10000 Tableau Cloud Add user function is missing IdpConfigurationId attribute (userItem.py). When Multiple SAML configurations exist, SAML users cannot be added · Issue #1598 · tableau/server-client-python · GitHub
[go: up one dir, main page]
Skip to content

Tableau Cloud Add user function is missing IdpConfigurationId attribute (userItem.py). When Multiple SAML configurations exist, SAML users cannot be added #1598

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Maitredata opened this issue Apr 25, 2025 · 2 comments
Closed

Tableau Cloud Add user function is missing IdpConfigurationId attribute (userItem.py). When Multiple SAML configurations exist, SAML users cannot be added #1598

Maitredata opened this issue Apr 25, 2025 · 2 comments

Comments

@Maitredata
Copy link
Maitredata commented Apr 25, 2025
edited
Loading

Describe the bug
Due to a recent API change, when using the add user to a site function for Tableau Cloud, there are additional attributes on the API call not yet present in the Tableau Server Client library.

Note the Add User to Site documentation: https://help.tableau.com/current/api/rest_api/en-us/REST/rest_api_ref_users_and_groups.htm#add_user_to_site

TSC currently is able to set the authSetting parameter in the call, which is an attribute in the userItem class. However, As of API 3.24, Tableau Cloud can create multiple authentication configurations, so the IdpConfigurationId attribute needs to be used instead. This is detailed on the page, but the attribute cannot yet be configured in TSC.

We had a support case where even though the user thought there was only one SAML configuration set, there was also the default "Initial SAML" option not visible in the UI, so it was necessary to use this.

Versions
Details of your environment, including:

  • Tableau Server version (or note if using Tableau Online): Using Tableau Online, 10AZ pod and Dub01 pod, must have more than 1 SAML configuration.
  • Python version: 3.13.3
  • TSC library version: 0.37 [Latest]

To Reproduce

  1. Start with a Tableau Cloud site with more than 1 SAML authentication Method
  2. In the TSC create a user item.
  3. Specify authSetting for new user as SAML
  4. Add the user to Tableau Cloud

Results
In the users page, the user auth method will list as "Unspecified"
User will be unable to log in with SP-initiated SAML
(In my test environment using Okta, IdP Initiated SAML login was working)

Login error will show as:
Remote IdP entity descriptor is not configured

Image

NOTE: Be careful not to post user names, passwords, auth tokens or any other private or sensitive information.
For further info, reach out to me internally or consult Internal work item.

SAMPLE CODE BELOW:

import tableauserverclient as TSC

TOKENNAME = ""
TOKENVALUE = ""
CONTENTURL = "siteurlhere"
SERVER = "https://10az.online.tableau.com/"

tableau_auth = TSC.PersonalAccessTokenAuth(TOKENNAME, TOKENVALUE, site_id=CONTENTURL)
server = TSC.Server(SERVER, use_server_version=True)
server.auth.sign_in(tableau_auth)
print(server.groups.get())
userToAdd = TSC.UserItem("user@salesforce.com", "Explorer", auth_setting="SAML")

userToAdd.email = "user@salesforce.com"

# add the new user to the site
userToAdd = server.users.add(userToAdd)
print(userToAdd.name, userToAdd.site_role)
@jorwoods
Copy link
Contributor

This is still a WIP, but I don't have a way to configure a server with multiple IDPs to test. Can you see if this branch solves the issue?

https://github.com/jorwoods/server-client-python/tree/jorwoods/idp

At the moment, you can find the IDPs via server.sites.list_auth_configurations(). Then you would set that ID on the user_item.idp_configuration_id.

@bcantoni
Copy link
Contributor
bcantoni commented May 7, 2025

This is another issue on the same around multiple IDP: #1574

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bcantoni @jorwoods @Maitredata
0