> ## Documentation Index > Fetch the complete documentation index at: https://docs.open-metadata.org/llms.txt > Use this file to discover all available pages before exploring further. # Run the Tableau Connector Externally > Configure Tableau dashboard connections in OpenMetadata using YAML. Step-by-step guide for seamless data catalog integration and metadata extraction. export const CodePanel = ({children, fileName = 'config.yaml', showLineNumbers = false}) => { const codePanelRef = useRef(null); const codeContentRef = useRef(null); const isProgrammaticScroll = useRef(false); const hoverTimeout = useRef(null); useEffect(() => { let tries = 0; const wrapLines = () => { const root = codeContentRef.current; if (!root) return; const pres = Array.from(root.querySelectorAll('pre')); if (!pres.length) { if (tries++ < 20) requestAnimationFrame(wrapLines); return; } let globalLine = 1; pres.forEach(pre => { const code = pre.querySelector('code') || pre; if (!code || code.dataset.wrapped === 'true') return; const raw = code.textContent || ''; let lines = raw.split('\n'); while (lines[0] === '') lines.shift(); while (lines[lines.length - 1] === '') lines.pop(); code.innerHTML = lines.map(line => { const ln = globalLine++; const num = showLineNumbers ? `${ln}` : ''; const safe = line.replace(//g, '>') || ' '; return `${num}${safe}`; }).join(''); code.dataset.wrapped = 'true'; }); }; wrapLines(); }, [children, showLineNumbers]); useEffect(() => { const panel = codePanelRef.current; const content = codeContentRef.current; if (!panel || !content) return; const waitForLines = () => { const codeLines = content.querySelectorAll('.code-line'); if (!codeLines.length) { requestAnimationFrame(waitForLines); return; } setupHighlighting(codeLines); }; const setupHighlighting = codeLines => { const layout = panel.closest('.split-layout'); const sections = layout.querySelectorAll('.content-section'); const parseLines = str => { if (!str) return []; const out = []; str.split(',').forEach(p => { if (p.includes('-')) { const [s, e] = p.split('-').map(Number); for (let i = s; i <= e; i++) out.push(i); } else { const n = Number(p); if (!isNaN(n)) out.push(n); } }); return out; }; const clearHighlight = () => { codeLines.forEach(l => l.classList.remove('highlighted')); }; const highlight = lines => { clearHighlight(); lines.forEach(n => { const el = content.querySelector(`.code-line[data-line="${n}"]`); if (el) el.classList.add('highlighted'); }); }; const scrollToLines = lines => { if (!lines.length) return; const first = lines[0]; const targetLine = lines.length > 1 ? first : lines[0]; const el = content.querySelector(`.code-line[data-line="${targetLine}"]`); if (!el) return; isProgrammaticScroll.current = true; const containerRect = content.getBoundingClientRect(); const elRect = el.getBoundingClientRect(); const offset = elRect.top - containerRect.top + content.scrollTop; const TOP_PADDING = 16; content.scrollTo({ top: Math.max(offset - TOP_PADDING, 0), behavior: 'smooth' }); setTimeout(() => { isProgrammaticScroll.current = false; }, 200); }; const activate = (section, scroll) => { if (section.classList.contains('active')) return; sections.forEach(s => s.classList.remove('active')); section.classList.add('active'); const lines = parseLines(section.dataset.lines); highlight(lines); if (scroll) scrollToLines(lines); }; const observer = new IntersectionObserver(entries => { if (isProgrammaticScroll.current) return; entries.forEach(e => { if (e.isIntersecting) activate(e.target, false); }); }, { threshold: 0.3, rootMargin: '-80px 0px -40% 0px' }); sections.forEach(section => { observer.observe(section); section.addEventListener('click', () => activate(section, true)); section.addEventListener('mouseenter', () => { clearTimeout(hoverTimeout.current); hoverTimeout.current = setTimeout(() => activate(section, true), 80); }); }); if (sections[0]) activate(sections[0], false); }; waitForLines(); }, []); const handleCopy = e => { const btn = e.currentTarget; const codeLines = codeContentRef.current?.querySelectorAll('.code-line'); if (!codeLines || codeLines.length === 0) return; const text = Array.from(codeLines).map(line => { const clone = line.cloneNode(true); const lineNumber = clone.querySelector('.line-number'); if (lineNumber) lineNumber.remove(); return clone.textContent; }).join('\n'); if (!text) return; navigator.clipboard.writeText(text).then(() => { btn.dataset.copied = 'true'; setTimeout(() => btn.dataset.copied = 'false', 1500); }); }; return

