Skip to main content

User Roles and Permissions

User roles are set by Curators (Server admins) in the Server Admin interface. User roles determine the user's level of access to Server users and assets.

User Roles

Users can have one of the following roles:

  • Curator: Curators (Server admins) can access the Admin interface to perform administrative tasks. Curators also have all the privileges of an Artisan.

  • Artisan: Artisans can publish, run, and share workflows in their private studio and shared collections.

  • Member: Members can run workflows that are shared with them via collections.

  • Viewer: Viewers can run public workflows on the Server UI home page and in districts.

  • No Access: Blocks access to all Server assets. The No Access role is typically used in Servers using either Integrated Windows Authentication or SAML Authentication to control initial access to the Server UI when new users sign up.

  • Default: Assumes the default user role. Go to Set a Default User Role on the Settings page for more info.

No Access

Viewer

Member

Artisan

Curator

View and run public workflows on the homepage

View and run workflows in collections

Publish workflows and insights

View and run private workflows in a private studio

Add assets to collections

Share apps to the private Gallery

Administer all collections

Admin API Access

User Permissions

In addition to user roles, there are several user permissions that you can set to control what users can do in the Server UI.

  • Schedule Jobs: This permission allows the user to schedule workflows to run at a scheduled time. Note, you have to also enable workflow scheduling on the Alteryx Server Settings page for a user to be able to schedule jobs.

  • Prioritize Jobs: This permission allows the user to prioritize a job. When there are multiple jobs in the queue, the job with the highest priority runs first.

  • Tag Jobs: This permission allows the user to assign a specific worker to run a workflow.

  • Create New Collections: This permission allows the user to create collections.

  • API Access: This permission allows the user to access the Server API. Go to the API Overview to learn more.

  • Create or Edit DCM Assets: This permission allows the user to create or update DCM assets (data sources, credentials, and external vaults). Without this permission, users can’t synchronize their DCM assets from the Designer.

    Note

    Users are still able to delete certain DCM assets - for example, they can delete their DCM assets created prior to the permission being revoked.

  • Share DCM Connection Credentials to Run on Server Only: This permission allows the user to share DCM connection credentials to run on Server only. For more information about this functionality, go to Data Connection Manager: Server UI.Data Connection Manager: Server UI

  • Share DCM Connection Credentials for Collaboration: This permission allows the user to share DCM connection credentials for collaboration. For more information about this functionality, go to Data Connection Manager: Server UI.Data Connection Manager: Server UI

  • Manage Generic Vaults: This permission allows the user to manage DCM generic vaults. For more information about generic vaults, go to Data Connection Manager: Server UI.Data Connection Manager: Server UI

  • Active: Uncheck the box to prevent the user from accessing the Server UI.

User_Permissions_241.png

Set a Default User Role

New Server users assume the default user role unless you add them to a group or assign a user role other than Default. Go to Understand Role Hierarchy. The default user role is set to Viewer by default. You can change the default role using the Default Role dropdown on the Server Configuration page. Go to Default Role on the Server Settings page for more info.

Note, the default role is displayed as Evaluated in some places like in the group Details.

Note

Understand Role Hierarchy

A user's role, and their resulting Server UI access, can come from 3 places, the user role, the group role, or the default role. Alteryx Server evaluates roles in this order: user role, group role, default role. Users' access resolves to the most specific role assignment. So, if a user's role assignment is any role other than Default, that is their role and corresponding access. If a user's role is Default, then the Server looks to see if they are in a group. If the user is in a group, they assume the group role. If they are not in a group they assume the default role.

Filter User List by User Role

To filter the user list by user role, select the filter icon to show the filter dropdown. Select 1 or more roles to filter by.

To filter the user list by user role, select the filter icon to show the filter dropdown. Select 1 or more roles to filter by.