As an extra special treat, this month contains not one, but two Alloy updates! As such, we are really excited to announce the second Alloy update for May. Here are some of the highlights of this release.

Trigger Workflow from Items

We have had the ability to create manually triggered workflows for a few months now, this feature extends that feature by providing the option to trigger those workflows from an item.

This would allow you to create custom complex actions for particular designs and for people to carry them out easily through a single selection.

When setting up these Workflows, you may only want some users to be able to trigger them, you can control this by setting Read permissions for those users. Any user who does not have Read permissions will not be able to trigger it.

We've been looking forward to this feature and are really excited to see what creative uses for this everyone produces. For uses such as completing all jobs on an item, creating an invoice or emailing a supervisor, the possibilities are endless.

Workflow Emails - Multiple Recipients

Previously, whenever you wanted your Workflow to send emails to multiple email addresses, you would need to create a separate node for each recipient. This update will now allow for multiple recipients to be listed under the Email To field. 

Just keep in mind that each recipient address will need to be delimited using a comma (,). When a Workflow is triggered with this set up correctly, an identical email will be sent to each of the addresses listed.

AQS Builder Relative Dates

Workflows have been able to define relative Dates and Times for a long time, but this useful piece of functionality has, until now, been missing from the AQS builder.

You can now use a relative date time as a comparator to other compatible attributes or values. This is particularly useful when you are defining saved queries as you no longer need to update any date values that are filtering your data to a specific time period. For example, you can create a saved query to display all Jobs raised within the last two weeks. 

The point in time from which the relative date time is taken from can also be configured to the following options:

• Now
• Start of Today
• End of Today
• Last Monday
• Start of the Week
• Start of the Month

Custom Reports on Items

An improvement has been made to the Reports pane. Due to a slight difference in how Standard and Custom Reports are linked to items, the Reports pane used to only show Standard Reports. This has now been changed to include any Custom Reports that have been linked.

To ensure that reports are linked to the Item they report on, when creating an Item Data Source in the Report Builder, be sure to check the option to Link report to item?

Task Assignment Current Date

We have been hearing some great feedback recently about the Task Assignment view, we also have a lot of great suggestions on how to make it a bit more user friendly. One of those changes present in this update is a small marker highlighting the current date, hopefully making it a bit easier to orientate where you are on the planner. 

 Alloy Community

If you have ever wanted to connect with other Alloy users, we have recently set up a great place to do just that! Alloy Community is a place for users to discuss how they're using Alloy, ask for help, get support with issues and to discover more information about Alloy's uses. Anyone can sign up to post and it is routinely contributed to by a lot of the people involved in building Alloy.

If you haven't had a look yet, why not check it out?

Alloy Community

We're excited to announce this month's Alloy update! This release will be applied during the evening of May 5th. In this post, we'll have a look at the highlights included in this release. For a full list of all changes included in this release, have a look at the Alloy Changelog.

You can also discuss this post in the Alloy Community here: Alloy Community

New Item Audit Navigation

We're excited to present the new navigation feature we have added to Item Audit logs. This enhancement will allow you to quickly flick through the audit history of an item and see the before and after for the change side by side. 

We hope this will be a welcome change but let us know your thoughts in the comments.

Pre-populate Attributes During Permit Application

A change made in this release will improve the usability of the Street Manager Apply for Works process. Information already captured on the Job will automatically be pre-populated in the Permit Application. 

This includes details such as USRN, Works Location, Workstream, Works Description, Start and End Dates & Times and Permit Conditions.

Creation of Manual Trigger Workflows

Timestamped Photos

Photos taken through Alloy Mobile can now have the local date and time stamp burnt into them. This is particularly useful for evidencing Defects or the completion of Jobs. This is optional and can be found in the settings menu.

Link Attribute Picker

A new 'Selected' tab has been added to Alloy Mobile. This tab allows you to quickly filter the list by items that have already been selected, instead of having to scroll through long lists of unselected items. This feature is available on both Android and iOS.

Settings UI Update

Another change made in Alloy Mobile in this release is an update to the UI used in the settings menu. With the addition of more items in this menu, we have categorised the available options to make finding the setting you require a bit easier.

Welcome to the first release update through our new in-app notifications widget! This month's release holds a bunch of great new features and updates. All these new features will be available in the evening of March 31st (GMT).