{fileName}

{children}

; }; export const ContentSection = ({id, title, lines, children}) =>

{title &&

{title}

} {children}

; export const ContentPanel = ({children}) =>

{children}

; export const CodePreview = ({children}) => { const [instanceId] = useState(() => `preview-${Math.random().toString(36).slice(2)}`); useEffect(() => { const nav = document.querySelector('nav') || document.querySelector('header') || document.querySelector('[class*="nav"]'); if (nav) { document.documentElement.style.setProperty('--navbar-height', `${nav.offsetHeight}px`); } }, []); return

{children}

; }; export const ConnectorDetailsHeader = ({name, icon, stage, availableFeatures, unavailableFeatures = [], availableFeaturesCollate = []}) => { const showSubHeading = availableFeatures?.length > 0 || unavailableFeatures?.length > 0 || availableFeaturesCollate?.length > 0; const totalAvailableFeatures = [...availableFeatures || [], ...availableFeaturesCollate || []]; return

{icon &&

}

{name}

{stage}

{showSubHeading &&

Feature List

{totalAvailableFeatures.map(feature =>

✓ {feature}

)} {unavailableFeatures.map(feature =>

✕ {feature}

)}

}

; }; In this section, we provide guides and references to use the Tableau connector. **Supported Authentication Types:** * **Basic Auth** — Username and password authentication * **Access Token Auth** — Personal access token name and secret for token-based authentication Configure and schedule Tableau metadata and profiler workflows from the OpenMetadata UI: * [Requirements](#requirements) * [Metadata Ingestion](#metadata-ingestion) * [Enable Security](#securing-tableau-connection-with-ssl-in-openmetadata) ## How to Run the Connector Externally To run the Ingestion via the UI you'll need to use the OpenMetadata Ingestion Container, which comes shipped with custom Airflow plugins to handle the workflow deployment. If, instead, you want to manage your workflows externally on your preferred orchestrator, you can check the following docs to run the Ingestion Framework **anywhere**. Get more information about running the Ingestion Framework Externally ## Requirements To ingest tableau metadata, minimum `Site Role: Viewer` is required for the tableau user. To create lineage between tableau dashboard and any database service via the queries provided from Tableau Metadata API, please enable the Tableau Metadata API for your tableau server. For more information on enabling the Tableau Metadata APIs follow the link [here](https://help.tableau.com/current/api/metadata_api/en-us/docs/meta_api_start.html) * If using a **default site** on Tableau Server, leave the **Site Name** fields **blank** in the ingestion configuration. * Ensure that the **Metadata API** is enabled for the user performing the ingestion. If it is not enabled, ingestion may fail. Follow the official Tableau documentation to [enable the Metadata API](https://help.tableau.com/current/api/metadata_api/en-us/docs/meta_api_start.html#enable-the-tableau-metadata-api-for-tableau-server). * As of OpenMetadata versions `1.7.4` and `1.7.5`, the `siteUrl` field has been removed from the Tableau connector configuration. This change was intentional, as confirmed in the release commit. * To connect to a non-default Tableau site, use the `siteName` field instead. The Tableau Python SDK does not require `siteUrl` for authentication. * Ensure the `siteName` field is correctly populated (do not use `*`) to enable successful metadata ingestion for multi-site Tableau environments. ### Python Requirements We have support for Python versions **3.9-3.11** To run the Tableau ingestion, you will need to install: ```bash theme={null} pip3 install "openmetadata-ingestion[tableau]" ``` ## Metadata Ingestion All connectors are defined as JSON Schemas. [Here](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/entity/services/connections/dashboard/tableauConnection.json) you can find the structure to create a connection to Tableau. In order to create and run a Metadata Ingestion workflow, we will follow the steps to create a YAML configuration able to connect to the source, process the Entities if needed, and reach the OpenMetadata server. The workflow is modeled around the following [JSON Schema](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/metadataIngestion/workflow.json) ### 1. Define the YAML Config Configure the source type and service name for your Tableau connector. **For Basic Authentication:** **Username**: The name of the user whose credentials will be used to sign in. **Password**: The password of the user. **hostPort**: URL or IP address of your installation of Tableau Server. **siteName**: Tableau Site Name. This corresponds to the `contentUrl` attribute in the Tableau REST API. The `site_name` is the portion of the URL that follows the `/site/` in the URL. **paginationLimit**: The pagination limit will be used while querying the Tableau Graphql endpoint to get the data source information. Default is `10`. **apiVersion**: Tableau API version. If not provided, the version will be used from the Tableau server automatically. A list of versions can be found [here](https://help.tableau.com/current/api/rest_api/en-us/REST/rest_api_concepts_versions.htm). **proxyURL**: Optional proxy URL for the Tableau server. If not provided, the hostPort will be used. This is used to generate the dashboard and chart URLs. **verifySSL**: Client SSL verification. Make sure to configure the SSLConfig if enabled. Supported values `no-ssl`, `ignore`, `validate`. **sslConfig**: Client SSL configuration. The `sourceConfig` is defined [here](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/metadataIngestion/dashboardServiceMetadataPipeline.json): * **dbServiceNames**: Database Service Names for ingesting lineage if the source supports it. * **dashboardFilterPattern**, **chartFilterPattern**, **dataModelFilterPattern**: Note that all of them support regex as include or exclude. E.g., "My dashboard, My dash.\*, .\*Dashboard". * **projectFilterPattern**: Filter the tableau dashboards, charts and data sources by projects. Note that all of them support regex as include or exclude. E.g., "My project, My proj.\*, .\*Project". * **includeOwners**: Set the 'Include Owners' toggle to control whether to include owners to the ingested entity if the owner email matches with a user stored in the OM server as part of metadata ingestion. If the ingested entity already exists and has an owner, the owner will not be overwritten. * **includeTags**: Set the 'Include Tags' toggle to control whether to include tags in metadata ingestion. * **includeDataModels**: Set the 'Include Data Models' toggle to control whether to include tags as part of metadata ingestion. * **markDeletedDashboards**: Set the 'Mark Deleted Dashboards' toggle to flag dashboards as soft-deleted if they are not present anymore in the source system. To send the metadata to OpenMetadata, it needs to be specified as `type: metadata-rest`.

