Tableau Cloud Add user function is missing IdpConfigurationId attribute (userItem.py). When Multiple SAML configurations exist, SAML users cannot be added

[Maitredata]

Describe the bug
Due to a recent API change, when using the add user to a site function for Tableau Cloud, there are additional attributes on the API call not yet present in the Tableau Server Client library.

Note the Add User to Site documentation: https://help.tableau.com/current/api/rest_api/en-us/REST/rest_api_ref_users_and_groups.htm#add_user_to_site

TSC currently is able to set the authSetting parameter in the call, which is an attribute in the userItem class. However, As of API 3.24, Tableau Cloud can create multiple authentication configurations, so the IdpConfigurationId attribute needs to be used instead. This is detailed on the page, but the attribute cannot yet be configured in TSC.

We had a support case where even though the user thought there was only one SAML configuration set, there was also the default "Initial SAML" option not visible in the UI, so it was necessary to use this.

Versions
Details of your environment, including:

• Tableau Server version (or note if using Tableau Online): Using Tableau Online, 10AZ pod and Dub01 pod, must have more than 1 SAML configuration.
• Python version: 3.13.3
• TSC library version: 0.37 [Latest]

To Reproduce

1. Start with a Tableau Cloud site with more than 1 SAML authentication Method
2. In the TSC create a user item.
3. Specify authSetting for new user as SAML
4. Add the user to Tableau Cloud

Results
In the users page, the user auth method will list as "Unspecified"
User will be unable to log in with SP-initiated SAML
(In my test environment using Okta, IdP Initiated SAML login was working)

Login error will show as:
Remote IdP entity descriptor is not configured

NOTE: Be careful not to post user names, passwords, auth tokens or any other private or sensitive information.
For further info, reach out to me internally or consult Internal work item.

SAMPLE CODE BELOW:

import tableauserverclient as TSC

TOKENNAME = ""
TOKENVALUE = ""
CONTENTURL = "siteurlhere"
SERVER = "https://10az.online.tableau.com/"

tableau_auth = TSC.PersonalAccessTokenAuth(TOKENNAME, TOKENVALUE, site_id=CONTENTURL)
server = TSC.Server(SERVER, use_server_version=True)
server.auth.sign_in(tableau_auth)
print(server.groups.get())
userToAdd = TSC.UserItem("user@salesforce.com", "Explorer", auth_setting="SAML")

userToAdd.email = "user@salesforce.com"

# add the new user to the site
userToAdd = server.users.add(userToAdd)
print(userToAdd.name, userToAdd.site_role)

[jorwoods]

This is still a WIP, but I don't have a way to configure a server with multiple IDPs to test. Can you see if this branch solves the issue?

https://github.com/jorwoods/server-client-python/tree/jorwoods/idp

At the moment, you can find the IDPs via server.sites.list_auth_configurations(). Then you would set that ID on the user_item.idp_configuration_id.

[bcantoni]

This is another issue on the same around multiple IDP: #1574