.2)
In February 2024, Tableau's Ask Data and Metrics features and their REST API methods will be retired in Tableau Cloud and Tableau Server version 2024.1. With advances in natural language technologies, we're developing an improved interface that will make it easier to ask questions of your data and stay on top of changes. For more information, see How Tableau AI and Tableau Pulse are reimagining the data experience.
Get the details of the specified ask data lens.
Version: Available in API 3.16 ( Tableau Cloud June 2022 / Server 2022.3) and later. Versioning Overview
Permissions: This method can be called by users who have Read access to the lens. Permissions Overview
License: No additional license required.
Access Scope:
tableau:lenses:read
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
lens_id required | string The LUID of the lens. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "lens": {
- "id": "string",
- "name": "string",
- "site_id": "string",
- "datasource_id": "string",
- "project_id": "string",
- "owner_id": "string",
- "description": "string",
- "repository_url": "string",
- "is_feedback_enabled": true,
- "fields": [
- {
- "graph_id": "string",
- "custom_label": "string",
- "custom_description": "string",
- "field_synonyms": [
- "string"
], - "inherited_field_synonyms": [
- "string"
], - "value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
], - "inherited_value_synonyms": [
- {
- "value": "string",
- "synonyms": [
- "string"
]
}
]
}
], - "recommended_visualization_groups": [
- {
- "name": "string",
- "description": "string",
- "recommended_visualizations": [
- {
- "expression": "string",
- "interpretation": "string",
- "colloquial_alias": "string"
}
]
}
]
}
}
Content exploration methods enable you to view:
Search Results: Explore your Tableau content based on relevance to a provided term and filter expression.
Usage Statistics: Get the count of the number of times a user has directly or indirectly accessed a specified content item, or a batch of content items. Satistics are available for workbooks, views, data sources, flows and other Tableau resources. The response contains counts for a variety of time periods, ranging from two weeks up to the resource's lifetime. Suggestions: Get suggestions for autocompletion as a user types, based on matches of their input. Searches across all supported content types for objects relevant to the specified term.
Gets usage statistics for multiple content items. The batch of can include multiple content types.
Version: Available in API 3.17 ( Tableau Cloud December 2022) and later. Not available for Tableau Server. Versioning Overview
Permissions: Tableau administrators can get statistics for all content they administer. Other users can get statistics for any content they own or have at least Read permissions for. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
Array of objects (tableau.usagestats.v1.ContentItemId) |
{- "content_items": [
- {
- "luid": "string",
- "type": "string"
}
]
}
{- "content_items": [
- {
- "content": {
- "luid": "string",
- "type": "string"
}, - "usage": {
- "hitsTotal": 0,
- "hitsLastTwoWeeksTotal": 0,
- "hitsLastOneMonthTotal": 0,
- "hitsLastThreeMonthsTotal": 0,
- "hitsLastTwelveMonthsTotal": 0
}
}
], - "errors": [
- {
- "httpErrorCode": 0,
- "message": "string"
}
]
}
Gets the usage statistics for a Tableau content item, specified by LUID and content type, such as workbook, datasource, or flow.
Version: Available in API 3.17 ( Tableau Cloud December 2022) and later. Not available for Tableau Server. Versioning Overview
Permissions: Tableau administrators can get statistics for all content they administer. Other users can get statistics for any content they own or have at least Read permissions for. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
type required | string The content type of the kind of resource being specified, for instance: |
luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "hitsTotal": 0,
- "hitsLastTwoWeeksTotal": 0,
- "hitsLastOneMonthTotal": 0,
- "hitsLastThreeMonthsTotal": 0,
- "hitsLastTwelveMonthsTotal": 0
}
Searches across all supported content types for objects relevant to the search expression specified in the querystring of the request URI.
Version: Available in API 3.16 ( Tableau Cloud June 2022 / Server 2022.3) and later. Versioning Overview
Permissions: Search results will be limited to those objects that the user has permissions to access. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
For example, MY_SERVER/api/-/search?terms=productID
could return the Sales
workbook that contains a data field named productID
as well as Superstore database containing a table with a column named productID
.