The main property here is the `openMetadataServerConfig`, where you can define the host and security provider of your OpenMetadata installation.

**Logger Level** You can specify the `loggerLevel` depending on your needs. If you are trying to troubleshoot an ingestion, running with `DEBUG` will give you far more traces for identifying issues.

**JWT Token** JWT tokens will allow your clients to authenticate against the OpenMetadata server. To enable JWT Tokens, you will get more details [here](/deployment/security/enable-jwt-tokens). You can refer to the JWT Troubleshooting section [link](/deployment/security/jwt-troubleshooting) for any issues in your JWT configuration.

**Store Service Connection** If set to `true` (default), we will store the sensitive information either encrypted via the Fernet Key in the database or externally, if you have configured any [Secrets Manager](/deployment/secrets-manager). If set to `false`, the service will be created, but the service connection information will only be used by the Ingestion Framework at runtime, and won't be sent to the OpenMetadata server.

**SSL Configuration** If you have added SSL to the [OpenMetadata server](/deployment/security/enable-ssl), then you will need to handle the certificates when running the ingestion too. You can either set `verifySSL` to `ignore`, or have it as `validate`, which will require you to set the `sslConfig.caCertificate` with a local path where your ingestion runs that points to the server certificate file. Find more information on how to troubleshoot SSL issues [here](/deployment/security/enable-ssl/ssl-troubleshooting).

