tableau-mcp update_extract_refresh_task non-atomic — DELETE succeeds but CREATE returns persistent 500 on workbooks with non-password (keypair / OAuth / saved-credential) datasources, leaving the workbook orphaned. create_extract_refresh_task against the same workbook also returns the same 500 — confirming credential-binding loss, not a transient. Site-wide list_extract_refresh_tasks confirms 30 other tasks healthy → failure isolated to the affected workbooks.
Diagnosis
The wrapper’s internal DELETE-old + CREATE-new pattern (Cloud has no PUT for extract refresh tasks) severs the saved-credential binding that was established at original publish time from Tableau Desktop. Tableau Cloud’s CREATE endpoint then fails connection-validation on the (now-unbound) keypair source but masks the 403132 error behind a generic <error code="500000"><summary>Internal Server Error</summary> response. Tableau skill gotcha #8 documents the same root cause for publish_workbook against keypair sources; this incident extends the gotcha to extract refresh task lifecycle. Every Runwal workbook on subodhrunwalgroup is keypair-bound to Snowflake, so this bug is a production hazard for ANY reschedule operation through this wrapper.
Fix
FOUR-LEVEL FIX, in priority order: (1) Banned-config G6 guard at MCP boundary — fail-closed when target workbook has any non-password saved-credential connection (inspect via get_workbook_connections); return -32006 banned_by_contract with migration hint to Web UI / Desktop. (2) True atomicity rework — try CREATE-new-first-then-DELETE-old pattern; net effect briefly two tasks but workbook never orphaned. (3) Better recovery_hint — replace “re-run create_extract_refresh_task” (which fails identically) with “credential binding severed; recover via Tableau Desktop overwrite-publish OR Cloud Web UI.” (4) Open Tableau support case to confirm 500-vs-403132 surrogate. Workaround until fixed: DO NOT call update_extract_refresh_task on any Runwal workbook — use Cloud Web UI (workbook → ⋯ → Schedule a refresh → edit existing task) or Tableau Desktop overwrite-publish.