baruch-shteken commented on PR #34927: URL: https://github.com/apache/airflow/pull/34927#issuecomment-1787385444
Thanks @Michae94 for your question. **This is my understanding of how PATs work**: When a PAT is used for an authentication, it creates a new `session_token` which is then used in subsequent REST API calls. When the same PAT is used to authenticate again, it creates a new `session_token` and invalidates the previous `session_token`. ([Tableau docs](https://help.tableau.com/current/online/en-us/security_personal_access_tokens.htm)) **This is my understanding of how Airflow works**: For the first call to Tableau in a specific task, we use the PAT to authenticate to tableau. This generates a `session_token`. We can't reuse the `session_token` that was already created in a different task. (I also checked [the library](https://tableau.github.io/server-client-python/docs/api-ref#personalaccesstokenauth-class) Airflow uses to send Tableau requests and didn't find anything useful we can use). **Example of the problem**: Let's take an example of a DAG that has 2 parallel tasks that refresh 2 Tableau data sources. One of these tasks will generate and use a `session_token` to refresh the data source. The other task will do the same and also invalidate the first task `session_token`. When the first task polls Tableau to check if the refresh finished, it will fail because the `session_token` changed. From the above, I drew the conclusion that if we authenticate every-time to Tableau for every call, the process should work. That being said, I didn't test it end2end. Should I test it with my private Tableau data sources? Can I create a test for it here? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
