Tableau Personal Access Token
Description
General
- Documentation: https://help.tableau.com/current/api/rest_api/en-us/REST/rest_api_ref.htm
- Summary: Tableau is a Data Visualization platform. This detector catches the personal access tokens used to reach the API of the Tableau Server and Tableau Cloud products.
- IPs allowlist: It is possible to add trusted IP addresses or host names. [Trusted IP Addresses documentation] (https://help.tableau.com/current/server/en-us/trusted_auth_trustIP.htm).
- Scopes: The Server administrator can modify permissions for each user and API key. Users and groups permissions documentation.
Revoke the secret
From the Admin area it is possible to revoke access to any API keys, users can also revoke their own keys from their account settings. Personal Access Tokens documentation.
Check for suspicious activity
This feature is not available.
Details for Tableau pat
-
Family: Api
-
Category: Other
-
Company: Tableau Software
-
High recall: False
-
Validity check available: False
-
Analyzer available: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 0.07
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- tableau
- personalaccesstokenauth
Examples
- text: +tableau_auth = TSC.PersonalAccessTokenAuth(
+ "google",
+ "yPpTjHqKSmadrb4/D4+fwQ==:NThFOCjyrboMzhdOuhKgC0eg4t10SSND",
+ site_id="ggle_site",
+)
apikey: yPpTjHqKSmadrb4/D4+fwQ==:NThFOCjyrboMzhdOuhKgC0eg4t10SSND
- text: tableau_auth = TSC.PersonalAccessTokenAuth('user', 'WLQKWBs1TnuBx4G7gIzz/w==:yDwZ74EWDPIgU6cSlz8RDJHp7CV2rtFP', 'usersite')
apikey: WLQKWBs1TnuBx4G7gIzz/w==:yDwZ74EWDPIgU6cSlz8RDJHp7CV2rtFP
- text:
http://34.124.166.158/api/3.17/sites/7ebac3d3-55b7-4cc1-87f3-e55da6ec1437/views -H "X-Tableau-Auth:tHc010hNQ_CZ9iIFjyidhw|aITMcKzT8GIXHGTkYFtskZqxLXUicj4u|7ebac3d3-55b7-4cc1-87f3-e55da6ec1437" --verbose
+which "X-Tableau
apikey: tHc010hNQ_CZ9iIFjyidhw|aITMcKzT8GIXHGTkYFtskZqxLXUicj4u
