Community Spring Cleaning week is here! Join your fellow Maveryx in digging through your old posts and marking comments on them as solved. Learn more here!

Engine Works

Under the hood of Alteryx: tips, tricks and how-tos.
TashaA
Alteryx Alumni (Retired)

In my previous post about getting started with REST APIs, we walked through some basic setup of connecting to and executing a request to the Quandl API. The next few posts in this series will take a deeper look at things like authentication, payloads, and using batch macros for downloading or submitting data. 

 

Bearing in mind that RESTful style APIs will have a different implementation of OAuth 2.0 or another authentication method, there are some key words that you can look for in the API documentation that you are using that will help you quickly choose the appropriate grant flow to use in Alteryx. The main thing to look for is an endpoint to send your client id/secret, or username/password to, in exchange for an authorization or access token. This helps you avoid getting caught up in any grant flows that require you to redirect to a web application for authentication. 

 

Resource Owner Password 

This grant flow requires the passing of the username and password in exchange for authorization. 

Resource Owner Password.png

 

Client Credentials/Client Authentication

Very similar to the Resource Owner Password flow above, but without the username and password added to each request. This grant flow means that you have registered an application with the API (to be referred to as the Client) that has access to resources that you are the owner of. In this case you are the client as well as the user. I am currently working on developing  a connector for Adobe Analytics and their documentation provides a diagram that shows their implementation of this flow, as well as others. 

 

Adobe Analytics.png

 

Basic Authentication

The implementation of this usually looks like [clientid:clientsecret] or [username : password] base 64 encoded and then prepended with "Basic" as the value for the header "Authorization".

 

Basic_auth.png

 

API Key 

Mentioned in my last blog post, Quandl allows you the ability to simply generate an API key tied to your account that you can use to access the API. This is more commonly seen in APIs where you are not accessing any user specific or sensitive information. 

 

 Quandl.png

  

Debugging

The API you are working with may have a testing console in their web application in the developers section that will allow you to test your API requests, but there are some other things you can do to help troubleshoot the requests that you are sending through the Download Tool. 

 

PostMan

PostMan is a Chrome application that many members of the Content team here use to construct and test API requests including authentication/authorization prior to implementing the request in Alteryx with the Download Tool. This allows you to explore the format of the url, payload, and other things that will help you understand the format needed to apply to your workflow. 

 

Postman.png

 

 

Fiddler

If after transititioning your request to a workflow format in Alteryx, you may find issues executing the request and want a better look at what is going on. Fiddler will allow you to capture your outgoing and incoming HTTP traffic so you can inspect the request to see if there is anything out of place in your request.

 

If you are looking for some recommendations for APIs to get started with, or find out more information about an API try out Programmable Web.  Here you can search by protocol type as well as subscribe to API changes-extremely helpful if you plan on utilizing specific API connections as part of your daily or weekly business functions. 

 

Do you have any helpful tips or tricks on getting different grant flows/authorization to work in Alteryx? Share them in the comments!

 

 

Tasha Alfano

Tasha loves working with Alteryx products, building time-saving tools, and talking to customers! When she isn't at the Colorado Alteryx office, she's usually running or biking on a trail nearby. Twitter: @Tasha_Alfano

Tasha loves working with Alteryx products, building time-saving tools, and talking to customers! When she isn't at the Colorado Alteryx office, she's usually running or biking on a trail nearby. Twitter: @Tasha_Alfano

Comments
mcwallendjack
8 - Asteroid

Hi Tasha, 

 

Do you have any experience working with Facebook Insights, Facebook Business Manager, LinkedIn Analytics and Twittter Analytics in terms of accessing their APIs to retireve various metrics?

 

Thank you!

TashaA
Alteryx Alumni (Retired)

Good Afternoon @mcwallendjack

 

While I don't have any resources built out for these, I looked around a little bit and found the following information: 

 

Facebook insights has a great playground for insights through the graph api here as well as a starter resource for utilizing the graph api.

 

The Facebook business manager, which looks like it falls under the Marketing API that they provide, comes with some SDKs that if you look through the SDK files most likely have the structure of the api request layed out. 

 

I believe the Twitter Analytics api has an implementation for Basic authentication-so this should be pretty easy to implement in Alteryx.

 

 As far as LinkedIn goes, their implementation of OAuth 2.0 makes it pretty difficult to authenticate using only Alteryx without building out an HTML5 solution, since you have to provide a redirect url.

 

 I hope this helps!  

 

-Tasha 

knozawa
11 - Bolide

Hi Tasha,

 

I am trying to create an automatic scheduling workflow.

My souce data is Crimson Hexagon and I am using its API to pull data.

In order to get data, I need an authorization (api_key) and ID that I have to redirect everyday.

I am wondering if I can schedule workflow once a day to pull live data without inputting new authorization (api_key) and ID.

 

Thank you,

Kazumi

DK
5 - Atom

Hi Tasha,

 

I am looking for a way to connect to Zuora and Salesforce through Rest API calls.

Is there a way or steps that you reckon to connect to these sources?

 

Appreciate your response on the above.

 

Regards,

DK

JonShotton
5 - Atom

Hi Tasha, 

 

Do you have any experience working with Google Doubleclick in terms of accessing their APIs to retrieve data? I believe it requires OAuth 2.0, so i'm not sure how to do this via Alteryx, as the basic authorisation options don't appear to work

 

Thanks,

Jon

TashaA
Alteryx Alumni (Retired)

Hey @JonShotton,

 

I don't have experience with that specific API. You mentioned that basic auth wasn't working for that, can you provide an idea of what your workflow looks like for using the basic auth? 

