VizAlerts
VizAlerts copied to clipboard
tableau
Opt-in mechanism for self-service SMS alerts
Right now, we don't have a good way to manage what alert authors can send SMS messages to which phone numbers. The admin can set a regex that allows the author to send messages to certain numbers, but phone numbers don't really lend themselves to pattern matching very well. And Tableau Server does not know what users' phone numbers are, so there's no data for us to use there, either.
What I really want to be able to do is restrict alert authors to be able to send SMS messages only to those users who have decided to opt-in to receiving SMS messages. Not only do they need some UI or other mechanism to do this with, but we would need to validate their phone number by sending them a message and having them enter their confirmation code somewhere.
There are probably better ways than this, but here's an idea that is so crazy it just might work:
A Tableau Server user wants to opt-in to receiving SMS messages on their phone. They go to any viz that they own and enter a comment: "sms_enable [their phone number]". The same VizAlerts logic that detects the "test_alert" comment picks that up and makes an API call to Twilio to confirm their phone number. If they have a way to allow the user to simply reply back "yes" to confirm, that'd be ideal. When we receive their confirmation, we record the username and phone number...perhaps in a text file, perhaps in Twilio if they let you do that. Now we know that user Martina wants SMS messages, and have confirmed that the number she wants to receive them at is truly hers. If she wishes to stop receiving them, the same method could be used, but with "sms_disable [their phone number". Their number would then be removed, and they'd receive no more SMS messages. A user could authorize any number of...numbers...this way, as long as they went through the confirmation process.
However, this doesn't really cover the scenario of users being able to opt-in to specific alerts. I am thinking of it right now as a global opt-in. The default allowed_to_numbers in the config viz, when left blank, could fall back to the opted-in user list. Furthermore, we could use this info as a "smart default" (see #68 ) in case the user doesn't include the SMS To field in their viz.
A further question is, do the numbers from the opt-in dataset get exposed to the whole company? It would be perfectly useful for people wanting to build alerts that sent SMS messages--they'd have all the data they needed to send to the proper numbers, for anyone who opted in. But, in larger organizations, I can see how that could be pretty sketchy. You might not want everyone to know your number.
