Dev Space

Customize and extend the power of Alteryx with SDKs, APIs, custom tools, and more.

Decrypting Passwords using Python SDK

11 - Bolide

In my plugin GUI created with the HTML GUI SDK, I have a field for passwords:



// --- main.js ---
// ...

function setupItem(manager, AlteryxDataItems, name, element, password = false) {
    // Create a new DataItem for Alteryx
    var dataItem = new AlteryxDataItems.SimpleString(name)

    // Add DataItem to Alteryx Manager

    // Connect input to DataItem
    element.change((event) => dataItem.setValue(element.val()))

    // If we have a password, we need to asynchronous get the password
    dataItem.registerPropertyListener('value', function(propertyChangeEvent) {

Alteryx.Gui.BeforeLoad = (manager, AlteryxDataItems, json) => {
    setupItem(manager, AlteryxDataItems, "userPassword", $("#password"), true)
Alteryx.Gui.AfterLoad = (manager) => {}

The password is stored, persistent and I can easily use it in the HTML frontend for connecting to an API.



My backend, however, is supposed to rely on the Python SDK in which I cannot get the decrypted password:



    def pi_init(self, str_xml: str):
        Called when the Alteryx engine is ready to provide the tool configuration from the GUI.
        :param str_xml: The raw XML from the GUI.
        setting_tree = Et.fromstring(str_xml)

        # Getting the user-entered settings from the GUI
        self.username = setting_tree.find("userEmail").text
        self.password = self.alteryx_engine.decrypt_password(setting_tree.find("userPassword").text, 0)

        self.alteryx_engine.output_message(self.n_tool_id, Sdk.EngineMessageType.error,
                                            'Password: {}'.format(self.password))

Sending the decrypted password through the output message is certainly wrong, but used here only for testing purposes. The documentation ( gives me three options for the decryption. Value 0 as above does not work, yielding the error


Error: Data Hub Import (v1.0) (2): Traceback (most recent call last):
File "", line 43, in pi_init
RuntimeError: DecryptPassword only works with User and Machine encrypted passwords.

For values 2 and 3 I get no error, but still an encrypted password.


If I read @TashaA's post here correctly, the API method for decrypting passwords should be available in 2018.2 - am I missing something?


8 - Asteroid

Hi @TashaA 


Can I pass this decrypted password to the connection string to connect to the database in python? If not, then could you please suggest how can I do that?


Any help would be appreciable!! Thanks in advance


8 - Asteroid

Hi @chrisha 


to me also, it is giving me only encoded string, How can I retrieve the same string which I entered in the textbox?

I need to use it to connect to the database.



Alteryx Alumni (Retired)

Hi there @RuchikaMangla !


You need to use the decrypt password method. It is documented here:





11 - Bolide

Hi @chrisha ,


Did you find a workaround for it ? 

It's really bad that server does not handle all features that designer does. We have to leave password as free text for now which is really not ok...



11 - Bolide

Nope, still not working. We have written our own obfuscation function to have at least some protection, but - I agree - this is not very good.

11 - Bolide

I did the same in fact ! But the password is still visible in the XML which is really not great. 

I hope the alteryx Server team will look at it soon because this is a big defect. 

And technically, with macro you can have password encrypted in a text box and it works in both designer and server...