Query parameters can be combined to refine your search. For instance, the request for a search on the term "sales", for workbooks created in 2021 or later, sorted by the number of times the content has been viewed since its creation, with smallest number of views first, would look like:
/search?terms=sales&filter=type:eq:workbook&tmodifiedTime:gte:2021&sort=hitsTotal:asc
Content types returned can include:
|
|
terms | string (Optional) One or more terms the search uses as the basis for which items are relevant to return. The items may be of any supported content type. The relevance may be assessed based on any element of a given item. If no terms are supplied, then results will be based filtering and page size limits. |
page | integer <int64> (Optional) The number of the page in the list response pages to return. Maximum number of items returned is 10,000 |
limit | integer <int32> (Optional) The number of items to return on each response page. The default is 10. |
order_by | string Enum: "hitsTotal" "hitsSmallSpanTotal" "hitsMediumSpanTotal" "hitsLargeSpanTotal" "downstreamWorkbookCount"
Append Your search expression can have more than one comma separated |
filter | string (Optional) An expression to filter the response using one of the following parameters, or a combination of expressions separated by a comma.
2022 / Server 2022.3) and later.* or:
or or:
or
For more information about filter expressions, see Filtering and Sorting in the Tableau REST API. |
{- "next": "string",
- "prev": "string",
- "pageIndex": 0,
- "startIndex": 0,
- "total": 0,
- "limit": 0,
- "items": [
- {
- "uri": "string",
- "content": {
- "property1": { },
- "property2": { }
}
}
]
}
Returns a specified number of suggestions for auto-completion of user input as they type. You can specify content types of suggestions and prioritize recently viewed content.
Version: Available in API 3.19 ( Tableau Cloud March 2023 / Server 2023.1) and later. Versioning Overview
Permissions: Suggestions will be limited to those objects that the user has permissions to access. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
terms required | string The term that is matched to find suggestions. |
limit | integer <int32> The number of suggestions to return. The default is 10. |
recentsLuids | string A comma separated list of luids that will be prioritized in scoring of content items matched to suggest. |
filter | string A filter to restrict suggestions to specified content types. The supported operators are: |
{- "terms": "string",
- "filter": "string",
- "sort": "string",
- "hits": {
- "next": "string",
- "prev": "string",
- "pageIndex": 0,
- "startIndex": 0,
- "total": 0,
- "limit": 0,
- "items": [
- {
- "uri": "string",
- "content": {
- "property1": { },
- "property2": { }
}
}
]
}
}
Using these methods you can:
Configure a custom domain that allows users to access your Tableau Cloud site using the domain name of your choice.
Update the settings of a custom domain.
Delete a custom domain.
Get the name of a custom domain, if configured for the site.
Setup Steps to Enable a Custom Domain The steps for enabling a custom domain for a Tableau Cloud site include:
Create Tableau settings for you custom domain using Create custom domain settings.
Use the intermediate domain name in the response to configure CNAME for your custom domain name in your DNS service.
Initiate verification by making a request to Update custom domain settings using your custom domain name and the CnameVerificationRequested
status. If successful, this will return the status CnameVerificationSucceeded
.
Get a TLS certificate for the custom domain you chose. Ensure that the certificate meets the following criteria:
The CN on the certificate matches custom domain
The certificate uses an RSA algorithm.
Private key is at least 2048 bits.
Expiry date is not before 90 days and not after 365 days in future.
The certificate chain you upload should include full chain in this order: identity cert -> intermediate cert(s) -> root cert
.
The certificate chain and private key should be in PEM format.
Complete setup by making another request to Update custom domain settings using your custom domain name, TLS certificate (including chain), the TLS private key, and the CnameVerificationSucceeded
status.
Starts the process of custom domain setup for a Tableau site.
For more information, see Setup Steps to Enable a Custom Domain.
Version: Available in API 3.21 (Tableau Cloud October 2023) and later. Not available for Tableau Server. Versioning Overview
Permissions: Only users with administrator permissions can create a custom domain for a site. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud
site_luid required | string The LUID of the Tableau site associated with the custom domain. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
site_luid | string The LUID of the Tableau site associated with the custom domain. |
custom_domain | string The custom domain associated with the Tableau site. |
status | string Enum: "Requested" "CnameVerificationRequested" "CnameVerificationInProgress" "CnameVerificationFailed" "CnameVerificationSuccess" "Provisioning" "Deleting" "CustomDomainProvisioned" The provisioning status of the custom domain. |
tls_certificate | string The TLS certificate for the custom domain, including the CA certs. |
tls_certificate_private_key | string The private key corresponding to the TLS certificate. |
{- "site_luid": "string",
- "custom_domain": "string",
- "status": "Requested",
- "tls_certificate": "string",
- "tls_certificate_private_key": "string"
}
{- "site_luid": "string",
- "custom_domain": "string",
- "intermediate_domain": "string",
- "status": "Requested",
- "request_initiation_date": "string",
- "tls_certificate_uploaded_date": "string",
- "tls_certificate_expiry_date": "string",
- "certificate_update_in_progress": true,
- "last_error": "string"
}
Deletes the custom domain setup for a Tableau site.
