https://wiki.onqpr.com/pa/api.php?action=feedcontributions&feedformat=atom&user=TeeHietQPR ProcessAnalyzer Wiki - User contributions [en]2026-05-11T15:40:06ZUser contributionsMediaWiki 1.39.1https://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_BPMN_Editor&diff=28285QPR ProcessAnalyzer BPMN Editor2026-05-06T09:05:07Z<p>TeeHiet: TK-63956</p>
<hr />
<div>This page describes components that are used for editing BPMN models and viewing conformance analysis results. Note that for dashboards that use BPMN and conformance functionality, you need to create a variable '''designModel''' with behavior ''Stored'' (in the ''Dashboard Properties'' in ''Variables'' tab), so that the dashboard is able to store the defined BPMN model. The other option is to define the [[QPR_MEA_Integration#MEA_Connection_String|MEA Connection String]], so that the BPMN model can be stored in the QPR ProcessDesigner repository. Note also that the BPMN editor only allows to add BPMN elements that are supported by the conformance checking functionality.<br />
<br />
== BPMN Editor ==<br />
The '''BPMN Editor''' analyzes process mining data with the help of a designed BPMN process model. You can for example:<br />
* See process mining KPI's and statistics calculated on the fly top of the BPMN diagram during the modeling the BPMN<br />
* Run conformance analysis using the designed BPMN model<br />
* Filter data directly from the BPMN diagram<br />
<br />
The BPMN diagram can be drawn from scratch, opened from QPR ProcessDesigner repository via QPR MEA Web Service, or imported from a BPMN 2.0 XML file. The ready diagram can be saved to the QPR ProcessDesigner repository or exported to a BPMN 2.0 XML file.<br />
<br />
BPMN diagrams are created by dragging items from the tool palette. Start event, end event, task and gateways are the most used elements. When you add a BPMN task to the canvas, all event types are shown in a list next to the task, and an event type can be selected to match it with the created task. When the task is added, KPI values are calculated and shown in the blue background. When flows are added, KPI values are calculated and shown for them, too. By clicking the KPI in the top right legend, the KPI value is hidden, to make the BPMN diagram more readable if there are lots of items.<br />
<br />
When you select a BPMN task, it suggest to create a filter. In the dropdown list you can select which type of filter is created. When you select a BPMN flow, it also suggest to create a filter.<br />
<br />
You can create a filter to get only the conforming or nonconforming cases based on the current BPMN model by selecting '''Include conforming cases''' or '''Include nonconforming cases''' from the context menu.<br />
<br />
=== Auto-creating BPMN Diagram from Eventlog ===<br />
BPMN editor's context menu has the '''Auto-create diagram''' option which will automatically create and layout a fully conforming BPMN diagram from the filtered eventlog. The created diagram contains paths for all the process variations in the filtered eventlog. The diagram will have one start element and one end element, all the event types appear as BPMN tasks in the diagram. The auto-creation intelligently identifies the types of gateways, using either the exclusive or parallel gateways. Parallel gateways indicate that there are activities occurring simultaneously in the process that are typically independent of each other.<br />
<br />
Eventlogs often contain a large number of process variations, even in smaller datasets. Capturing every variation in a single BPMN diagram can quickly lead to a model that is overly complex and difficult to interpret. A practical approach is to first filter the eventlog to include only the cases that represent the desired variations or process behaviors. Using the variation filter is typically the easiest way to select the process behavior you want to include to the BPMN diagram. You may need to iterate a few times by adjusting filters and regenerating the diagram to arrive at a BPMN model that represents the desired process flow. If the auto-created diagram still does not fully meet your needs, you can always continue refining it manually using the BPMN editor.<br />
<br />
