Alteryx Server Ideas

Can we make API function available to assign specific worker node while submitting job request using api.

Currently the default 'Rows Per Page' is set to 10 when within various pages on the Gallery. 

As we add more and more Apps to our Gallery it would help to be able to increase the default so it is higher than 10.

This will help ensure users do not forget about or miss tools that are available to them which are hidden on other pages. Additionally, they will not need to remember what page to jump to if the App does not pull through to the first 10 rows, or prevent the need for them having to increase the number of 'Rows Per Page' themselves.

Hello!

Currently one of the pain points when looking at integrating Alteryx Server into an organisation, is the role of a Curator, and who should be given that role. Of course, from an IT perspective, they want governance and control over data connections, users, and configuration - as it is important that users aren't simply able to change the default role to Curator and give all users access to the Administration portal, for instance. On the other hand, a Super User is typically given Curator access to allow for adjustments to all other sections of the Administrator Portal, that IT quite frankly don't care about.

What would be useful, is for a new role to be created, elevated from Curator. Let's call them 'Super Curator'. These 'Super Curators' (or, User-Curators, for a less exciting name) have access to all of the Admin portal as usual. 'Curators', would now only have access to the following (Highlighted yellow for Curator access):

This would aid the conversation from an IT perspective, allowing them to take control of user, data connection, and credential administration, whilst leaving the rest of the control to the other Curators. As this wouldn't always be a requirement, it would be useful to allow for a toggle of this setting within the Configuration on the Gallery. This would also not effect pre-existing setups of curators, as in the update of implementation, all current Curators should be adapted into 'Super Curators'.

Thanks,
TheOC

Today in managing Alteryx server, we manually configure new connections using the front end.  However, this has some potential drawbacks as it makes it hard to easily track change history, or make bulk updates to multiple strings, and it also leaves room for user error on configuration.

In this case I'm pretty specifically looking to modify aliases on the server itself.  I'm not particularly concerned with distribution to a wider audience, and the usernames/passwords associated in this case should not be available for use locally by users.  As a part of this, I am trying to identify a method to reduce or eliminate the need for anyone (including the data connection manager) to need to know the password for the specified accounts.  As some of these accounts may be used by multiple systems, it would be significantly simpler to integrate this maintenance into existing automated processes, rather than have a manual step to update the Alteryx connection values on the Gallery.

This is specifically a challenge today with regards to specific usernames or passwords which need to be stored.  Alteryx saves these values using machine-level encryption, but that is difficult to generate automatically.  Having a supported method that would easily allow creation of this file with password-level information would greatly improve maintenance of the Alteryx Server, particularly from an IT automation perspective.

Currently, we see the Districts and Collections now compressed into a list view. 

Previously, the Server had the widgets feature which really showcased the self-service nature of the Sever. Losing that just made decreased the emphasis on user experience. 

It would be great to allow Server Admins to decide whether they want lists or widgets to be available toggles as a design feature for both districts and collections will be of great help.

In addition, regardless of the option, the image size and wording size should be much larger - easier for people to see. Right now, we have to zoom to 150% to make it easier for ourselves to see. Having the ability to control font size, font control with bolds, italtics, etc. will be very helpful as well.

Currently, only users themselves are able to setup the default worker tag in their My Profile page. To ensure efficient management of worker nodes, Server Admins or Curators should be allowed to set the default worker tags of gallery users, preferably in bulk. This will help avoid workflows to be executed using the wrong worker node.

Hey there,

Below you can see few of my suggestion to improve Alteryx Server. 

Idea for Alteryx Server monitoring:

• Increase data what could be seen on workflow results.
• Possibly create a report with filter option (to filter by user, gallery, workflow and etc.), which would at least contain data like:
  • Successfully ran workflows, count, percentage.
  • Failure rates, counts and etc.
  • Live data for monitoring purposes.
  • etc.
• Possibility to connect to workflow results data (live data) with other tools like Tableau or Power BI to create dashboards and etc. to monitor and act on the error as soon as possible.
• Give a chance for other users to check on the workflow statuses and etc same like workflow owner.