Version: Available in API 3.21 (Tableau Cloud October 2023) and later. Not available for Tableau Server. Versioning Overview
Permissions: Only users with administrator permissions can view a site's custom domain settings. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud
site_luid required | string The LUID of the Tableau site associated with the custom domain. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "site_luid": "string"
}
Gets the custom domain settings for a Tableau site.
Version: Available in API 3.21 (Tableau Cloud October 2023) and later. Not available for Tableau Server. Versioning Overview
Permissions: Only users with administrator permissions can view a site's custom domain settings. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud
site_luid required | string The LUID of the Tableau site. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "site_luid": "string",
- "custom_domain": "string",
- "intermediate_domain": "string",
- "status": "Requested",
- "request_initiation_date": "string",
- "tls_certificate_uploaded_date": "string",
- "tls_certificate_expiry_date": "string",
- "certificate_update_in_progress": true,
- "last_error": "string"
}
Updates the custom domain setup for a Tableau site.
For more information, see Setup Steps to Enable a Custom Domain.
Version: Available in API 3.21 (Tableau Cloud October 2023) and later. Not available for Tableau Server. Versioning Overview
Permissions: Only users with administrator permissions can update a site's custom domain settings. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud
site_luid required | string The LUID of the Tableau site associated with the custom domain. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
site_luid | string The LUID of the Tableau site associated with the custom domain. |
custom_domain | string The custom domain associated with the Tableau site. |
status | string Enum: "Requested" "CnameVerificationRequested" "CnameVerificationInProgress" "CnameVerificationFailed" "CnameVerificationSuccess" "Provisioning" "Deleting" "CustomDomainProvisioned" The provisioning status of the custom domain. |
tls_certificate | string The TLS certificate for the custom domain, including the CA certs. |
tls_certificate_private_key | string The private key corresponding to the TLS certificate. |
{- "site_luid": "string",
- "custom_domain": "string",
- "status": "Requested",
- "tls_certificate": "string",
- "tls_certificate_private_key": "string"
}
{- "site_luid": "string",
- "custom_domain": "string",
- "intermediate_domain": "string",
- "status": "Requested",
- "request_initiation_date": "string",
- "tls_certificate_uploaded_date": "string",
- "tls_certificate_expiry_date": "string",
- "certificate_update_in_progress": true,
- "last_error": "string"
}
Gets the custom domain for a Tableau site, if one is provisioned. For more information about how, see Using Custom Domains.
Version: Available in API 3.21 (Tableau Cloud October 2023) and later. Not available for Tableau Server. Versioning Overview
Permissions: Can be called by any user that is a member of the site associated with the custom domain. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud
site_luid required | string The LUID of the Tableau site associated with the custom domain. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "site_luid": "string",
- "custom_domain": "string"
}
Enable and configure security for dashboard extensions on sites and, for on premise installations, on servers. With these extensions you can add custom features to a dashboard using JavaScript.
Using the extension methods of the Tableau Server REST API you can:
This functionality relates to the UI elements and concepts described at Manage Dashboard Settings.
Lists the dashboard extension settings of a server.
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "block_list_items": [
- {
- "url": "string",
- "block_list_item_luid": "string"
}
], - "extensions_enabled": true
}
Updates the settings for dashboard extensions of a server
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
Array of objects (tableau.extensions.dashboard.v1.BlockListItem) | |
extensions_enabled | boolean Specifies whether sandboxed extensions are allowed to run on the site. |
{- "block_list_items": [
- {
- "url": "string",
- "block_list_item_luid": "string"
}
], - "extensions_enabled": true
}
{- "block_list_items": [
- {
- "url": "string",
- "block_list_item_luid": "string"
}
], - "extensions_enabled": true
}
Adds a dashboard extension to the block list of a server.
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
url | string Location of the dashboard extension to be blocked from a site. |
block_list_item_luid | string |
{- "url": "string",
- "block_list_item_luid": "string"
}
{- "url": "string",
- "block_list_item_luid": "string"
}
Lists the dashboard extensions on the blocked list of a server.
