Showing results for 
Search instead for 
Did you mean: 

Engine Works Blog

Under the hood of Alteryx: tips, tricks and how-to's.

In my previous post about getting started with REST APIs, we walked through some basic setup of connecting to and executing a request to the Quandl API. The next few posts in this series will take a deeper look at things like authentication, payloads, and using batch macros for downloading or submitting data. 


Bearing in mind that RESTful style APIs will have a different implementation of OAuth 2.0 or another authentication method, there are some key words that you can look for in the API documentation that you are using that will help you quickly choose the appropriate grant flow to use in Alteryx. The main thing to look for is an endpoint to send your client id/secret, or username/password to, in exchange for an authorization or access token. This helps you avoid getting caught up in any grant flows that require you to redirect to a web application for authentication. 


Resource Owner Password 

This grant flow requires the passing of the username and password in exchange for authorization. 

Resource Owner Password.png


Client Credentials/Client Authentication

Very similar to the Resource Owner Password flow above, but without the username and password added to each request. This grant flow means that you have registered an application with the API (to be referred to as the Client) that has access to resources that you are the owner of. In this case you are the client as well as the user. I am currently working on developing  a connector for Adobe Analytics and their documentation provides a diagram that shows their implementation of this flow, as well as others. 


Adobe Analytics.png


Basic Authentication

The implementation of this usually looks like [clientid:clientsecret] or [username : password] base 64 encoded and then prepended with "Basic" as the value for the header "Authorization".




API Key 

Mentioned in my last blog post, Quandl allows you the ability to simply generate an API key tied to your account that you can use to access the API. This is more commonly seen in APIs where you are not accessing any user specific or sensitive information. 





The API you are working with may have a testing console in their web application in the developers section that will allow you to test your API requests, but there are some other things you can do to help troubleshoot the requests that you are sending through the Download Tool. 



PostMan is a Chrome application that many members of the Content team here use to construct and test API requests including authentication/authorization prior to implementing the request in Alteryx with the Download Tool. This allows you to explore the format of the url, payload, and other things that will help you understand the format needed to apply to your workflow. 






If after transititioning your request to a workflow format in Alteryx, you may find issues executing the request and want a better look at what is going on. Fiddler will allow you to capture your outgoing and incoming HTTP traffic so you can inspect the request to see if there is anything out of place in your request.


If you are looking for some recommendations for APIs to get started with, or find out more information about an API try out Programmable Web.  Here you can search by protocol type as well as subscribe to API changes-extremely helpful if you plan on utilizing specific API connections as part of your daily or weekly business functions. 


Do you have any helpful tips or tricks on getting different grant flows/authorization to work in Alteryx? Share them in the comments!



Tasha Alfano

As Product Manager for Developer Tools at Alteryx, Tasha enjoys working on everything for Alteryx platform extensibility. If you are building cool things with Alteryx-let her know! When she isn't at work in the Broomfield office she enjoys backpacking and climbing in sunny Colorado. @Tasha_Alfano

As Product Manager for Developer Tools at Alteryx, Tasha enjoys working on everything for Alteryx platform extensibility. If you are building cool things with Alteryx-let her know! When she isn't at work in the Broomfield office she enjoys backpacking and climbing in sunny Colorado. @Tasha_Alfano


Hi Tasha, 


Do you have any experience working with Facebook Insights, Facebook Business Manager, LinkedIn Analytics and Twittter Analytics in terms of accessing their APIs to retireve various metrics?


Thank you!


Good Afternoon @mcwallendjack


While I don't have any resources built out for these, I looked around a little bit and found the following information: 


Facebook insights has a great playground for insights through the graph api here as well as a starter resource for utilizing the graph api.


The Facebook business manager, which looks like it falls under the Marketing API that they provide, comes with some SDKs that if you look through the SDK files most likely have the structure of the api request layed out. 


I believe the Twitter Analytics api has an implementation for Basic authentication-so this should be pretty easy to implement in Alteryx.


