As a platform admin you control the platform settings. SMTP, Base Address, Run Settings, Sharing Settings, File Upload Restrictions, Logging, and Notifications are described in this article. To access these settings, go to Platform Admin > Settings.
There are two ways to get to the Platform Admin site:
- Choose Platform Admin from the dropdown menu on the sign-in screen. Note that you only see a drop-down menu if you belong to more than one site.
- Select the site drop-down menu > Platform Admin from the top of any page in a site.
Alteryx Analytics Hub sends email notifications for various events such as creating a new user or requesting a password reset. To setup Simple Mail Transfer Protocol (SMTP) on your server, sign in as Platform Admin on the platform site and go to Settings > General. Supported servers are Google and Microsoft Office 365.
Required mail server information:
- From Email (email address you want to use)
Check the box Use SMTP Authentication if your email server requires authentication. Check the box Use SSL/TLS Security if you want your emails to be encrypted. Test your connection with the Test button or send a test email.
Enter the URL you want to use for email notifications that link back to the platform. Alteryx Analytics Hub uses this URL in activation, notification, and password reset emails.
If SSL is enabled and your certificate is set to a different port than 443, specify the port in this field (for example, https://myaah.example.com:8443/aah for and SSL/TLS enabled installation that listens on port 445 instead of the standard 443). If you are installing this on a virtual machine, include the URL of the virtual machine.
To have workers automatically rerun a workflow one time after a failed attempt, check the option Retry workflows once after a failed run. This is in case of a server error, not a workflow configuration error. For example, a job is orphaned during execution, an engine worker dies or restarts in the middle of a run, or a job fails to update the job status.
Restricted and Semi-Restricted run modes require a Run As user. The Run As user is the default account that the engine service runs as. To set a Run As user, go to Platform Admin > Settings > General > Run As. Enter a username and password for the Run As user. Select Save.
If you have engine workers, each worker has to have that user or system account. When AAH sends a workflow to run on the engine worker with a run as user specified, that account needs to exist on the machine.
To check or change your run mode setting
- Go to INSTALL_LOCATION\Alteryx\Alteryx Analytics Hub
- Open the Settings.yml configuration file.
- Find your current setting (for example, run_mode: "0"). Available settings are:
- 0 = unrestricted
- 1 = semi-restricted
- 2 = restricted
- Update the setting and select File > Save.
To restrict sharing to owners only, check the option Only owners can share their assets. Files uploaded while this is checked can only be shared by their owners. These files retain this setting even if it's turned off later. Data sources follow this setting as it is updated. Setting affects all sites and users.
File Upload Restrictions
You can restrict the file types and size of files that users can upload. This helps with the security, performance, and size of the platform environment. A default list of Allowed File Types is provided. This list includes all the files Alteryx Designer supports. Remove types you want to restrict or enter a comma-separated list. Restrictions apply to all future files uploaded to Analytics Hub. Restrictions don't apply to output files.
Alteryx Analytics Hub creates logs that are helpful for troubleshooting. The logging settings allow you to choose the threshold for the types of messages you want to capture. The default logging level is Debug. A level of Info may be sufficient if you need little logging, while a level of Debug logs more messages to help you troubleshoot. To set the logging level, go to Platform Admin > Settings > Logging > Level. Set a level in the Level drop-down menu, and select Save.
Order of levels from least to most logs created:
- Error—Only logs errors and critical events
- Warning—Logs deprecation messages and more
- Info—Logs information that’s helpful to diagnose a running system (for example, platform started at 5:00pm, 5/20/20; running in prod mode)
- Debug—This is default level and very verbose. It’s useful to developers for debugging problems.
- Trace—Logs every action the system is taking.
To see, download, and refresh your log file, go to Platform Admin > Settings > Logging > View Most Recent Log File. To see older logs, go to your computer’s file browser and the file path you set or the default C:\Program Files\Alteryx\Alteryx Analytics Hub\Backend. Open the log in a text editor or spreadsheet.
Other Log Locations
- Worker Logs—INSTALL_LOCATION\Alteryx Analytics Hub\Logs\Worker\AlteryxEngineWorker-*.log
- Frontend Logs—INSTALL_LOCATION\Alteryx Analytics Hub\Frontend\frontend.log
- Backend Logs—INSTALL_LOCATION\Alteryx Analytics Hub\Backend\analytics-hub-server*.log
- Postgres Logs—INSTALL_LOCATION\Alteryx Analytics Hub\Postgres\data\log\postgresql-*.log
- License Server Logs—INSTALL_LOCATION\Alteryx Analytics Hub\logs\als\AyxAU_*.log
- Audit Logs—INSTALL_LOCATION\Alteryx Analytics Hub\Logs\Audit\analytics-hub-audit.log
File size determines the maximum size of a log file before the logs rotate. This helps prevent the creation of large log files that can be difficult to consume in standard log readers.
You can activate email notifications for certain events. To turn email notifications on and off, go to Platform Admin > Settings > Notifications.
Add Users from a Directory
Configure Windows AD or Lightweight Directory Access Protocol (LDAP) on the Directories page. You can sync one directory at a time.
To configure a directory:
- Go to Platform Admin > Settings > Directories > + Add Directory.
- Select Directory Type, then Windows AD or Open LDAP from the drop-down menu. Some fields display default settings after directory type selection.
- Enter a name for the directory. The name must be at least 3 characters long.
- Enter the Protocol and Hostname of the server running LDAP.
- Enter the Port number of the LDAP server.
- Toggle on the Start TLS option. If you’re using the normal LDAP protocol then toggle this option on to encrypt the transfer over the wire. However, if you are using LDAPS, this option does nothing as the protocol is already secure.
- Enter a number for how often to sync with the directory (hours).
- Enter the Base DN. The Base DN is the point where the server will search for users.
- Enter the Bind User. For Active Directory, enter the username (for example, Luke Skywalker). For LDAP servers, enter the distinguished name (DN) of the user that you want to use to connect (for example, "cn=lskywalker, dc=example, dc=lan").
- Enter the Bind Password for the admin user of the LDAP server.
- (Optional) Enter Advanced Settings for User Schema, Group Schema, and Membership Schema.
- Select Test.
- Select Save.
- Select Sync.
Single Sign-On (SSO)
Enable single sign-on to allow users to sign into AAH with their single sign-on credentials. Single sign-on is used for authenticating users only. Groups and authorization are handled within Analytics Hub. For a user to authenticate with SSO, they must be licensed, a member of a site, and have successfully logged into Analytics Hub before with either a directory or local user account. Single sign-on can only be used for authentication through a web browser. It isn't available for Alteryx Designer connections.
Identity Provider (IDP) Requirements
- Support SAML 2.0
- Contain an attribute named “email” with a unique email for each user
- We've validated PingOne and Okta work with Analytics Hub
To set up SSO:
- Go to Platform Admin > Settings > Directories > Single Sign-On > + Add Single Sign-On.
- Enter SSO Name. This name displays on the AAH sign-in screen for users.
- Select one option under Identity Provider Details. Get this information from your identity provider (IDP) (for example, OKTA).
- Import IDP metadata from URL
- Add IDP endpoint
- Import IDP metadata from XML file
- Enter the information from Additional Information on your identity provider’s website.
- Select Test or Save.