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "block_list_items": [
- {
- "url": "string",
- "block_list_item_luid": "string"
}
]
}
Gets the details of a specific dashboard extension on the blocked list of a server.
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
block_list_item_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "url": "string",
- "block_list_item_luid": "string"
}
Deletes a specific extension from the block list of a server.
Version: Available in API 3.11 ( Tableau Server 2021.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
block_list_item_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "httpErrorCode": "string",
- "message": "string"
}
Lists the dashboard extension settings of the site you are signed into.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "extensions_enabled": true,
- "allow_sandboxed": true,
- "safe_list_items": [
- {
- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
]
}
Updates the settings for dashboard extensions for the site you are signed into.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
extensions_enabled | boolean Specifies whether extensions are allowed to run on the site. |
allow_sandboxed | boolean Specifies whether sandboxed extensions are allowed to run on the site. |
Array of objects (tableau.extensions.dashboard.v1.SafeListItem) |
{- "extensions_enabled": true,
- "allow_sandboxed": true,
- "safe_list_items": [
- {
- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
]
}
{- "extensions_enabled": true,
- "allow_sandboxed": true,
- "safe_list_items": [
- {
- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
]
}
Adds a dashboard extension to the safe list of the site you are signed into.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
safe_list_item_luid | string |
url | string Location (URL) of the dashboard extension to be allowed on a site. |
allow_full_data | boolean When true, the extension has access to underlying data of a workbook. This setting is only effective when the extension is on the site safe list. Default is false. |
prompt_needed | boolean When true, the user will be prompted to grant an extension access to the underlying data of a workbook. This setting is only effective when the extension is on the site safe list. Default is false. |
{- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
{- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
Lists the dashboard extensions on the safe list of the site you are signed into.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: This method can only be called by users with server or site administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "safe_list_items": [
- {
- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
]
}
Deletes a specific dashboard extension from the safe list of the site you are signed into.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: Can only be called by users with site or server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
safe_list_item_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "httpErrorCode": "string",
- "message": "string"
}
Gets the details of a specific dashboard extension on the safe list of the site you are signed into.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: Can only be called by users with site or server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
safe_list_item_luid required | string |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
Updates the settings of a specific dashboard extension in the safe list of the site you are signed into.
Version: Available in API 3.11 (Tableau Cloud March 2021 / Server 2021.1) and later. Versioning Overview
Permissions: Can only be called by users with site or server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Cloud | Server-Windows | Server-Linux
safe_list_item_luid required | any |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
safe_list_item_luid | string |
url | string Location (URL) of the dashboard extension to be allowed on a site. |
allow_full_data | boolean When true, the extension has access to underlying data of a workbook. This setting is only effective when the extension is on the site safe list. Default is false. |
prompt_needed | boolean When true, the user will be prompted to grant an extension access to the underlying data of a workbook. This setting is only effective when the extension is on the site safe list. Default is false. |
{- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
{- "safe_list_item_luid": "string",
- "url": "string",
- "allow_full_data": true,
- "prompt_needed": true
}
Identity pools are an identity management tool that uses provisioning and authentication information to enable user access to Tableau Server. Identity pools enable a more centralized and flexible identity management workflow. For more information, see Provision and Authenticate Users Using Identity Pools in the Tableau Server Help.
The identity pools methods allow you to:
Provision users by creating a new local identity store instance. Note: Skip this step to use an existing local identity store or the external identity store you configured in TSM during Tableau Server setup.
Set up an authentication method to authenticate your users to Tableau Server using OpenID Connect (OIDC).
Create an identity pool that uses the identity store and authentication method you configured.
Add users to an identity pool using the Add User to Identity Pool endpoint using the Tableau REST API.
Refer to the Tableau Server Help for testing, managing, and troubleshooting identity pools.
Note: Identity pools do not replace the user provisioning and authentication configurations you made during Tableau Server setup. The purpose of identity pools is to complement and support additional user provisioning and authentication options you might need in your organization.
Before getting started with identity pools, the following requirements must be met:
You can use the Identity Pools Postman collection in the Salesforce Developer's Postman workspace to learn about, develop, and test the methods described.
This functionality relates to the concepts and procedures described in the Set Up and Manage Identity Pools topic in the Tableau Server Help.
