Alteryx API not working behind Reverse_Proxy

john_smith_ca

Hi,
I deployed Alteryx Server behind Load Balancer and configured it too as a Reverse Proxy, else there is an option for SSL off-loading.
The Public URL for Ex: https://alteryx.johnsmithca.com

Gallery is working perfectly within url: https://alteryx.johnsmithca.com/gallery

Request and response behavior as below:

• Client Request (https://alteryx.johnsmithca.com/gallery) >
• Load Balancer (Reverse Proxy) SSL-OFF>
• http://localhost:80/gallery >
• Load Balancer (Reverse Proxy) SSL >
• Client Response (https://alteryx.johnsmithca.com/gallery)
  
  but when I tried to use API, it returned 

{ "data": null,
"exceptionName": "UnauthorizedException",
"innerExceptionMessage": "",
"message": "The provided signature(oauth_signature) is invalid." }

I know that the error because of a mismatch between oath_signature:

• One has been created on client side
• Other has been created on server side

And that happened because of difference between public url that the client requested (https://alteryx.johnsmithca.com/galler) and the Base_URL on Server side(http://localhost:80/gallery).
When I tried to change the base url to public url, it didn't work at all, even gallery not worked too.

The normal behavior (Expected) is deploying the server on localhost and it becomes the internal url over http, and the external one become public domain over https, and reverse proxy (Load balancer) handle the termination of SSL and pass the request over http to server, then return the response to client over https.

Question:
So, How to fix that error (invalid oath_signature) and working with Alteryx API behind Reverse Proxy? Is there any extra configuration within Alteryx or Load Balance (Reverse Proxy) to do to make it authenticates successfully?

joshuaburkhow

Hey @john_smith_ca 

What does your server setup look like? Do you have Gallery nodes? or just a single node? 

We have a LB tied to two of gallery nodes (which is where we handle the SSL).