Give server more functionality with:

• Ability for server automatically retry workflow based on configurations: in example:
  • retry flow in specific time (for example in 30 minutes)
  • number of possible retries
  • based on specific workflow (other) results ability to trigger to run another workflow
  • (Maybe there is a better way) ability to run macros which would for example open MS Excel, and run macro inside it. I have some of the workflows where workflow opens excel, runs macro inside, that macro triggers special Add In which connects to Essbase, it pulls the data, saves excel file, and then alteryx continues working with the file. So if such or similar workflows could be run on Server that would be awesome.
  • This is extremely exiting one: possibility to create environment for self-service users, which it would not be something like gallery (because gallery is more suitable for Alteryx Designers/users).
    • in that one environment admin could grant access for user and tick what specific user could see and run.
    • so for admin it would be one environment, and user would see only what is needed for him/her.
    • in that environment user would also be able to schedule self-service workflows to be received in example by email, or BOX drive or any other way. Scheduled workflow would have to be approved by an admin before it would be actually scheduled. 
  • I have not tried this one myself, but that would also be great if all alteryx server environment could be accessed by mobile devices (of course, some features would be limited).

 Hopefully you will find these suggestions interesting and useful. 

Regards,

Aurimas

When saving a workflow to the gallery, none of the options I could choose from Set workflow credentials validates a workflow successfully when using database connections due to missing permission on the server (No specific Run As is configured on the Server). Apparently the server validates the workflow as following:

User is not required to specify credentials:No possibility to add credentials when running the workflow on the server. In that case, the workflow validates database connections with errors due to missing permission on the server. This error was expected.

User must specify their own credentials: This option is the most appropriate in case of working with database connections with regard to our use cases and security policies. Unfortunately this option is only enabled when the workflow is saved on the server already and run from the gallery. In case of the validation step when saving the workflow to the gallery, the server evaluates with the system user of the server. As a result, the validation fails. In that case, I expected the server to run the validation with the user from the Alteryx Designer.

Always run this workflow with these credentials: This option is not appropriate in terms of our security policy, since the workflow is permanently set with the users credentials.

So my suggestion would be to:

• Prompt dialog to enter my credentials for validation once or
• The server runs the validation with the User from Designer, where the workflow is going to be saved from.

Otherwise is see no benefit of the validation feature (with respect to our use cases and security policies)

Dearest colleageues and comrades (Romans, countrymen?):

Have you ever queued up your jobs only to have them block your regularly scheduled programming? Imagine a world where, assuming you had multiple worker nodes, you can direct and prioritise your jobs on your terms.

This is what I am suggesting.

I've recently worked with Alteryx support, and they turned me on to a QoS setting in Alteryx Server settings. Peep this like a marshmallow chick in hot pink: 

After learning from the great Server Master Kevin Powney (blessed be his name), I learnt that there are currently 3 'channels' that this QoS variable governs. 0 is the highest priority used for workflows. 4 is used for chained apps. 6 is used for gallery service requests.

This will not do.

Why? Well, for one: hello arcane/memorisation.

Secondly, where is my control? I'm a millenial dammit! Service me!

So, my idea, that I want you to vote so highly on as to save yourself any myself a lot of hassle, is to allow a custom QoS variable to be a traffic variable. And here's how it works:

• For each workflow/app, you can assign it whatever QoS/traffic variable you choose. 
• This allows the user the power to control which 'lane' is clogged in the queue.

Example time! [cheers, candy thrown]

In my current situation, we have some jobs that are network-intensive (database calls), and jobs that are processing-intensive (CPU hogs doing hard-core maths). 

The network-intensive jobs run on the weekends so that we have the data in the morning on Monday. The processing-intensive jobs need to finish, but suck up all the CPU power. For the last couple of weeks, we've unsuccessfully run these jobs over the weekend. The downside is that since we cannot control how traffic flows (and we only have the 0/4/6 options in QoS, of which these only fit in the 0 lane [breath, sorry]) the CPU-heavy jobs have blocked more critical network jobs.

If we had two paths, we could assign the CPU jobs to lane 1 and the network jobs to lane 0 and they can run in parallel. And then my boss is happy. We like happy bosses, right?

Vote this up! My boss is awesome!

Thanks for your ear,

Hail Caesar or something.

-Cedric

Hello all,

Right now, we can choose either MongoDb or Microsoft SQL Server as a backend. I would suggest to add Postgresql. Why ?

-it's open-source
-it's reliable
-it's free
-it works well on many environments
-it's popular
-it's already used as backend for Tableau or Qlik and many others
-it respects SQL norm and doesn't have a lot of specificity

Best regards,

Simon

Alteryx DCM has been an incredibly useful addition that supports key security concerns from companies. Currently, only three external key vaults are supported:

• Hashicorp Vault (KV secrets engine) - supported for Designer 22.3 and later.

• CyberArk Conjur - supported for Designer 22.3 and later.

• AWS Secrets Manager

https://help.alteryx.com/current/en/designer/tools/dcm---designer/dcm-external-vaults.html## 

I propose that we also include Delinea Secret Server.

Thank you and hopefully we can start to add more to make this feature widely useable and support security compliance.

