9 Replies Latest reply on Jan 9, 2018 11:05 AM by Martin Pohlers

    REST API Authentication and percent sign in password

    Michel Roberge

      Hi all -

       

      One of our customers put a percent sign (%) in their password to the Tableau Server, and the REST API fails authenticating. Do I need to escape the character somehow?

       

      I think this question is related to these two threads:

       

      https://community.tableau.com/message/454295

      https://community.tableau.com/thread/225496

       

      Thanks,

       

      Michel

        • 1. Re: REST API Authentication and percent sign in password
          Jeff Strauss

          If possible, tell your customer to not use the percent sign %.  But if this is not possible, then you get into the encoding rabbit hole.  You may need to use 2 percent signs.  (i.e. pass%%Word123).

          • 2. Re: REST API Authentication and percent sign in password
            Michel Roberge

            Jeff, thanks for the suggestion. Unfortunately, it does not work. But I did some research, and if I replace the percent in a password by '%25' then it works.

             

            I wonder if this should be treated as a bug, or do I really need to implement this myself?

             

            I feel like this should be considered a bug...

            • 3. Re: REST API Authentication and percent sign in password
              Jeff Strauss

              I doubt they will admit to it being a bug, but rather it has to do with http communication / protocol.

               

              Is it possible to just use an application service account to login via the REST API?  How are you using it?

              • 4. Re: REST API Authentication and percent sign in password
                Michel Roberge

                I'm using the REST API fully as part of our integration. I can't control what password our customers will put as a password. Telling them not to use percent in a password is somewhat a weak solution to me.

                 

                On the other hand, even though I do have a solution, my current concern is what if I implement this change on my side, and then they decide it's a bug and fix it, which results in my side having to be fixed again... I'll open a case and see what they say.

                 

                Thanks,

                 

                Michel

                • 5. Re: REST API Authentication and percent sign in password
                  Donna Coles

                  HI Michel

                   

                  What version of Tableau are you running?

                   

                  When we upgraded to v9.0.3 we found passwords with £ signs stopped working (nothing to do with REST API calls, just standard authentication with the server via desktop or on the server directly).  Support acknowledged there was an issue with passwords containing some special characters which had been inadvertently introduced.  This got fixed in a later version of v9 ( I can't recall which exactly) though we didn't upgrade again until v10.1.1 recently.

                   

                  Have you verified whether the password works if the account tries to authenticate directly ie not using a REST API call?

                   

                  If it does work, then definitely worth opening a support call with Tableau.

                   

                  FYI - I have no experience in using REST API :-)

                   

                  Donna

                   

                   

                   

                  • 6. Re: REST API Authentication and percent sign in password
                    Michel Roberge

                    This is on 9.3. Normal login works, only the REST API fails, and only with the percent sign.

                    • 7. Re: REST API Authentication and percent sign in password
                      Donna Coles

                      Ok, thanks for the update.  Definitely raise to supprt - at the very least if its not a bug, they could author a KB article about it for future reference.

                       

                      Donna

                      • 8. Re: REST API Authentication and percent sign in password
                        Michel Roberge

                        I ended up opening a case to find out. They refered me to this thread:

                        Tableau Server REST API login problems --- escaping passwords with special characters

                        Which I had refered to myself in my original post. At least, we're on the same page.

                         

                        Tableau Support answer was:

                         

                        I have heard no indication that the method of handling these characters will be updated to remove this ability, since at this time this is the only method available to use the REST API with a password containing these characters.

                         

                         

                        It would seem if this is updated, it would be to allow the special characters to work when typed normally or to allow multiple special characters to be escaped in a single password. Please note that I am speculating on these changes; I have also not heard any information about those being implemented in any upcoming release of Tableau software.

                         

                         

                        Since the code you are using is not of the type referenced in the Community post above (percent encoding rather than XML or HTML escaping) I would recommend using the HTML escape code for this character, as this is a code fully understood by all browsers and many other programs used for coding and/or scripting. The HTML escape code for % is "%" (without the quotes). This code has been working correctly as long as I have known and should not be changed.

                         

                        So it should be treated as a technical challenge; probably should end up in the Knowledge Base.

                         

                        Michel

                        • 9. Re: REST API Authentication and percent sign in password
                          Martin Pohlers

                          I just tested this intensively with Alteryx with Tableau Server 10.40 and replied in more detail here.

                           

                          I could not get the % sign to work out all.

                          • Using it without escaping gave me back a bad request (HTTP/1.1 400 Bad Request)
                          • All replacements suggested in this post gave me erros:
                          • Replacing it with "%" gave me back unauthorized (HTTP/1.1 401 Unauthorized)
                          • Replacing it with "%25" gave me back unauthorized (HTTP/1.1 401 Unauthorized)
                          • Replacing it with "%%" gave me back a bad request (HTTP/1.1 400 Bad Request)