Discuss this post in the Alloy Community here: Alloy Community

Google Street View Stencil Control

A new stencil control has been added in this release. It takes a geometry attribute as a parameter and displays an image of the respective area taken from Google Street View. Clicking the image will open a new tab and take you to the Google Street View application and navigate to the area displayed.

Error Message Suggested Articles

It's always frustrating running into errors, we hope with this new feature, we can make it easier to find answers to what's causing the issue.

The error message window has been updated to provide you with links to suggested articles on the Alloy Community site.

By the way, have you had a look at Community yet? 

Alloy Community

The error message will search community for any articles that include the supplied error code, sharing solutions others have found or official guidance from the Alloy team on how to resolve your issue. 

If you still need the full details of the error message response, simply click the code button in the top right of the message to view the full error message or click the bottom button to copy everything to the clipboard.

All the Data Explorer Tabs

Are you the type of person who loves to have all the tabs you need open and to be able to quickly change and switch between them? If so, we've made the Data Explorer much easier for you. A small but significant change in this update is the addition of a couple of scroll buttons in the top right hand corner, allowing you to scroll along the tab bar.

Clone Custom Reports

Ever created a great report, then realise you need to create another one that is almost identical apart from one small change? This new feature makes that simple to achieve. Custom Reports can now be cloned, creating another report with the same configuration but with a different name. This avoids having to re-create the second report from scratch to match the first.

SHP File Export

We're adding a new option when exporting data from the Data Explorer, not only can you get your data in a .csv file, but now you'll be able to get your data as a .shp file too. When exporting data, you'll now be presented with an extra option in the modal to select SHP file type.

The export will create a .zip file to contain the multiple files that are associated with this data type.

What about everything else?

With our change to this new format of celebrating our releases, you may be asking: "What about all the other changes you've made?" If you'd like to get a full list of all our changes in this release, do head over to our changelog.

Alloy Changelog

Welcome to the all new notifications section in Alloy. Here you will find highlights to showcase new features and updates coming in each new release.  We hope that this will help you get to most out your Alloy system. 

You can still access all announcements including API updates by visiting our announcements site at https://announcements.alloyapp.io.

If you have any feedback on this change or any other, we would love to hear from you so get in touch at product@weareyotta.com.

Discuss this post in the Alloy Community here: https://community.alloyapp.io/c/announcements/

Overview

We are adding a new option to the Data Export endpoint which allow you to set the export format to ESRI SHP (Shape) file instead of the standard CSV export. 

Who does this affect?

This change will affect API users of the Export endpoint who require ESRI shape file output. 

Details

The following endpoint:

POST /api/export 

can now be used to specify the export type as ESRI SHP. Note that due to length constraints in the SHP format for field data, attributes values may be truncated in the exported files.

The endpoint now accepts two different request models:

ShapefileExportWebRequestModel requests made with this model will return files as SHP.

CsvExportWebRequestModel requests made with this model will return data as a CSV.

Both these models extend the ExportWebRequestModelBase model.

Note the the SHP format consists of multiple (3) files that will be returned on the Export File endpoint as a zipped bundle. 

GET /api/export/{id}/file

Expected Release Date

13th January 2022

Overview

We are adding an new option to the data Export endpoint which allow you to specify the projection to be used for Geometry data by providing the Proj4 string to use to convert over from WGS84 (Lat-Long)

Who does this affect?

This change will affect API users of the Export endpoint but will not modify the existing behaviour if the optional setting is not provided. 

Details

The following endpoint:

POST /api/export 

now accepts an optional string proj4 that may be used to convert geometry coordinates into the spatial reference system of your choice. This mirrors the optional Proj4 setting used during import.

Without the proj4 string, geometry is exported in WGS84 (Longitude, Latitude) coordinates.

There is a database of PROJ4 strings available for searching here https://epsg.io/

For example, for the UK British National Grid system, the Proj4 string is

+proj=tmerc +lat_0=49 +lon_0=-2 +k=0.9996012717 +x_0=400000 +y_0=-100000 +ellps=airy +datum=OSGB36 +units=m +no_defs

Expected Release Date

13th January 2022

Overview

We are adding a new feature that will allow administrators to specify the specific method of authentication (such as Microsoft Online SSO) to use in order to access Customer Projects. 

Who does this affect?

This change will affect administrators who want to restrict their users to using a specified authentication method over the current choice of email/password or SSO options including Google and Microsoft. Note that these policies may only be configured using Alloy Forge so please contact the Support Team to change the way in which users access your project. 

