What's New in Server 2022.3
Release Date: November 29, 2022
Go to the complete Server 2022.3 Release Notes.
As of the 2022.3 release, Alteryx Designer, Server, and the R Predictive tools use new installer technology. The updated installer detects your operating system language and installs Alteryx products in that language (if applicable). Go to Download and Install a Product for important upgrade and downgrade considerations and review updated command-line options.
Migration Prep Tool
To use the latest and best cryptography throughout Server to protect data at rest and data in flight, you now have a way to get your crypto migrated to the most modern algorithms without taking a lot of downtime and interrupting your business.
To move to more modern crypto (FIPS capable), we at Alteryx prepared a Migration Prep Tool to mitigate the maintenance window downtime that you require to get all your workflows database table migrated to the new crypto standard.
The Migration Prep Tool for Server is a separate command line utility that allows for a pre-migration of a database of workflows and apps to be more quickly migrated to the new AES256 standard.
This tool is optional and only needs to be run once before upgrading any prior Server version to Server 2022.2.x (FIPS build), 2022.3.x (FIPS or general availability builds) or beyond. However, we recommend you run the Migration Prep tool in some cases.
For more information about this tool, visit the Migration Prep Tool help page.
Server UI Redesign
We’ve redesigned these admin pages: Notifications, Settings (previously Configuration and Theme), Jobs, Schedules, Media, Insights, Workflows, Subscriptions, Diagnostics, Data Connections, Districts, Pages, and Links. The functionality of these pages remains the same.
The Global Search user interface has also been updated. Items returned in search results now include more information, such as creation date, author, and type. You can also select which asset types to include in your search. These updates allow you to have more control over what you search for and get more information about your search results right from the search page.
Localization in Chinese, French, Italian, Japanese, German, Spanish, and Portuguese has been extended to all Server pages, except the login page and Analytic App page.
OpenSSL3 Cryptographic Module Updates
We’ve updated our bundled OpenSSL3 cryptographic engine to OpenSSL 3.0.7, which addresses CVE-3602 and CVE-3786, both rated as High Severity.
We’ve bundled the OpenSSL3 Legacy Provider, which supplies older algorithms and ciphers (MD2, MD4, RC4, DES, IDEA, and others) that are no longer packaged as part of the core crypto engine in the 3.x series. Note that the Legacy Provider is not loaded unless it has been manually enabled via backend configuration on a particular Designer or Server host.
Encryption and Hashing Updates
We made these updates to Server encryption:
- All encryption is now AES256.
- MD5 and SHA1 hashing have been updated to SHA256.
- Alteryx Server-FIPS uses these FIPS 140-2 certified cryptographic modules:
- Analytic app fields are not encrypted in this release. If you have personal identifying information (PII) in the analytic app fields, that data will not receive extra protection.
Server V3 API: Workflows, Jobs, and Credentials Endpoints
We’ve also made some updates to the Server V3 API for users with Curator (admin) and Artisan rights:
- As an admin of Alteryx Server, you are now able to automate many processes, such as uploading workflows and running jobs.
- As a user with Artisan rights, you can now access all /workflows and /jobs endpoints from v1/v2/subscriptions as part of your V3 API. Further, you can also post a workflow and specify workflow credentials as well, so the workflow has all its metadata needed to operate properly.
System Settings Update
- SSL/TLS: AlteryxService now supports TLS for internal and direct service layer communication. For the Server-FIPS, TLS is enabled for all services and cannot be disabled. Because of this change, you must install an X.509 (TLS) certificate on the Controller and Server UI nodes. This allows communication between nodes to work with TLS. We recommend installing certificates on all of the machines hosting Server, regardless of their configuration. For more information about the TLS Settings, go to the System Settings help page.
- Engine: When you enable the 'Allow Server to manage engine resources' setting in System Settings > Engine > General, the 'Allow users to override these settings' setting is now disabled.
SAML Support Update
We've removed reliance on IdentityServer 3 and the AlteryxAuthHost.exe process. The SAML Functionality is now provided as part of the AlteryxServerWebApiHost.exe process. We've also added support for the request signing with this update.
This means that starting with version 2022.3, we are using updated service provider endpoints via the Web API service. Please note that existing configurations using the previous endpoints continue to work, and no action is required at this time to continue using SAML for your existing Alteryx Server.
Alteryx System Settings ACS Base URL:
- Previous default: http(s)://host.domain.tld/aas/
- New default: http(s)://host.domain.tld/webapi/
Identity Provider Audience URI:
- Previous default: http(s)://host.domain.tld/aas/Saml2
- New default: http(s)://host.domain.tld/webapi/Saml2
Identity Provider Single Sign-on URL:
- Previous default: http(s)://host.domain.tld/aas/Saml2/Acs
- New default: http(s)://host.domain.tld/webapi/Saml2/Acs
Unable to Share Workflows from Designer
Designer versions older than 2022.3 will NOT be able to share workflows to Server from Designer. You need to upload those workflows to Server 2022.3 using the Administrator UI or API.
Usage Data Configuration
Deprecation of the Server Usage Report
The Server Usage Report has been available as a separate download alongside the Server product and helps administrators get valuable statistics about their Server environment by running a workflow in Designer that connects to their MongoDB.
Due to ongoing changes to Server DB schemas, the validity and value of the report outputs have diminished over time and new schema additions in the underlying Server product database are not being captured in the Server Usage Report going forward. As such, the Server Usage Report will no longer be published alongside Server as a separate download. Previous versions of the report will continue to be available for download, but ongoing database changes will continue to devalue the outputs of this report over time.
Being a Designer macro, this report can be downloaded and updated by any user for ongoing use based on the information desired from the MongoDB. However, the Alteryx product team will not be updating or maintaining the report from its current state.
If you would like to submit feedback on the Server Usage Report, please complete this survey so that our Server product team can appropriately capture any asks for future inclusion in our product suite.