Tableau Lineage Scanner
Scanned and supported objects
Supported version
The scanner supports only Tableau Cloud and therefore the current version (Tableau 2023.3).
Scanned resources
The extracted metadata includes the following objects:
-
Site: Name, ID.
-
Project: Name, ID.
-
Workbooks: Name, ID, URI.
-
Data source: Name, ID, container name, description. Includes embedded and published data sources.
-
Fields: Name, ID, qualified name, description. Includes fields directly defined within the sheet and those belonging to another entity.
-
Calculated fields: Formula, list of fields that it is derived from.
-
Column fields: Fully qualified name, list of database columns the field is mapped to.
-
-
-
Sheets: Name, ID, path. Includes fields referenced on the sheet.
-
Dashboard: Name, ID. Includes fields referenced on the dashboard and lineage between the dashboard and sheets referenced from it. For each column field in a workbook, information about the database, tables, and columns they are mapped to is also retrieved.
-
Databases: Name, ID, connection type.
-
Tables: Name, ID, connection type.
-
Columns: Name, ID.
-
-
-
CustomSQLTable: Name, ID, query.
-
Supported connectivity
-
Connector type: REST API and Metadata API (GraphQL).
-
Authentication method: Username and Personal Access Token (PAT).
Tableau permissions
In Tableau, the following permissions must be configured for the user you are authenticating with:
-
You need to have permission to call the Tableau Metadata API. See the official Tableau documentation.
-
At minimum a Viewer role assigned, ideally Administrator or Explorer. Keep in mind that having a role with lower level permissions can result in an incomplete scan. Ideally, the assigned role should be Administrator or Explorer instead.
-
You can only retrieve assets (such as projects, workbooks, data sources) if you have View capabilities or higher assigned on them. For details, see the official Tableau documentation: View capabilities.
-
You have a valid Personal Access Token or you have set up a Connected App.
Scanner configuration
All fields marked with an asterisk (*) are mandatory.
| Property | Description |
|---|---|
|
Unique name for the scanner job. |
|
Specifies the source type to be scanned.
Must contain |
|
A human-readable description of the scan. |
|
List of Ataccama ONE connection names for future automatic pairing. |
|
Tableau Cloud admin (REST) API URL.
|
|
Name of the site you want to scan. |
|
Tableau service account token. For instructions about how to create tokens, see the official Tableau documentation: Service Account Tokens and Personal Access Tokens. |
|
Name of the access token. |
|
Path where the sign-in REST request is performed. See Signing In and Signing Out (Authentication). |
|
Version of the API to perform REST and GraphQL calls. See Fundamentals of the Tableau Server REST API. |
|
URL to send REST calls to. See Fundamentals of the Tableau Server REST API. |
|
List of projects that you want to scan. |
{
"scannerConfigs": [
{
"name": "TableauJobAta1",
"sourceType": "TABLEAU",
"description": "Scan Tableau platform",
"oneConnections": [
"Tableau connection",
"Other Tableau connection"
],
"inputDataCatalogFilePath": null,
"url": "prod-useast-b.online.tableau.com/",
"site": "asite",
"apiUrl": "api/3.21/",
"signUrl": "auth/signin",
"requestUrl": "relationship-service-war/graphql",
"tokenName": "@@ref:ata:[TABLEAU_TOKEN_NAME]",
"accessToken": "@@ref:ata:[TABLEAU_ACCESS_TOKEN]"
}
]
}FAQ
-
How long does it take to scan lineage from Tableau Cloud containing 50 workbooks?
If you are using GraphQL to scan, it should take about 40 minutes.
Was this page useful?