**ingestionPipelineFQN** Fully qualified name of ingestion pipeline, used to identify the current ingestion pipeline.

```yaml theme={null} source: type: tableau serviceName: local_tableau serviceConnection: config: type: Tableau # authType: # username: username # password: password # authType: # personalAccessTokenName: personal_access_token_name # personalAccessTokenSecret: personal_access_token_secret hostPort: http://localhost # REQUIRED - Tableau Server URL siteName: site_name # apiVersion: "3.15" # Optional - auto-detected from server if not provided paginationLimit: 10 # proxyURL: http://proxy.example.com # Optional - used for dashboard/chart URL generation # verifySSL: no-ssl # sslMode: disable # sslConfig: # caCertificate: | # -----BEGIN CERTIFICATE----- # sample certificate # -----END CERTIFICATE----- # sslCertificate: | # -----BEGIN CERTIFICATE----- # sample certificate # -----END CERTIFICATE----- # sslKey: | # -----BEGIN PRIVATE KEY----- # sample certificate # -----END PRIVATE KEY----- ``` ```yaml theme={null} sourceConfig: config: type: DashboardMetadata # lineageInformation: # dbServiceNames: # - service1 # - service2 # dashboardFilterPattern: # includes: # - dashboard1 # - dashboard2 # excludes: # - dashboard3 # - dashboard4 # chartFilterPattern: # includes: # - chart1 # - chart2 # excludes: # - chart3 # - chart4 # projectFilterPattern: # includes: # - project1 # - project2 # excludes: # - project3 # - project4 # dataModelFilterPattern: # includes: # - dataModel1 # - dataModel2 # excludes: # - dataModel3 # - dataModel4 # includeOwners: false # true # markDeletedDashboards: true # false # markDeletedDataModels: true # false # includeTags: true # false # includeDataModels: true # false # includeDraftDashboard: true # false # overrideMetadata: false # true # overrideLineage: false # true ``` ```yaml theme={null} sink: type: metadata-rest config: {} ``` ```yaml theme={null} workflowConfig: loggerLevel: INFO # DEBUG, INFO, WARNING or ERROR openMetadataServerConfig: hostPort: "http://localhost:8585/api" authProvider: openmetadata securityConfig: jwtToken: "{bot_jwt_token}" ## Store the service Connection information storeServiceConnection: true # false ## Secrets Manager Configuration # secretsManagerProvider: aws, azure or noop # secretsManagerLoader: airflow or env ## If SSL, fill the following # verifySSL: validate # or ignore # sslConfig: # caCertificate: /local/path/to/certificate # ingestionPipelineFQN: . ## e.g., "my_redshift.metadata" ``` ### Example Source Configurations for default and non-default tableau sites #### 1. Sample config for default tableau site For a default tableau site the `siteName` field should be kept empty as shown in the below config. ```yaml theme={null} source: type: tableau serviceName: local_tableau serviceConnection: config: type: Tableau # For Tableau, choose one of basic or access token authentication # # For basic authentication # authType: # username: username # password: password # # For access token authentication # authType: # personalAccessTokenName: personal_access_token_name # personalAccessTokenSecret: personal_access_token_secret hostPort: http://localhost siteName: site_name sourceConfig: config: type: DashboardMetadata includeOwners: True markDeletedDashboards: True includeTags: True includeDataModels: True # lineageInformation: # dbServiceNames: # - service1 # - service2 # dashboardFilterPattern: # includes: # - dashboard1 # - dashboard2 # excludes: # - dashboard3 # - dashboard4 # chartFilterPattern: # includes: # - chart1 # - chart2 # excludes: # - chart3 # - chart4 # dataModelFilterPattern: # includes: # - datamodel1 # - datamodel2 # excludes: # - datamodel3 # - datamodel4 sink: type: metadata-rest config: {} workflowConfig: # loggerLevel: DEBUG # DEBUG, INFO, WARN or ERROR openMetadataServerConfig: hostPort: authProvider: ``` #### 2. Sample config for non-default tableau site For a non-default tableau site the `siteName` field is required. **Note**: If `https://xxx.tableau.com/#/site/sitename/home` represents the homepage url for your tableau site, the `sitename` from the url should be entered in the `siteName` field in the config below. ```yaml theme={null} source: type: tableau serviceName: local_tableau serviceConnection: config: type: Tableau # For basic authentication authType: username: username password: password # For access token authentication # authType: # personalAccessTokenName: personal_access_token_name # personalAccessTokenSecret: personal_access_token_secret hostPort: http://localhost siteName: openmetadata sourceConfig: config: type: DashboardMetadata # dbServiceNames: # - service1 # - service2 # dashboardFilterPattern: # includes: # - dashboard1 # - dashboard2 # excludes: # - dashboard3 # - dashboard4 # chartFilterPattern: # includes: # - chart1 # - chart2 # excludes: # - chart3 # - chart4 sink: type: metadata-rest config: {} workflowConfig: # loggerLevel: DEBUG # DEBUG, INFO, WARN or ERROR openMetadataServerConfig: hostPort: authProvider: ``` ## Securing Tableau Connection with SSL in OpenMetadata To establish secure connections between OpenMetadata and Tableau, in the `YAML` you can provide the CA certificate used for SSL validation by specifying the `caCertificate`. Alternatively, if both client and server require mutual authentication, you'll need to use all three parameters: `ssl key`, `ssl cert`, and `caCertificate`. In this case, `ssl_cert` is used for the client's SSL certificate, `ssl_key` for the private key associated with the SSL certificate, and `caCertificate` for the CA certificate to validate the server's certificate. ```yaml theme={null} sslConfig: caCertificate: "/path/to/ca_certificate" sslCertificate: "/path/to/your/ssl_cert" sslKey: "/path/to/your/ssl_key" ``` ### 2. Run with the CLI First, we will need to save the YAML file. Afterward, and with all requirements installed, we can run: ```bash theme={null} metadata ingest -c ``` Note that from connector to connector, this recipe will always be the same. By updating the YAML configuration, you will be able to extract metadata from different sources.