Alteryx Server Ideas

Currently, in order to run an app via the API, you have to have uploaded the app to your private studio. Frankly, I don't find this function useful because you have to download then re-upload an app in order to gain access to the API. The API would be more useful if when an app is shared with you (or a collection is shared with you), then it would also allow for that app to be run via API by the user it was shared with. Right now, the only person who can run the app via API is the user who originally uploaded said app. 

We leverage Active Directory groups to manage user permissions to most of our company's resources like databases, file shares, applications, etc.  This idea is for the ability to manage a Gallery Data Connection via an Active Directory group.  In many cases, our AD group membership actually dictates what permissions a gallery connection should have, but we must manually add/remove users to the Alteryx connection to keep it synched with AD.

I think there are several ways Alteryx could be enhanced to support this; i.e. the AD group could be specified on the connection itself or it could be inherited from a Studio where the subscription is enhanced to support assigning AD groups to it (which could benefit other areas of Alteryx).

I'm told by Alteryx support that this functionality is unsupported but to post the idea here.  If anyone knows of workarounds to this limitation I'd certainly be interested!

Currently, to allow a user to schedule jobs, prioritize jobs, assign jobs, create collections, or have API access, toggles must be set at the user level.  

As a server administrator, I want to configure these toggles at the group level, so that a) I don't have to modify a large number of users individually to grant them such permissions, b) I ensure consistency across groups of users that doesn't rely on humans clicking all the right things for each of the relevant people, and c) I can easily change these settings for multiple people, if needed.

I manage a server with 200 + Artisans. Some of them tend to abuse the Scheduler by having workflows running every hour or every x hours. This can penalize other users creating big queues thought the day. Currently I monitor the queue and schedule often and then contact these individuals to better accommodate their needs.

Having the possibility to disable hourly workflows, or enable to only specific users, would help a lot to deter the abusers.

Thanks,

Mauricio Estevez

At the moment when you give the "assign job" permission the user can choose any worker, it would be great if there was a way to assign workers to users or groups.

Example 1 (worker 3 is assigned to one group):

Worker1 - Assigned to ALL

Worker2 - Assigned to ALL

Worker3 - Assigned to ArtisansGroup1

In this scenario, all Gallery users have access to Worker 1 and Worker 2 and the ArtisansGroup1 has access to Worker1, Worker2 and Worker3.

It would be really useful to be able to obtain the user name of some one running an app in the Gallery. This could be used for instance in row level security for people running an app that produces a report and that data is considered sensitive

I would like to suggest the idea of being able to handle row-level security data sources in a more seamless way using Kerberos passthrough, where Alteryx Gallery will pass the information that User A is running the workflow to the underlying DB and will authenticate as User A. 

We have many workflows that are built to handle different queries of a database that are reliant on knowing who is running the workflow in Gallery. We also have many regional workers, and we want to keep the administration of these connections to the data as simple as possible. 

For more information, check out the Community thread on this subject.

Our company prefers to setup active directory groups to manager our users and resources separately for better tracking of what a group has access to.  We setup global group roles with users as members and local groups with privileges to a resource and the role as a member. We would like to be able to use nested global groups in the User>groups and have it still setup the users once a nested group is setup. Attached his the priv group an role.  We were not able to login with the priv group, but could login once the role group was added.

Thanks

With a majority of our Alteryx users working via VPN, our Firewall systems are detecting a brute force attack if a user tries to open another Alteryx tab within 60 seconds.  We would like to request to reduce the amount of authentications attempts on the Alteryx Gallery site when launched, so there isn't 100+ 401 unauthorized errors to trigger the Firewall system to disconnect the session.

As an Alteryx Admin, we have too many users to maintain the Data Connections for every connection that every user has. A nice add to the collections ability is to create and share Data Connections among users of only that Collection. Managed by the Collection Admin(s), they would be able to manage their own credentials and connection strings for their team and project.