Alteryx Server Ideas

Today, when you share a workflow with someone else through the collection, you cannot see the manual run that the person will do, neither the person will see yours. 

This is really annoying as this is not helping collaboration between colleagues. 

Since we use an external scheduler and the server api, only the job owner will see the job execution results within the gallery.

Idea here would be to let the sharing of job execution result as an option in the collection.

We leverage Active Directory groups to manage user permissions to most of our company's resources like databases, file shares, applications, etc.  This idea is for the ability to manage a Gallery Data Connection via an Active Directory group.  In many cases, our AD group membership actually dictates what permissions a gallery connection should have, but we must manually add/remove users to the Alteryx connection to keep it synched with AD.

I think there are several ways Alteryx could be enhanced to support this; i.e. the AD group could be specified on the connection itself or it could be inherited from a Studio where the subscription is enhanced to support assigning AD groups to it (which could benefit other areas of Alteryx).

I'm told by Alteryx support that this functionality is unsupported but to post the idea here.  If anyone knows of workarounds to this limitation I'd certainly be interested!

Currently, in order to run an app via the API, you have to have uploaded the app to your private studio. Frankly, I don't find this function useful because you have to download then re-upload an app in order to gain access to the API. The API would be more useful if when an app is shared with you (or a collection is shared with you), then it would also allow for that app to be run via API by the user it was shared with. Right now, the only person who can run the app via API is the user who originally uploaded said app. 

Sometimes, a workflow posted to the Server is calling from a source data that has dimensions which are specific to certain users based on departments, divisions, countries, regions, states, or etc. depending on the level of granularity. 

Although Alteryx developers can create Analytical Apps that have the option for end users to select these dimensions, a more seamless experience for end users (and better for security as well) is to have the ability to configure such filters for existing users on the Alteryx Server itself.

So, if Person A belongs to State 1 and Person B belongs to State 2, by default when both Person A & B enter the Server to that specific workflow in a collection or district, they will automatically be filtered for State 1 and 2 respectively. 

This is similar to Section Access configuration - whereby users have already been pre-filtered the moment they enter.

The current workaround is to create multiple workflows and store them in different collections or districts specific to end users, and to make any changes will require a change to the workflow itself. 

It will be great to have a dashboard that allows for Alteryx Server admins to configure on their own without hassle.

Currently, to allow a user to schedule jobs, prioritize jobs, assign jobs, create collections, or have API access, toggles must be set at the user level.  

As a server administrator, I want to configure these toggles at the group level, so that a) I don't have to modify a large number of users individually to grant them such permissions, b) I ensure consistency across groups of users that doesn't rely on humans clicking all the right things for each of the relevant people, and c) I can easily change these settings for multiple people, if needed.

Alteryx Server does not presently support any file encryption systems. Many people need to encrypt there Fileshare as a secure measurement and use safeguard lan encrypted. Please provide a solution so workers are able to read and write encrypted files through safeguard lan encrypted.

It would be really useful to be able to obtain the user name of some one running an app in the Gallery. This could be used for instance in row level security for people running an app that produces a report and that data is considered sensitive

I would like to suggest the idea of being able to handle row-level security data sources in a more seamless way using Kerberos passthrough, where Alteryx Gallery will pass the information that User A is running the workflow to the underlying DB and will authenticate as User A. 

We have many workflows that are built to handle different queries of a database that are reliant on knowing who is running the workflow in Gallery. We also have many regional workers, and we want to keep the administration of these connections to the data as simple as possible. 

For more information, check out the Community thread on this subject.

Currently, DCM credentials appear to only be used in combination with a DCM Data Source.  

For ease of use for my end users (non-Designers), I would like my end users to be able to save a user ID and password as a standalone DCM credential.  Then, I want the user to have the option to select that credential for use in two places:

1.  Run-As - when running a workflow on demand, the user should be able to choose their saved DCM credential.
2. Credential injection into Input Data or other relevant tools in Analytic Apps - I want to use the DCM Connection tool to build Analytic Apps that prompt my users to select their DCM Credential (NOT a full DCM Connection with data source - I don't want my users to have to set that up.)  When the user selects their Credential, their user ID and password should be securely encrypted and inserted into the existing connection set up by the App designer.

Having this functionality would remove administrative burden from both our Designers and the end users they support.

At the moment when you give the "assign job" permission the user can choose any worker, it would be great if there was a way to assign workers to users or groups.

Example 1 (worker 3 is assigned to one group):

Worker1 - Assigned to ALL

Worker2 - Assigned to ALL

Worker3 - Assigned to ArtisansGroup1

In this scenario, all Gallery users have access to Worker 1 and Worker 2 and the ArtisansGroup1 has access to Worker1, Worker2 and Worker3.