Currently Alteryx has a timeout setting at a worker level which applies to all of the workflows/schedules that run on that node. 

It'd be great and very useful is that setting is made available at a granular level like at the Collection/User Group or workflow level. 

I've been told by Alteryx support that this is not a feature that is currently available. Hence proposing an Idea on the community requesting for such an ability!

Hello,
One of the frustrations we have faced in using Alteryx Gallery is the question "How do we set up many users with their respective collections easily?".

If we take for an example, the scenario where a company has 300 potential users of the gallery, who are all going to login and generate a report based on their department.
In order for them not to be able to generate the reports on other departments, the report generation workflows are put into collections. The current solution to this (atleast on SAML Authentication), is for a user to sign up, and then a Curator to assign them to their given collection. This is fine for small scale solutions, but the purpose of server is allowing for large scale deployment and automation of tasks, and this is far from ideal for a larger company.

If the server is setup on Windows Authentication, the users are able to be categorised within the Windows Active Directory, and then these groups (which may pre-exist) are able to be added to the gallery straight from the AD (see here), however this is not a feature within SAML Authentication.

From my knowledge, SAML Authentication should easily allow for this functionality, and it works very similar to Windows Active Directory. I mentioned this on a call with a Customer Support Engineer, and he explained that this wasn't part of his known roadmap for the Alteryx Gallery. 

I do believe this to be an extension of a current post on the Alteryx forum, however, this details opening the API to allow for this on an API level, however I would also suggest for this to be integrated within Alteryx Gallery, as not all users are experienced with using, or building tools around, the API.
 
Cheers,
TheOC

Our Organization uses a Password Manager to automate the update of service account credentials used in Windows Services. 

Would like to request the ability to leverage that functionality with the Run As user inside of Alteryx Server Settings used with Workflows. 

This would increase application security, while ensuring the process is automated, thereby limiting issues from human interaction.

Examples of these types of application are ERPM(Enterprise Random Password Manager), Thycotic Secret Server, and I am sure there are others. 

In some organizations, it may be difficult, if not impossible, for permissions to be applied or exemptions made to enable wide ranges of users the “Logon as batch job” permission needed to run workflows in a Server with the current run-as credential capability.

If possible, could the Alteryx process still run as the server admin or "Run As" account, but enable the workflow to access the various different data sources (windows authentication) using specific credentials entered when running the workflow. So while the whole process runs as Service Account A, the access to databases, file systems, etc. may be done using their own specified credentials.

Some of this can be accomplished today by embedding credentials in database connections, but this isn’t an ideal scenario, and a more holistic solution that covers a wider array (or all supported) data sources would be preferred.

Would it be possible to specify whether a worker handles scheduled jobs, ad-hoc jobs or both?  Right now it seems that the workers treat both types of jobs the same, meaning that a slew of ad-hoc jobs initiated from the Gallery could slow down jobs that are scheduled to run on a regular cadence.  It'd be great if those scheduled jobs could have a dedicated worker (or workers) and have any ad-hoc jobs handled by a separate worker (or workers) so that the scheduled jobs (which might be more important) are not held up by one-off jobs.

Maintaining multiple workers (five currently, soon, six) with identical setups is challenging when dealing with In-Database (InDb) connections. I must log in to each worker, start Alteryx Designer, go to In-Db settings, and create the connection. This also becomes tedious when trying to update passwords, which occurs every 90 days in my company.

The suggestion is to set up an In-Db connection on one worker and have it propagate to the other workers. 

Propagates to other workers →

This would save time maintaining workers in the gallery and help prevent errors during setup on each worker (e.g., typing in the wrong password).

As an "extra credit" mission, expose In-Db connections through an API that can list, create, update, or delete an In-Db connection.

Sometimes, a workflow posted to the Server is calling from a source data that has dimensions which are specific to certain users based on departments, divisions, countries, regions, states, or etc. depending on the level of granularity. 

Although Alteryx developers can create Analytical Apps that have the option for end users to select these dimensions, a more seamless experience for end users (and better for security as well) is to have the ability to configure such filters for existing users on the Alteryx Server itself.

So, if Person A belongs to State 1 and Person B belongs to State 2, by default when both Person A & B enter the Server to that specific workflow in a collection or district, they will automatically be filtered for State 1 and 2 respectively. 

This is similar to Section Access configuration - whereby users have already been pre-filtered the moment they enter.

The current workaround is to create multiple workflows and store them in different collections or districts specific to end users, and to make any changes will require a change to the workflow itself. 

It will be great to have a dashboard that allows for Alteryx Server admins to configure on their own without hassle.