 As far as LinkedIn goes, their implementation of OAuth 2.0 makes it pretty difficult to authenticate using only Alteryx without building out an HTML5 solution, since you have to provide a redirect url.


 I hope this helps!  




Hi Tasha,


I am trying to create an automatic scheduling workflow.

My souce data is Crimson Hexagon and I am using its API to pull data.

In order to get data, I need an authorization (api_key) and ID that I have to redirect everyday.

I am wondering if I can schedule workflow once a day to pull live data without inputting new authorization (api_key) and ID.


Thank you,



Hi Tasha,


I am looking for a way to connect to Zuora and Salesforce through Rest API calls.

Is there a way or steps that you reckon to connect to these sources?


Appreciate your response on the above.




Hi Tasha, 


Do you have any experience working with Google Doubleclick in terms of accessing their APIs to retrieve data? I believe it requires OAuth 2.0, so i'm not sure how to do this via Alteryx, as the basic authorisation options don't appear to work





Hey @JonShotton,


I don't have experience with that specific API. You mentioned that basic auth wasn't working for that, can you provide an idea of what your workflow looks like for using the basic auth? 


Did you base 64 encode the authorization header prior to using it in the download tool?



Hi Tasha,


Yes I tried with the Base 64 tool to encode the Username : Password and pass that into the download tool as Authorization header, but that just generates a Http 302 redirect error.


You can see the API guide for this here:


Any advice if/how to configure Alteryx for this type of api flow would be appreciated.






Great tip on PostMan & Fiddler.


@TashaA - is there any generally used way of querying a rest server for the services (and parameters) available?


As an example:

(in other words - a way to query a web server to say "tell me what rest services you provide" - with a digital result set describing the services)


When I was doing more web dev, there was a debate about WSDL - has a standard emerged that you seen as being commonly used - or do you need to hope that the developer build documentation?





I haven't heard of a way to discover all facets of any REST API, but you could have a look at Swagger, which - if the specification is adhered to by the API creator - allows you to quickly discover what's there.

 - John



I have a requirement to call Apis behind AWS Api Gateway and they are secured using AWS Request Signing. I have implemented this many times in different languages, but always using the abstractions provided by the AWS Sdk. I know the logic I need to implement, just not how to achieve this within Alteryx.


How would I go about including the AWS Sdk into a custom macro so I can implement the necessary workflow to authenticate my Api requests.


Are there any plans for an "AWS Api Download Tool" connector, or any third party market place to search?


Hey Tasha, is there a way where I can use the base 64 encoder to encode the API secret and then use the encoded value in "Headers" (Download tool) for Basic Auth?

I only want to provide the API secret as hard coded information and not the encoded value.Screen Shot 2018-08-21 at 4.57.00 PM.png


Alteryx Alumni (Retired)

@snigdhacjha  Checkout Workflow Text Messages Using Twilio, within the API Prep & Call section (about halfway down the page) there is an example related to what you're looking for.

 HI Tasha, any experience with Qualtrics. I have able to leverage Postman to extract data out of Qualtrics but I have failed miserably when I use Alteryx.


I know there are some few threads on the topic but the have not helped me at all.


Any advice?


Thank you! 




Hello @matrix7116!


If you are successful with Postman, a little trick to get it into Alteryx is to use the export code feature of POSTMAN into cURL.


You can then use that cURL code with the run command tool in Alteryx (as long as you have curl.exe on your computer.)




Hi @matrix7116

Piggy-backing on @TashaA's suggestion, I believe Postman can generate Python code too... (if not, I know Insomnia can)... you might be able to grab that and put it into a Python tool... nice thing about that is you can easily debug it step by step in Jupyter until it's good to go.

Hope that helps!

 - John



 Great idea @JohnJPS!

Thank you, Tasha and John. 


I was able to solve this issue using Python Tool provided by Heather Harris.