Tableau Personal Access Token

Description

General

• Documentation: https://help.tableau.com/current/api/rest_api/en-us/REST/rest_api_ref.htm
• Summary: Tableau is a Data Visualization platform. This detector catches the personal access tokens used to reach the API of the Tableau Server and Tableau Cloud products.
• IPs allowlist: It is possible to add trusted IP addresses or host names. [Trusted IP Addresses documentation] (https://help.tableau.com/current/server/en-us/trusted_auth_trustIP.htm).
• Scopes: The Server administrator can modify permissions for each user and API key. Users and groups permissions documentation.

Revoke the secret

From the Admin area it is possible to revoke access to any API keys, users can also revoke their own keys from their account settings. Personal Access Tokens documentation.

Check for suspicious activity

This feature is not available.

Details for Tableau pat

• Family: Api

• Category: Other

• Company: Tableau Software

• High recall: False

• Validity check available: False

• Minimum number of matches: 1

• Occurrences found for one million commits: 0.07

• Prefixed: False

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - tableau
    - personalaccesstokenauth

Examples

- text: +tableau_auth = TSC.PersonalAccessTokenAuth(
    +    "google",
    +    "yPpTjHqKSmadrb4/D4+fwQ==:NThFOCjyrboMzhdOuhKgC0eg4t10SSND",
    +    site_id="ggle_site",
    +)
  apikey: yPpTjHqKSmadrb4/D4+fwQ==:NThFOCjyrboMzhdOuhKgC0eg4t10SSND
- text: tableau_auth = TSC.PersonalAccessTokenAuth('user', 'WLQKWBs1TnuBx4G7gIzz/w==:yDwZ74EWDPIgU6cSlz8RDJHp7CV2rtFP', 'usersite')

  apikey: WLQKWBs1TnuBx4G7gIzz/w==:yDwZ74EWDPIgU6cSlz8RDJHp7CV2rtFP

- text:
    http://34.124.166.158/api/3.17/sites/7ebac3d3-55b7-4cc1-87f3-e55da6ec1437/views  -H "X-Tableau-Auth:tHc010hNQ_CZ9iIFjyidhw|aITMcKzT8GIXHGTkYFtskZqxLXUicj4u|7ebac3d3-55b7-4cc1-87f3-e55da6ec1437"  --verbose
    +which "X-Tableau
  apikey: tHc010hNQ_CZ9iIFjyidhw|aITMcKzT8GIXHGTkYFtskZqxLXUicj4u