 

Did you base 64 encode the authorization header prior to using it in the download tool?

 

-Tasha

JonShotton
5 - Atom

Hi Tasha,

 

Yes I tried with the Base 64 tool to encode the Username : Password and pass that into the download tool as Authorization header, but that just generates a Http 302 redirect error.

 

You can see the API guide for this here:

 

https://developers.google.com/identity/protocols/OAuth2#webserver

 

Any advice if/how to configure Alteryx for this type of api flow would be appreciated.

 

Thanks,

Jon

 

SeanAdams
17 - Castor
17 - Castor

Great tip on PostMan & Fiddler.

 

@TashaA - is there any generally used way of querying a rest server for the services (and parameters) available?

 

As an example: www.company.com/rest/ServiceDirectory?result=JSON

(in other words - a way to query a web server to say "tell me what rest services you provide" - with a digital result set describing the services)

 

When I was doing more web dev, there was a debate about WSDL - has a standard emerged that you seen as being commonly used - or do you need to hope that the developer build documentation? 

https://www.w3schools.com/Xml/xml_wsdl.asp

 

 

JohnJPS
15 - Aurora

@SeanAdams,

I haven't heard of a way to discover all facets of any REST API, but you could have a look at Swagger, which - if the specification is adhered to by the API creator - allows you to quickly discover what's there.

 - John

 

Cluggas
5 - Atom

I have a requirement to call Apis behind AWS Api Gateway and they are secured using AWS Request Signing. I have implemented this many times in different languages, but always using the abstractions provided by the AWS Sdk. I know the logic I need to implement, just not how to achieve this within Alteryx.

 

How would I go about including the AWS Sdk into a custom macro so I can implement the necessary workflow to authenticate my Api requests.

 

Are there any plans for an "AWS Api Download Tool" connector, or any third party market place to search?

snigdhacjha
7 - Meteor

Hey Tasha, is there a way where I can use the base 64 encoder to encode the API secret and then use the encoded value in "Headers" (Download tool) for Basic Auth?

I only want to provide the API secret as hard coded information and not the encoded value.Screen Shot 2018-08-21 at 4.57.00 PM.png

 

StephenW
Alteryx Alumni (Retired)

@snigdhacjha  Checkout Workflow Text Messages Using Twilio, within the API Prep & Call section (about halfway down the page) there is an example related to what you're looking for.

matrix7116
5 - Atom

 HI Tasha, any experience with Qualtrics. I have able to leverage Postman to extract data out of Qualtrics but I have failed miserably when I use Alteryx.

 

I know there are some few threads on the topic but the have not helped me at all.

 

Any advice?

 

Thank you! 

 

luis

TashaA
Alteryx Alumni (Retired)

Hello @matrix7116!

 

If you are successful with Postman, a little trick to get it into Alteryx is to use the export code feature of POSTMAN into cURL.

 

You can then use that cURL code with the run command tool in Alteryx (as long as you have curl.exe on your computer.)

 

-Tasha 

JohnJPS
15 - Aurora

Hi @matrix7116

Piggy-backing on @TashaA's suggestion, I believe Postman can generate Python code too... (if not, I know Insomnia can)... you might be able to grab that and put it into a Python tool... nice thing about that is you can easily debug it step by step in Jupyter until it's good to go.

Hope that helps!

 - John

 

TashaA
Alteryx Alumni (Retired)

 Great idea @JohnJPS!

matrix7116
5 - Atom

Thank you, Tasha and John. 

 

I was able to solve this issue using Python Tool provided by Heather Harris. 

 

https://community.alteryx.com/t5/Alteryx-Designer-Discussions/Python-Tool-Downloading-Qualtrics-Surv...

 

Luis

Tsega14
5 - Atom

Hi Tasha,

 

I have a username and password to access an API using basic authentication. I want to use the base64  encoder tool in alteryx to pass it to the headers tab of the download tool as a value for the header "Authorization". How do I go ? If you have an example workflows, that would be very helpful! 

 

Thank you for this informative guide!

 

Regards,

Tsega

 

Basic Authentication

The implementation of this usually looks like [clientid:clientsecret] or [username : password] base 64 encoded and then prepended with "Basic" as the value for the header "Authorization".

 

Basic_auth.png

GreggD
8 - Asteroid
Hi Tasha, I have successfully use the Download tool for executing and processing the results from an API call to a non-SSL domain. However when I try to execute the same API call against a domain with SSL, I get the dreaded "Couldn't connect to server" message. With Postman I am able to turn off SSL certificate verification and it works fine. Is there a way to configure the Alteryx download tool turn off SSL authentication like we can in Postman? Any Ideas?
shubhamirpachi
5 - Atom

Hi, Is there any support in Alteryx to call APIs which are defined in AWS API-gateway using AWS secret key and access key for Authentication?

NeilR
Alteryx Alumni (Retired)

@shubhamirpachi I'd recommend looking for something close to what you're trying to do here, then copy/pasting (with necessary modifications) into the Python tool.

NidhiAg
7 - Meteor

@TashaA Great Article but I am bit confused with my particular issue. So i have designed a Alteryx workflow which queries TFS api (2017). To authorize I have used Basic Authorization which is basically encoded Personal Access Token (PAT) for my credential. 

Now i have to deploy the workflow on server and I don't want to put in my PAT on server. I did read about Oauth but I am not sure how to implement it with TFS 2017 and Alteryx. 

 

Please suggest a sample (much appreciated) or way of authorizing ?