I am using Connected Apps Direct Trust
Tableau Agent AI – Setup Summary & Authentication Issue
Objective
Set up Tableau Agent AI using the official Tableau-shared open-source repo:
https://github.com/tableau/tableau_langchain
Environment Setup
Cloned the GitHub repository
git clone https://github.com/tableau/tableau_langchain.git
Installed Python 3.12
Installed dependencies via pip install.
pip install -e .
pip install langchain-openai
pip install pinecone
pip install pinecone-client
pip install -U langchain langchain-openai
pip install dotenv
pip install langgraph
pip install PyJWT
pip install aiohttp
pip install langchain-tableau
pip install langchain-pinecone
pip install langchain-community
pip install Ipython
Copied and configured .env file with project-specific variables
copy .env.template .env
python -m venv tableau-ai-env
tableau-ai-env\Scripts\activate
Tableau Server Configuration
Enabled Connected Apps using TSM:
tsm configuration set -k features.EnableConnectedApps -v true
tsm pending-changes apply
tsm restart
Connected App Creation (Direct Trust)
Created a Connected App in Tableau Server Site using:
Site Setting -> Connected Apps tab -> Create Connected Apps - >Direct Trust
Enable the new created connected app
Successfully generated:
JWT Client ID
JWT Secret ID
JWT Secret Key
Current Issue
When running the Main.py, getting 401 authentication error:
RuntimeError: Failed to authenticate to the Tableau site. Status code: 401. Response: {"error":{"summary":"Signin Error","detail":"Error signing in to Tableau Server (16)","code":"401001"}}
Error from Tableau Logs
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:591) ~[httpcore-nio-4.4.16.jar:4.4.16]
at java.lang.Thread.run(Unknown Source) ~[?:?]
2025-07-08 16:39:20.392 -0700 6524 (-,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.app.vizportal.interceptors.LoggingInterceptor - Request received: POST for /3.21/auth/signin
2025-07-08 16:39:20.399 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JwtValidationFactory - Validating JWT via Connected Apps
2025-07-08 16:39:20.399 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JWTParser - Validating JWT with appropriate strategy
2025-07-08 16:39:20.414 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JwtValidationStrategy - Received JWT: JTI=f78b14b5-a3ef-4276-8a9a-ad3f3818de36, Issuer=6c250e2f-562e-46af-a7fe-fd56861e19a4, ExpirationTime=2025-07-08T23:44:20.000+0000, Audience=[tableau]
2025-07-08 16:39:20.414 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JwtValidationStrategy - Jwt Expiration Check Successful
2025-07-08 16:39:20.429 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.api.rest.util.RestApiControllerAdvice - com.tableausoftware.api.rest.exceptions.UnauthorizedRestException:Error signing in to Tableau Server (16)
2025-07-08 16:39:20.430 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.api.util.AuthLoggingInterceptor - Auth request completed: Path=/3.21/auth/signin UserAgent=python-requests/2.32.4 SiteNamespace=WFOCSCOS SiteName= SiteId= HttpStatusCode=401 Duration=38 TableauErrorSource=Client TableauStatusCode=7 TableauErrorCode=0x3FB56583 SpaceSeparatedCustomAttributes=JwtSignin DirectTrustSignIn
2025-07-08 16:39:20.430 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.app.vizportal.interceptors.LoggingInterceptor - Request completed: /3.21/auth/signin with status 401
2025-07-08 16:39:20.538 -0700 6524 (,,,,) I/O dispatcher 12 : ERROR com.tableausoftware.endeavour.client.impl.HttpResponseFutureCallback - [endeavour-edpa-007] bc2e9037-0994-4b07-b1cb-fb9c2d395423 has failed
java.io.IOException: An existing connection was forcibly closed by the remote host
at sun.nio.ch.SocketDispatcher.read0(Native Method) ~[?:?]