Enhancement request that there is an ability to limit collection naming rights to the collection owner and/or collection admins. Currently anyone with access to a collection can rename it.

I manage a server with 200 + Artisans. Some of them tend to abuse the Scheduler by having workflows running every hour or every x hours. This can penalize other users creating big queues thought the day. Currently I monitor the queue and schedule often and then contact these individuals to better accommodate their needs.

Having the possibility to disable hourly workflows, or enable to only specific users, would help a lot to deter the abusers.

Thanks,

Mauricio Estevez

With a majority of our Alteryx users working via VPN, our Firewall systems are detecting a brute force attack if a user tries to open another Alteryx tab within 60 seconds.  We would like to request to reduce the amount of authentications attempts on the Alteryx Gallery site when launched, so there isn't 100+ 401 unauthorized errors to trigger the Firewall system to disconnect the session.

I develop workflows or analytical apps in the Designer and save them in a Gallery. If I need the setting "Always run this workflow with these credentials", I have to type in my username and password every single time I want to save it, even in the same Designer session. This is very annoying and results in saving the workflows much more seldom than I would do if I did not have to type in the credentials every single time.

My idea is to cache the credentials (login name and password) for one Designer session. It would be perfect if it was for the entire Designer session for multiple files. But even if it was specific to the opened file it would help.

Result would be:

• After loading the file, the user has to type in credentials only for first saving.
• Every subsequent save would be done without further interaction.
• After closing and re-opening the file, credentials have to be typed in again.

Anyone with access to a collection can see the Users & Groups tabs, which show information that is no appropriate for non administrators to see and prompts unwanted questions. Users no not need to know who else has access to the collection and what rights they have.

It would be useful if there was a configuration option to hide these tabs from roles below Curator.

Hello Community!

I really enjoy the concept of the Data Connection Manager, but we have controls in place that don't allow our users to share database connections with each other - the official data source owner needs to approve. We have been able to do this with the typical Data Connections through Active Directory groups that we load into Gallery custom groups. 

It would be nice to be able to allow users to create their own data connections to be shared but we would like to add a couple of governance features:

• When an Artisan wants to publish a data connection to Gallery, they publish it to a shared space (could be within collections). For example, they could share to the HR Data Connection space. 
• That shared space is governed by custom groups in Gallery, similar to assets in a collection for workflows (who can access, who can add, who can modify, who can remove, who is the owner)
• Ideally, we would also like to have more of a submission process - someone can submit a data connection, and then a data owner can "accept" the data connection. The data owner would then check to see if they are connecting properly before it is added to the shared space. 

We are getting an error saving flow to our private gallery with US Geocoder tool.

The error speak to "public" and not "private" gallery and we get the reasoning except that we should be able to save to our private gallery and deploys solutions internally that we built using these tools and data.

We are on 2020.4.6 on both the gallery and laptop.

Laptop is in Business Insights trial.

Servers all have Insights add-on

I found in the community a post where you can manually update the flow run settings but the user mistook that the flow did save even with error.

This allows the job to work but it is annoying that

• Each flow they build they would have to accept that it is ok on saving with error
• I am concerned they may miss a real error buried in the messaging
• Please change the font color and message to a “Warning” in gold font like the “Results View” vs an “Error” in red font because it is not really an error and any real errors would then stand out
• Then they have to take extra step in the Gallery to enable the flow to work…

I recommend modifying the User “Actions” options to include an “Allow Insights” option.

This can then be used in

1. determining if to even generate messaging on these jobs at save time.
   1. user has authorization and this is to private gallery and not public gallery
2. avoids having to make someone made a curator when they SHOULD NOT have curator/server wide powers.
3. Preset the workflow setting based on the saving developers user setting thus eliminating the extra step of setting the workflow setting in the Gallery post save.

Doing this simplifies and automates the process and significantly improves user experience when developing insights flows for use in the gallery.

Our company prefers to setup active directory groups to manager our users and resources separately for better tracking of what a group has access to.  We setup global group roles with users as members and local groups with privileges to a resource and the role as a member. We would like to be able to use nested global groups in the User>groups and have it still setup the users once a nested group is setup. Attached his the priv group an role.  We were not able to login with the priv group, but could login once the role group was added.

Thanks

As an Alteryx Admin, we have too many users to maintain the Data Connections for every connection that every user has. A nice add to the collections ability is to create and share Data Connections among users of only that Collection. Managed by the Collection Admin(s), they would be able to manage their own credentials and connection strings for their team and project.