How to create Tableau Connected Apps JWT tokens in C# .NET

Eski's data stories
3 min readAug 15, 2022


If you came to this page you might be struggling to generate a valid jwt with .NET in a format Tableau expects. One of my clients was sweating with this issue for over a week, so I’ve decided to share our findings.

They kept getting 10084 error — JWT_PARSE_ERROR. After investigations we found that in .NET, the Claim object expects a string value (not an array / list of strings, as expected by Tableau):

malformed jwt

…..Net’s Claim object expects a single string:


…Tableau expects that the “scp” claim be added as an array (i.e. List strings):


This is worth sharing I think, as it might happen in other JWT libraries. Also, customers may get stuck as Tableau’s Troubleshooting Connected Apps guide for error 10084, there was no mention of a possible malformed scp claim, so the client got stuck there.

How do we generate a jwt with a list type format in .Net?

It’s easy! The trick is to add multiple “scp” claims, one by one. Under the hood, the .NET library will create an array with the list of all claims, exactly as Tableau expects. If your app just really needs 1 claim, you can still add an extra dummy one, just to force it to create the token in the right format.

Here’s the resultant token, as expected by Tableau:

correct jwt structure with multiple claims, incl. a dummy one

Live demo — .NET Tableau Connected Apps JWT implementation

Click on the link below to use a live demo of the .NET JWT Generator for Tableau. Simply add your own Connected App details and click Run to get a token). You can validate the token with

Here’s the full working code:

Hope this saves you some time, so you can focus your efforts on buildind your app, rather than annoying auth topics :D

If you do find this useful and applicable for other jwt libraries, please share the details in the comments section!