I am using Connected Apps Direct Trust
Tableau Agent AI – Setup Summary & Authentication Issue
Objective
Set up Tableau Agent AI using the official Tableau-shared open-source repo:
https://github.com/tableau/tableau_langchain
Environment Setup
Cloned the GitHub repository
git clone https://github.com/tableau/tableau_langchain.git
Installed Python 3.12
Installed dependencies via pip install.
pip install -e .
pip install langchain-openai
pip install pinecone
pip install pinecone-client
pip install -U langchain langchain-openai
pip install dotenv
pip install langgraph
pip install PyJWT
pip install aiohttp
pip install langchain-tableau
pip install langchain-pinecone
pip install langchain-community
pip install Ipython
Copied and configured .env file with project-specific variables
copy .env.template .env
python -m venv tableau-ai-env
tableau-ai-env\Scripts\activate
Tableau Server Configuration
Enabled Connected Apps using TSM:
tsm configuration set -k features.EnableConnectedApps -v true
tsm pending-changes apply
tsm restart
Connected App Creation (Direct Trust)
Created a Connected App in Tableau Server Site using:
Site Setting -> Connected Apps tab -> Create Connected Apps - >Direct Trust
Enable the new created connected app
Successfully generated:
JWT Client ID
JWT Secret ID
JWT Secret Key
Current Issue
When running the Main.py, getting 401 authentication error:
RuntimeError: Failed to authenticate to the Tableau site. Status code: 401. Response: {"error":{"summary":"Signin Error","detail":"Error signing in to Tableau Server (16)","code":"401001"}}
Error from Tableau Logs
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:591) ~[httpcore-nio-4.4.16.jar:4.4.16]
at java.lang.Thread.run(Unknown Source) ~[?:?]
2025-07-08 16:39:20.392 -0700 6524 (-,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.app.vizportal.interceptors.LoggingInterceptor - Request received: POST for /3.21/auth/signin
2025-07-08 16:39:20.399 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JwtValidationFactory - Validating JWT via Connected Apps
2025-07-08 16:39:20.399 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JWTParser - Validating JWT with appropriate strategy
2025-07-08 16:39:20.414 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JwtValidationStrategy - Received JWT: JTI=f78b14b5-a3ef-4276-8a9a-ad3f3818de36, Issuer=6c250e2f-562e-46af-a7fe-fd56861e19a4, ExpirationTime=2025-07-08T23:44:20.000+0000, Audience=[tableau]
2025-07-08 16:39:20.414 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.domain.user.externalauthorization.JwtValidationStrategy - Jwt Expiration Check Successful
2025-07-08 16:39:20.429 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.api.rest.util.RestApiControllerAdvice - com.tableausoftware.api.rest.exceptions.UnauthorizedRestException:Error signing in to Tableau Server (16)
2025-07-08 16:39:20.430 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.api.util.AuthLoggingInterceptor - Auth request completed: Path=/3.21/auth/signin UserAgent=python-requests/2.32.4 SiteNamespace=WFOCSCOS SiteName= SiteId= HttpStatusCode=401 Duration=38 TableauErrorSource=Client TableauStatusCode=7 TableauErrorCode=0x3FB56583 SpaceSeparatedCustomAttributes=JwtSignin DirectTrustSignIn
2025-07-08 16:39:20.430 -0700 6524 (,-,-,aG2sKIF6aIsFBQe1LqhbTgAAA-M,0:50f2ab3:1979fdfd3cf:5ceb) catalina-exec-12 vizportal: INFO com.tableausoftware.app.vizportal.interceptors.LoggingInterceptor - Request completed: /3.21/auth/signin with status 401
2025-07-08 16:39:20.538 -0700 6524 (,,,,) I/O dispatcher 12 : ERROR com.tableausoftware.endeavour.client.impl.HttpResponseFutureCallback - [endeavour-edpa-007] bc2e9037-0994-4b07-b1cb-fb9c2d395423 has failed
java.io.IOException: An existing connection was forcibly closed by the remote host
at sun.nio.ch.SocketDispatcher.read0(Native Method) ~[?:?]