The auto-creation feature is available for the Snowflake models, and it uses the expression language's [[Generic_Functions_in_QPR_ProcessAnalyzer#:~:text=ToBpmn|ToBpmn]] function which generates the BPMN diagram in the Snowflake by calling a Python function powered by the PM4Py library (https://processintelligence.solutions/pm4py). The function is executed in the same Snowflake ODBC connection where the eventlog data is located. To use the auto-creation feature, the required Python libraries need to be deployed to Snowflake as instructed [[Snowflake_Connection_Configuration#Enable_auto-create_BPMN_diagrams|here]].<br />
<br />
=== Adding tasks and flows, and Deleting Diagram ===<br />
There are following functions available:<br />
* '''Add tasks and flows''' will create a BPMN model that is the same as the as-is model. Thus, the as-is model will conform perfectly to the design model. After the tasks and flows are created, you can edit the design model and remove the events and flows that shouldn't occur in the process. Note however, that the amount of flows that is created can easily be overwhelming. To overcome this, you can first filter out those events and flows that shouldn't occur in the desired process and then use the auto-create. After creating the design model, you can remove the filter to check the conformance of the whole model. Note that due to performance reasons, the number of flows in the auto-generated model is limited to 1000.<br />
* '''Add tasks only''' will generate only the tasks without any flows. The result is a model that needs to be filled with flows to be a valid BPMN model.<br />
* '''Delete diagram''' will delete the current diagram and start from an empty canvas.<br />
<br />
=== Opening and Saving a Diagram in the Repository ===<br />
To open a diagram from the repository:<br />
# Click the '''Open diagram from repository''' button on the bottom left of the BPMN Editor. The Open Diagram from Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In the '''Diagrams''' hierarchy, select a BPMN diagram.<br />
# Click '''Open'''.<br />
<br />
To save a diagram to the repository:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In '''Diagrams''' hierarchy, select the target BPMN diagram location.<br />
# Click '''Save'''.<br />
Note that a BPMN diagram may contain an entire diagram hierarchy. When a BPMN diagram is saved, the entire diagram hierarchy is replaced at the level where the saving is made.<br />
<br />
=== Creating a New Diagram to the Repository ===<br />
A new diagram can be created to the repository as follows:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# Select the diagram under which the new diagram should be created.<br />
# Click '''New Diagram'''.<br />
# Enter the diagram name in the dialog that opens. A duplicate name cannot be created on the same diagram level.<br />
# Click '''Create'''.<br />
After creation, the new diagram is added under the previously selected diagram.<br />
<br />
=== Renaming or Deleting a Diagram from the Repository ===<br />
A diagram can be renamed or deleted from the repository as follows:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# Select the diagram you want to rename or delete.<br />
# Click either '''Rename Diagram''' or '''Delete Diagram'''.<br />
# Depending on the chosen action, give a new name for the diagram and click '''Rename''' or click '''Delete''' in the confirmation dialog.<br />
<br />
=== Reports Selectable in BPMN Diagram ===<br />
There are also following reports available for in-memory models:<br />
* '''Duration distribution between tasks''' (select 2 tasks)<br />
* '''Flow duration distribution''' (select 1 flow)<br />
* '''Task occurrences across time''' (select 1 task)<br />
* '''Task repetition in cases''' (select 1 task)<br />
* You can export the BPMN diagram contents as a flat list by clicking the '''Export all BPMN elements as CSV'''.<br />
* You can export a list of BPMN elements in the order that they appear in the flow by clicking the '''Export element order'''.<br />
<br />
=== KPI's on BPMN Diagram===<br />
The following KPI's are shown:<br />
* '''Cases having task''': Number of cases in the process mining data, that have this task (=event type).<br />
* '''Task occurred''': Number of times this type of event has occurred in the process mining data. This number is the same or larger than the Cases having task count. If it's larger, the event has occurred more than once in a case (looping, repetition).<br />
<br />
Flow has a different meaning in the BPMN diagram than in the traditional process mining diagram. In the process mining diagram, a flow is ''direct'' transition between two events. This means that no other event has occurred between the start and end event of the flow. In the BPMN diagram. Following KPI's for flows are shown for in-memory models (there are no flow KPI's for Snowflake models):<br />
