Currently, in Alteryx Server, only Curators (Admins) have the ability to create and manage Gallery Groups. While this works for governance, it creates operational challenges when business teams need to manage user access dynamically.
In our use case, groups are being used to control access to DCM (Data Connection Manager) connections. However:
- Business users cannot manage group membership
- Every user addition/removal requires Admin intervention
- This creates delays and increases dependency on Admin teams
Problem Statement
This limitation defeats the purpose of using groups for scalable access control because:
- Access management is not decentralized
- Admins become a bottleneck
- It does not align with real-world business ownership models
Proposed Enhancement
Introduce the ability to:
1. Assign Group Owners (Non-Admin Users)
- Similar to Collections
- Group owners can:
- Add/remove users
- Manage membership
2. Delegate Group Management Permissions
- Allow Admins to:
- Create groups
- Assign business owners
- Owners manage users without full admin rights
3. Optional: Azure AD / DL Integration
- Sync groups with:
- Azure AD Groups
- Outlook Distribution Lists
Benefits
- Eliminates Admin bottleneck
- Enables self-service access management
- Aligns with enterprise RBAC models
- Improves operational efficiency
- Better adoption of DCM and group-based security