Create an instance of OpenID Connect (OIDC) authentication.
For more information, see Step 3: Set up authentication in the Tableau Server Help.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
auth_type | string Value: "OIDC" Required. Authentication type. |
iframed_idp_enabled | boolean Allows the identity provider (IdP) to authenticate inside of an iFrame. The IdP must disable clickjack protection to allow iFrame presentation. Default value is 'false'. |
object (tableau.authn.v1.OidcConfig) |
{- "auth_type": "OIDC",
- "iframed_idp_enabled": true,
- "oidc": {
- "client_id": "string",
- "client_secret": "string",
- "config_url": "string",
- "custom_scope": "string",
- "id_claim": "string",
- "username_claim": "string",
- "client_authentication": "string",
- "essential_acr_values": "string",
- "voluntary_acr_values": "string",
- "prompt": "string",
- "connection_timeout": 0,
- "read_timeout": 0,
- "ignore_domain": true,
- "ignore_jwk": true
}
}
{- "auth_configuration": {
- "id": 0,
- "created_at": "string",
- "updated_at": "string",
- "auth_type": "OIDC",
- "iframed_idp_enabled": true,
- "oidc": {
- "client_id": "string",
- "client_secret": "string",
- "config_url": "string",
- "custom_scope": "string",
- "id_claim": "string",
- "username_claim": "string",
- "client_authentication": "string",
- "essential_acr_values": "string",
- "voluntary_acr_values": "string",
- "prompt": "string",
- "connection_timeout": 0,
- "read_timeout": 0,
- "ignore_domain": true,
- "ignore_jwk": true
}
}
}
List information about all authentication instances.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "instances": [
- {
- "id": 0,
- "created_at": "string",
- "updated_at": "string",
- "auth_type": "OIDC",
- "iframed_idp_enabled": true,
- "oidc": {
- "client_id": "string",
- "client_secret": "string",
- "config_url": "string",
- "custom_scope": "string",
- "id_claim": "string",
- "username_claim": "string",
- "client_authentication": "string",
- "essential_acr_values": "string",
- "voluntary_acr_values": "string",
- "prompt": "string",
- "connection_timeout": 0,
- "read_timeout": 0,
- "ignore_domain": true,
- "ignore_jwk": true
}
}
]
}
Delete an authentication instance.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
id required | integer <int32> Required. Authentication instance ID. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "httpErrorCode": "string",
- "message": "string"
}
Update an authentication instance.
Note: The request body must specify all the required and desired parameters, not jus the parameters you want to update.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
id required | integer <int32> Required. Authentication instance ID. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
id | integer <int32> Required. Authentication instance ID. |
auth_type | string Value: "OIDC" Required. Authentication type. |
iframed_idp_enabled | boolean Allows the identity provider (IdP) to authenticate inside of an iFrame. The IdP must disable clickjack protection to allow iFrame presentation. Default value is 'false'. |
object (tableau.authn.v1.OidcConfig) |
{- "id": 0,
- "auth_type": "OIDC",
- "iframed_idp_enabled": true,
- "oidc": {
- "client_id": "string",
- "client_secret": "string",
- "config_url": "string",
- "custom_scope": "string",
- "id_claim": "string",
- "username_claim": "string",
- "client_authentication": "string",
- "essential_acr_values": "string",
- "voluntary_acr_values": "string",
- "prompt": "string",
- "connection_timeout": 0,
- "read_timeout": 0,
- "ignore_domain": true,
- "ignore_jwk": true
}
}
{- "auth_configuration": {
- "id": 0,
- "created_at": "string",
- "updated_at": "string",
- "auth_type": "OIDC",
- "iframed_idp_enabled": true,
- "oidc": {
- "client_id": "string",
- "client_secret": "string",
- "config_url": "string",
- "custom_scope": "string",
- "id_claim": "string",
- "username_claim": "string",
- "client_authentication": "string",
- "essential_acr_values": "string",
- "voluntary_acr_values": "string",
- "prompt": "string",
- "connection_timeout": 0,
- "read_timeout": 0,
- "ignore_domain": true,
- "ignore_jwk": true
}
}
}
Create an identity pool.