* '''Flow median duration''': Median duration from the task event of the flow to the end event of the flow.<br />
* '''Flow occurred''': Number of times the flow has occurred in all cases. The BPMN flow occurs when in the case there occurs the starting event and that is followed by the end event at any point in the case.<br />
* '''Other events between''': Number of events that has occurred between the starting and ending event in the flow.<br />
<br />
== Design Model Selector ==<br />
In addition to the ''BPMN Editor'', there is also a '''Design Model Selector''' component available, which adds a button to the dashboard for opening an overlay BPMN editor. The Design Model Selector is better when there is no space in the dashboard to show the BPMN model.<br />
<br />
The Design Model Selector validates the BPMN model when the editor is closed, so invalid BPMN models cannot be saved.<br />
<br />
== Conformance Statistics ==<br />
'''Conformance Statistics''' visualization shows an overview of how many cases are conformant and deviating (both as absolute case count and percentage of total cases). In addition, the Conformance Statistics component shown average duration of cases and average number of events per case in both the conformant and deviating cases groups. The used BPMN model is stored in the ''designModel'' variable in the context of the conformance statistics visualization.<br />
<br />
[[Category: QPR ProcessAnalyzer]]</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_BPMN_Editor&diff=28284QPR ProcessAnalyzer BPMN Editor2026-05-06T08:24:13Z<p>TeeHiet: TK-63956</p>
<hr />
<div>This page describes components that are used for editing BPMN models and viewing conformance analysis results. Note that for dashboards that use BPMN and conformance functionality, you need to create a variable '''designModel''' with behavior ''Stored'' (in the ''Dashboard Properties'' in ''Variables'' tab), so that the dashboard is able to store the defined BPMN model. Note also that the BPMN editor only allows to add BPMN elements that are supported by the conformance checking functionality.<br />
<br />
== BPMN Editor ==<br />
The '''BPMN Editor''' analyzes process mining data with the help of a designed BPMN process model. You can for example:<br />
* See process mining KPI's and statistics calculated on the fly top of the BPMN diagram during the modeling the BPMN<br />
* Run conformance analysis using the designed BPMN model<br />
* Filter data directly from the BPMN diagram<br />
<br />
The BPMN diagram can be drawn from scratch, opened from QPR ProcessDesigner repository via QPR MEA Web Service, or imported from a BPMN 2.0 XML file. The ready diagram can be saved to the QPR ProcessDesigner repository or exported to a BPMN 2.0 XML file.<br />
<br />
BPMN diagrams are created by dragging items from the tool palette. Start event, end event, task and gateways are the most used elements. When you add a BPMN task to the canvas, all event types are shown in a list next to the task, and an event type can be selected to match it with the created task. When the task is added, KPI values are calculated and shown in the blue background. When flows are added, KPI values are calculated and shown for them, too. By clicking the KPI in the top right legend, the KPI value is hidden, to make the BPMN diagram more readable if there are lots of items.<br />
<br />
When you select a BPMN task, it suggest to create a filter. In the dropdown list you can select which type of filter is created. When you select a BPMN flow, it also suggest to create a filter.<br />
<br />
You can create a filter to get only the conforming or nonconforming cases based on the current BPMN model by selecting '''Include conforming cases''' or '''Include nonconforming cases''' from the context menu.<br />
<br />
=== Auto-creating BPMN Diagram from Eventlog ===<br />
BPMN editor's context menu has the '''Auto-create diagram''' option which will automatically create and layout a fully conforming BPMN diagram from the filtered eventlog. The created diagram contains paths for all the process variations in the filtered eventlog. The diagram will have one start element and one end element, all the event types appear as BPMN tasks in the diagram. The auto-creation intelligently identifies the types of gateways, using either the exclusive or parallel gateways. Parallel gateways indicate that there are activities occurring simultaneously in the process that are typically independent of each other.<br />