Details

This change has introduced a new concept called "Customer Security Policy". In simple terms, this is an object contained in the Customer document that is meant to include information about customer choices in terms of security related "settings".

Currently the security policy only includes the accepted authentication method property. If set, a user can only create a customer session for a specific customer if that session is created through one of the accepted authentication methods. Normally a customer session is created by switching a master session to a customer session. This means the master session will need to have been created through one of the accepted authentication methods.

If the user utilises an authentication method not on the accepted list, an error message will be presented and the user returned to the logon screen to retry. 

The security policies may be set using the following Forge endpoints:

GET api/customer/{id}/security-policy - Gets the customer security policy for a specific customer

* PUT api/customer/{id}/security-policy - Edits the customer security policy for a specific customer

Expected Release Date

13th January 2022

Overview

As part of ongoing improvements, we are updating the way API keys are managed in the system. This change will see the provision of an API key to every user discontinued, with future keys being generated on demand using the new mechanism described below. As part of this change, the way in which the keys are provided to the API as a token header will change to use the Bearer Authentication method.  

Who will this affect?

This change will affect all API users as any existing API key in use will be retired based on the timeline specified below, with the expectation for all users to transition to the new keys by that time.

Details

A new mechanism for API keys has been added and alongside it, a new series of endpoints. The current API key mechanism, where all users have an API key created alongside them is obsoleted and will be removed as part of Phase 2. 

Ignoring the current mechanism, new users will not have API keys created by default, but instead, will be able to create them on demand up to a maximum of 100 keys per user per customer. The new API keys will also come with a label field (to provide some description), an enabled flag (if false the API key will not be valid for usage), and an optional expireAt datetime (if an API key is expired it cannot be edited nor used to authenticate, it can only be deleted).

An API key value (or token) will never be shown after the creation of the API key, so if an issued API is lost or forgotten then the user will need to generate a new one. The database only contains a one way hashed version of the key, just like for passwords, so it is not possible for anyone to impersonate the user using the key even if they have direct access to database. 

The new endpoints are as follows:

GET api/api-key/{id} - Allows the caller to get the information of an API key by its ID

GET api/api-key - Allows the caller to list API keys by user and customer. Optionally it accepts a filter for the "label" field

PUT api/api-key/{id} - Allows the caller to edit an API key to change the label, enabled flag and expiration

POST api/api-key - Allows the caller to create an API key, this is the only endpoint that will return the actual value of an API key

DELETE api/api-key/{id} - Allows the caller to delete an API key

Important: The way you pass the API key is changing!

The new API keys will need to be passed according to the OAuth 2.0 Bearer token format (RFC 6750). That is a request header named "Authorization" will need to be included, which would look like this:

Authorization: Bearer APIKEYVALUEHERE

This change means that the API keys provided by the old and new mechanisms are not interchangeable and old keys will not be accepted via the Authorization header and new keys will need to be generated.  

FAQ

Will API keys work across Alloy regions/environments?

No, each key is specific to a user and customer project. Customers with Live and Staging environments should consider these separately as there is no link between projects across environments. 

Is there a default expiration date for each API key?

No, by default each API key will have no expiration date set and it will be the responsibility of the user to set this on creation or edit.

Will I be able to retrieve my API key at a later date following creation?

In line with best practice, the API key will only be given in the response model on creation. It will then be the creator's responsibility to safely store this key for later use. Only the associated data for the API keys (such as the label, enabled flag and expiration date) will be provided in the GET, PUT and DELETE responses.

Will I need an API key to generate an API key?

Once you've authenticated using your login credentials via the session endpoint and created a customer session, you'll be able to use the customer session token to generate and manage keys using the endpoints described above. So no, you won't be stuck in a infinite loop trying to get an API key 😜. 

Expected Release Date

13th January 2022

Phase 2: Retirement of Existing Token Method

26th January 2023

Overview

We are making a change to the password policy to ensure at least one special character is present when setting an Alloy password. This will increase password complexity in order to prevent unauthorised access to your Alloy account.

Who will this affect?

Current passwords will remain valid even if they do not contain a special character, so this won't impact existing users immediately after release.

However, this will apply to existing users when they change or reset their passwords. The change will also affect new users setting up an Alloy account for the first time.

Details

New user passwords, and existing users changing or resetting passwords, will need to include at least one special character. A special character is a character that is not an alphabetic or numeric character, e.g. @&*[].

Expected Release Date

28th October 2021