For more information, see Step 4: Create an identity pool in the Tableau Server Help.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
name | string Required. Identity pool name. Must be unique. This name is visible on the Tableau Server landing page when users sign in. |
identity_store_instance | integer <int32> Required. ID of the identity store instance to configure with this identity pool. |
auth_type_instance | integer <int32> Required. ID of the authentication instance to configure with this identity pool. |
is_enabled | boolean Identity pool is enabled by default. |
description | string Identity pool description displayed to users when they sign in. |
{- "name": "string",
- "identity_store_instance": 0,
- "auth_type_instance": 0,
- "is_enabled": true,
- "description": "string"
}
{- "pool": {
- "identity_pool_id": {
- "value": "string"
}, - "identity_pool_name": "string",
- "identity_store_instance_id": 0,
- "auth_type_instance_id": 0,
- "is_enabled": true,
- "created_at": "string",
- "updated_at": "string",
- "description": "string",
- "identity_store_type": "LOCAL",
- "auth_type": "OIDC"
}
}
List all identity pools.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
{- "pools": [
- {
- "identity_pool_id": {
- "value": "string"
}, - "identity_pool_name": "string",
- "identity_store_instance_id": 0,
- "auth_type_instance_id": 0,
- "is_enabled": true,
- "created_at": "string",
- "updated_at": "string",
- "description": "string",
- "identity_store_type": "LOCAL",
- "auth_type": "OIDC"
}
]
}
Delete an identity pool.
Important: In Tableau Server, move users to
another identity pool before deleting an identity pool. Users will no longer
be able to sign in to Tableau Server unless they are a member of an identity
pool.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
uuid required | string Required. Identity pool ID. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "httpErrorCode": "string",
- "message": "string"
}
Get information about an identity pool.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
uuid required | string Required. Identity pool ID. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "pool": {
- "identity_pool_id": {
- "value": "string"
}, - "identity_pool_name": "string",
- "identity_store_instance_id": 0,
- "auth_type_instance_id": 0,
- "is_enabled": true,
- "created_at": "string",
- "updated_at": "string",
- "description": "string",
- "identity_store_type": "LOCAL",
- "auth_type": "OIDC"
}
}
Update information about an identity pool.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
uuid required | string Required. Identity pool ID. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
uuid | string Required. Identity pool ID. |
name | string Identity pool name. Must be unique. This name is visible on the Tableau Server landing page when users sign in. |
is_enabled | boolean Identity pool is enabled by default. |
description | string Identity pool description displayed to users when they sign in. |
{- "uuid": "string",
- "name": "string",
- "is_enabled": true,
- "description": "string"
}
{- "pool": {
- "identity_pool_id": {
- "value": "string"
}, - "identity_pool_name": "string",
- "identity_store_instance_id": 0,
- "auth_type_instance_id": 0,
- "is_enabled": true,
- "created_at": "string",
- "updated_at": "string",
- "description": "string",
- "identity_store_type": "LOCAL",
- "auth_type": "OIDC"
}
}
Configure a new local identity store to provision users.
For more information, see Step 2: Set up an identity store in the Tableau Server Help.
Note: This identity store is in addition to the identity store you configured during Tableau Server setup.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
type | string Value: "0" Required. Identity store type used to provision users. Use 0 to configure a new local identity store. Note: Creating a new identity store of type Active Directory or LDAP is not supported. |
name | string Required. Identity store name. Must be unique. |
display_name | string Identity store display name. |
{- "type": "0",
- "name": "string",
- "display_name": "string"
}
{- "store_instance": {
- "id": 0,
- "type": "LOCAL",
- "name": "string",
- "display_name": "string",
- "created_at": "string",
- "updated_at": "string"
}
}
List information about all identity store instances used to provision users.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "instances": [
- {
- "id": 0,
- "type": "LOCAL",
- "name": "string",
- "display_name": "string",
- "created_at": "string",
- "updated_at": "string"
}
]
}
Delete an identity store.
Important: You cannot delete the identity store you configured during Tableau Server setup.
Version: Available in API 3.19 (Tableau Server 2023.1) and later. Not available for Tableau Cloud. Versioning Overview
Permissions: This method can only be called by users with server administrator permissions. Permissions Overview
License: No additional license required.
Access Scope: Not available.
Access Scopes Overview: Server-Windows | Server-Linux
id required | integer <int32> Required. Identity store ID. |
X-Tableau-Auth | string The Tableau authentication header. The value is a credentials token from a Tableau server's response to an authentication request. The Content-Type and Accept headers should be the mediatype of the request and response except in cases where you want to explicitly allow other versions of the resource. |
{- "httpErrorCode": "string",
- "message": "string"
}