Authentication

The Tableau Next REST API uses JSON Web Tokens (JWT) for authentication. This ensures secure access to the API endpoints while maintaining stateless authentication.

To authenticate your requests to the Tableau Next REST API:

  1. Obtain an API key from your Tableau Next administrator
  2. Generate a JWT token using your API key
  3. Include the token in the Authorization header of your requests

Your API key is a sensitive credential that should be kept secure. Best practices include:

  • Store API keys in environment variables or secure credential stores
  • Never commit API keys to version control
  • Rotate API keys periodically
  • Use different API keys for development and production environments

Include your JWT token in the Authorization header of your requests:

JWT tokens have an expiration time for security. Your application should:

  1. Check token expiration before making requests
  2. Refresh tokens before they expire
  3. Handle token expiration errors gracefully

To maintain the security of your API access:

  • Keep API keys and tokens secure
  • Use HTTPS for all API requests
  • Implement token refresh logic
  • Monitor API usage for suspicious activity
  • Follow the principle of least privilege when requesting access scopes