Tableau API
| title | description | updated_date |
|---|---|---|
| Tableau API | Guide to Tableau API authentication, permissions, and access by enterprise account level | 2025-10-24T16:45:21Z |
This guide explains Tableau API authentication, permissions, and access based on different enterprise account levels. It covers how to authenticate using various methods, set permissions for users, and manage API access across different Tableau roles.
What we need
[] API Token [] Username and Password [] Site URL (Instance) [] Site ID [] Site Name
Tableau Enterprise Account Levels
Tableau offers different license types with varying levels of access and capabilities:
| License Type | Description | API Access |
|---|---|---|
| Creator | Full capabilities for creating, authoring, and publishing workbooks and data sources. Includes access to Tableau Desktop and Tableau Prep Builder. | Full API access |
| Explorer | Web-based authoring and collaboration capabilities. Can view and interact with workbooks and dashboards, but cannot connect to new data sources. | Limited API access |
| Viewer | Can view and interact with published workbooks and dashboards, add comments, and receive subscriptions and alerts. Cannot create or edit content. | Read-only API access |
API Rate Limit Restrictions by Account Level
Tableau Cloud implements rate limiting to ensure service availability for all users:
| Account Level | API Rate Limits |
|---|---|
| Standard | • 120 requests per minute• Maximum of 25 concurrent long-running requests (20+ seconds) |
| Enterprise | • 180 requests per minute• Maximum of 25 concurrent long-running requests (20+ seconds) |
| Tableau Cloud | • 240 requests per minute• Maximum of 25 concurrent long-running requests (20+ seconds) |
Note: Rate limits are subject to change. If you exceed these limits, the API will return a REQUEST_LIMIT_EXCEEDED exception code.
API Endpoint Access Restrictions by Account Level
| Feature | Creator | Explorer | Viewer |
|---|---|---|---|
| User Management API | ✅ (Admin only) | ❌ | ❌ |
| Content Management API | ✅ | ✅ (Limited) | ❌ |
| Data Source API | ✅ | ✅ (Limited) | ❌ |
| Workbook API | ✅ | ✅ (Limited) | ❌ |
| View API | ✅ | ✅ | ✅ (Read-only) |
| Metadata API | ✅ | ✅ | ✅ (Read-only) |
Note: Access to specific API endpoints can also be influenced by the site role permissions and administrator settings.
Permissions/RBAC Limitations by Account Level
Tableau uses a robust permissions model that determines what actions users can perform on content:
| Permission Type | Creator | Explorer | Viewer |
|---|---|---|---|
| View | ✅ | ✅ | ✅ |
| Filter | ✅ | ✅ | ✅ |
| Comment | ✅ | ✅ | ✅ |
| Export Image | ✅ | ✅ | ✅ |
| Export Data | ✅ (Full) | ✅ (Limited) | ❌ |
| Web Edit | ✅ | ✅ | ❌ |
| Download | ✅ | ✅ (Limited) | ❌ |
| Share | ✅ | ✅ | ✅ (Limited) |
| Move | ✅ | ✅ (Limited) | ❌ |
| Delete | ✅ | ❌ | ❌ |
| Set Permissions | ✅ (Full) | ❌ | ❌ |
Note: Actual permissions depend on the specific settings configured by site administrators.
Authentication Methods
Tableau REST API supports the following authentication methods:
Personal Access Token (PAT) - Recommended
- More secure than username/password
- Required if multi-factor authentication (MFA) is enabled
- Note: Expires automatically if unused for 15 consecutive days or based on the site’s settings.
- On Tableau Cloud, expiration depends on site settings
- On Tableau Server, expires after one year by default
Username and Password
- Basic authentication method
- This method is not supported when MFA (Multi-Factor Authentication) is enabled on Tableau Cloud.
- Not recommended for production environments
JSON Web Token (JWT)
- Used with Tableau Connected Apps
- Supports specific access scopes
- Available for a subset of REST API methods
- Requires setup by a Tableau administrator for connected apps.
How to Enable Permissions in Tableau Cloud
Step 1: Understand Permission Hierarchy
Permissions in Tableau follow this hierarchy:
- Site roles (Creator, Explorer, Viewer) set the maximum permissions a user can have
- Project-level permissions set defaults for content in that project
- Content-level permissions will take precedence over project-level defaults if configured by the administrator.
Step 2: Configure Project Permissions
- Navigate to the project
- Open the Actions menu (…) and click Permissions
- Click + Add Group/User Rule to add permission rules
- Select a group or user and assign permissions to users/groups based on role and needs.
- Configure permissions for each content type (workbooks, data sources, etc.)
- Click Save
Step 3: Configure API Access
To enable API access for users:
- Ensure users have appropriate site roles (Creator or Explorer)
- Grant necessary permissions based on their role:
- For full API access: Assign Creator role
- For read-only API access: Assign the Explorer or Viewer role with the required permissions for specific actions (e.g., viewing data, running reports).
- For personal access tokens:
- Enable personal access tokens at the site level (Site Settings)
- Users must create their own tokens from their account settings
Step 4: Create Personal Access Tokens
Users can create personal access tokens for API authentication: Note: Token creation is only available if a Tableau administrator enables Personal Access Tokens at the site level for licensed accounts.
- Sign in to Tableau Cloud
- Click your profile icon in the top right
- Select My Account Settings
- Under Personal Access Tokens, click Create new token
- Enter a name for the token and click Create
- Copy and securely store the token secret (it will only be shown once)
Documentation Resources
For more detailed information, refer to these official Tableau documentation resources: