Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.serval.com/llms.txt

Use this file to discover all available pages before exploring further.

About Tableau

Tableau is a visual analytics platform for exploring, analyzing, and sharing data. Connecting Tableau to Serval lets you automate user and group management, content permissions, site administration, and other operations exposed by Tableau’s REST API directly from your workflows.

What the Tableau integration enables

CapabilityDescription
Automation WorkflowsBuild Serval workflows to automate anything accessible via Tableau’s REST API
User ManagementCreate, update, and remove users on a site; assign site roles
Group ManagementCreate groups, add or remove members, sync from external identity sources
Content OperationsList, move, and manage workbooks, views, data sources, projects, and collections
PermissionsRead and update permissions on projects, workbooks, data sources, and other Tableau content
All resources exposed by the Tableau REST API are available to Serval workflows. The integration uses REST API version 3.24 and works with both Tableau Cloud and Tableau Server (2024.2 and later recommended for full feature parity).

Tableau Configuration

Prerequisites

Before configuring the Tableau integration in Serval, ensure you have:
  • A Tableau Cloud or Tableau Server account on the site you want to connect
  • A site role with enough privileges for the workflows you plan to build (Site Administrator Creator is recommended for full administration; lower roles work for read-only or content-scoped automation)
  • Permission to create Personal Access Tokens on the site
  • For Tableau Server: a site or server administrator must have enabled Personal Access Tokens in the site settings — they are off by default on some Server deployments
Personal Access Tokens act on behalf of the user that created them. Serval can only perform actions that user is allowed to perform. We recommend creating a dedicated service user (e.g., serval-integration) with the appropriate site role rather than using a personal account.

Step 1: Create a Personal Access Token

1

Sign in as the integration user

  1. Sign in to Tableau Cloud or Tableau Server as the user whose permissions Serval should inherit (ideally a dedicated service account).
  2. Make sure you are signed in to the specific site you want to connect — PATs are scoped to the site you create them on.
2

Open Account Settings

  1. Click your profile icon in the top-right corner.
  2. Select My Account Settings.
  3. Scroll down to the Personal Access Tokens section.
3

Create the token

  1. Enter a descriptive Token name (e.g., serval-integration). You will need this exact name when configuring Serval.
  2. Click Create Token.
  3. Copy the Secret that appears.
The token secret is shown only once. Copy it somewhere safe before closing the dialog. If you lose it, you must revoke the token and create a new one.
Tableau PATs expire after 15 days of non-use on Tableau Cloud (default), and the expiry policy is configurable on Tableau Server. Because Serval will use the token continuously, it should not expire under normal operation — but if the integration is paused for an extended period, you may need to recreate the token.

Step 2: Identify your Server URL

The Server URL is the host portion of your Tableau site URL, without the https:// prefix.
  • Tableau Cloud: open Tableau in your browser and look at the address bar. The host is the pod your site lives on, e.g. 10ax.online.tableau.com, us-east-1.online.tableau.com, prod-uk-a.online.tableau.com.
  • Tableau Server: use the hostname or fully-qualified domain your users navigate to (e.g., tableau.example.com).
FieldUseDon’t use
Server URL10ax.online.tableau.comhttps://10ax.online.tableau.com/

Step 3: Identify your Site Content URL

Tableau Cloud and multi-site Tableau Server deployments host each site under a path like /site/<site-content-url>/....
  • Default site (Tableau Server with a single site, or the Default site on Cloud): leave Site Content URL blank.
  • Named site: copy the slug that appears between /site/ and the next / in the browser URL.
For example, if you load Tableau and the URL is: 
https://10ax.online.tableau.com/#/site/acme-analytics/explore
then:
  • Server URL = 10ax.online.tableau.com
  • Site Content URL = acme-analytics

Serval Configuration

Once you have your Server URL, Site Content URL (if any), PAT name, and PAT secret, configure Serval:
1

Open the Tableau integration in Serval

  1. In Serval, go to Apps → Available → Tableau → Connect.
  2. The Tableau configuration form will appear.
2

Fill in the fields

FieldDescriptionExample
Server URLYour Tableau host, without https:// and without a trailing slash10ax.online.tableau.com
Site Content URLThe slug for the site to connect. Leave blank for the Default site.acme-analytics
Personal Access Token NameThe exact name you gave the PAT in Step 1serval-integration
Personal Access Token SecretThe secret value copied when the PAT was created••••••••••••
Enter the Server URL without the https:// prefix or a trailing slash. Serval normalizes the value, but providing the bare host avoids surprises.
3

Submit

  1. Click Submit.
  2. Serval signs in to Tableau using your PAT, retrieves a session token, and validates that it can reach the configured site.
You should now be able to build workflows that use Tableau APIs — managing users and groups, moving content, updating permissions, or any other operation in the Tableau REST API.

How authentication works

Serval does not call Tableau with your PAT directly on every request. Instead:
  1. When a workflow needs to call Tableau, Serval signs in by calling POST /api/3.24/auth/signin with your PAT name, PAT secret, and Site Content URL.
  2. Tableau returns a short-lived session token (X-Tableau-Auth) scoped to that site.
  3. Serval attaches the session token to subsequent REST API calls.
This means:
  • Only the PAT secret is stored as a credential — session tokens are obtained on demand.
  • Permissions, site, and authentication mode are all controlled by the user the PAT belongs to.
  • Rotating the PAT in Tableau and updating the Serval connection is a one-step credential rotation.

Troubleshooting

”Unable to connect to Tableau API” / sign-in fails

Most often this means the PAT is wrong, expired, or scoped to a different site.
  • Confirm the PAT Name matches the token name in Tableau exactly (case-sensitive).
  • Confirm the PAT Secret is the value you copied at creation time — Tableau will never show it again, so if in doubt, revoke and recreate.
  • Confirm the Site Content URL matches the site the PAT was created on. A PAT created on the acme-analytics site cannot sign in to the Default site, and vice versa.
  • On Tableau Server, confirm an administrator has enabled Personal Access Tokens for the site.

”Failed to access Tableau sites” / “Failed to access Tableau content”

Sign-in succeeded but the user behind the PAT does not have permission to read the resource:
  • Check the user’s site role. Read-only roles cannot list certain admin resources.
  • Check the user’s content permissions on the projects, workbooks, or data sources you are targeting.

Token stops working after a period of inactivity

Tableau Cloud PATs expire after a window of non-use (default 15 days). If your integration has been idle:
  1. Create a new PAT in Tableau using the same name (or a new name).
  2. In Serval, edit the Tableau integration and update the PAT Secret (and PAT Name if you changed it).

Server URL gets rejected or sign-in 404s

  • Make sure the Server URL is the bare host (e.g., 10ax.online.tableau.com), not a full URL.
  • Double-check the pod for Tableau Cloud — the host changes per region/pod and is part of the Cloud URL.
  • For Tableau Server, the URL must be reachable from Serval’s egress IPs over HTTPS on port 443.
Need help? Contact support@serval.com for assistance with your Tableau integration.