Tool Verification Checklist
Last modified: June 15, 2020
- Tool functionality matches tool description.
- Script and style sources load via static resources.
- Input validation is implemented:
- Strips white-space, etc.
- Prompts user for required fields through meaningful engine warning and error messages.
- Authentication and authorization are managed:
- Implements a secure authentication method.
- Implements an authentication method that is appropriate for both scheduled workflows and workflows that are uploaded to the server.
- Uses the password attribute on text boxes that store sensitive information.
- If your tool makes web service calls, API interactions are handled.
- Handles error messages.
- Limits calls based on the rate limitations of the server.
- If your tool is a source of data, parses the data into legible quality for the user.
Your tool contains the necessary files.
- Engine: Implements necessary methods for interacting with the Alteryx Engine API.
- Config.xml: Provides adequate metadata.
- Icon: Image does not violate a company trademark.
- Installer Config.xml
- If Necessary, Samples
Sharing and Distribution
Installer provides necessary information.
- Works on multiple environments.
- Installs the necessary dependencies.
- Does not contain extraneous messages used during development/debugging, to include Alteryx messages or console logging.
- Provides a description of how your tool works and what market verticals it can be used with.
- Messaging provides clear definitions of compatibility with Alteryx platform.
- Establishes a clear message on backwards compatibility of the tool.
- Includes exact versions of Alteryx that the tool maintains compatibility with.
- Installs on server and can be scheduled within a workflow.
- Tool is valid across the Alteryx platform.
- Is compatible with new releases of the Alteryx platform.
- Is compatible with admin and non-admin versions of Alteryx Designer.
- Is compatible with Alteryx Server if possible.
Security considerations have been taken into account.
- Securely manages passwords.
- Removes any test credentials or sensitive test data.
- Obfuscates the program where applicable.
- Does not send sensitive information over HTTP.
- Alteryx APIs/SDKs that are used have not reached end of service (EOS).
- Alteryx software performance is not degraded.