<br />
Eventlogs often contain a large number of process variations, even in smaller datasets. Capturing every variation in a single BPMN diagram can quickly lead to a model that is overly complex and difficult to interpret. A practical approach is to first filter the eventlog to include only the cases that represent the desired variations or process behaviors. Using the variation filter is typically the easiest way to select the process behavior you want to include to the BPMN diagram. You may need to iterate a few times by adjusting filters and regenerating the diagram to arrive at a BPMN model that represents the desired process flow. If the auto-created diagram still does not fully meet your needs, you can always continue refining it manually using the BPMN editor.<br />
<br />
The auto-creation feature is available for the Snowflake models, and it uses the expression language's [[Generic_Functions_in_QPR_ProcessAnalyzer#:~:text=ToBpmn|ToBpmn]] function which generates the BPMN diagram in the Snowflake by calling a Python function powered by the PM4Py library (https://processintelligence.solutions/pm4py). The function is executed in the same Snowflake ODBC connection where the eventlog data is located. To use the auto-creation feature, the required Python libraries need to be deployed to Snowflake as instructed [[Snowflake_Connection_Configuration#Enable_auto-create_BPMN_diagrams|here]].<br />
<br />
=== Adding tasks and flows, and Deleting Diagram ===<br />
There are following functions available:<br />
* '''Add tasks and flows''' will create a BPMN model that is the same as the as-is model. Thus, the as-is model will conform perfectly to the design model. After the tasks and flows are created, you can edit the design model and remove the events and flows that shouldn't occur in the process. Note however, that the amount of flows that is created can easily be overwhelming. To overcome this, you can first filter out those events and flows that shouldn't occur in the desired process and then use the auto-create. After creating the design model, you can remove the filter to check the conformance of the whole model. Note that due to performance reasons, the number of flows in the auto-generated model is limited to 1000.<br />
* '''Add tasks only''' will generate only the tasks without any flows. The result is a model that needs to be filled with flows to be a valid BPMN model.<br />
* '''Delete diagram''' will delete the current diagram and start from an empty canvas.<br />
<br />
=== Opening and Saving a Diagram in the Repository ===<br />
To open a diagram from the repository:<br />
# Click the '''Open diagram from repository''' button on the bottom left of the BPMN Editor. The Open Diagram from Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In the '''Diagrams''' hierarchy, select a BPMN diagram.<br />
# Click '''Open'''.<br />
<br />
To save a diagram to the repository:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In '''Diagrams''' hierarchy, select the target BPMN diagram location.<br />
# Click '''Save'''.<br />
Note that a BPMN diagram may contain an entire diagram hierarchy. When a BPMN diagram is saved, the entire diagram hierarchy is replaced at the level where the saving is made.<br />
<br />
=== Creating a New Diagram to the Repository ===<br />
A new diagram can be created to the repository as follows:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# Select the diagram under which the new diagram should be created.<br />
# Click '''New Diagram'''.<br />
# Enter the diagram name in the dialog that opens. A duplicate name cannot be created on the same diagram level.<br />
# Click '''Create'''.<br />
After creation, the new diagram is added under the previously selected diagram.<br />
<br />
=== Renaming or Deleting a Diagram from the Repository ===<br />
A diagram can be renamed or deleted from the repository as follows:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# Select the diagram you want to rename or delete.<br />
# Click either '''Rename Diagram''' or '''Delete Diagram'''.<br />
# Depending on the chosen action, give a new name for the diagram and click '''Rename''' or click '''Delete''' in the confirmation dialog.<br />
<br />
=== Reports Selectable in BPMN Diagram ===<br />
There are also following reports available for in-memory models:<br />
* '''Duration distribution between tasks''' (select 2 tasks)<br />
* '''Flow duration distribution''' (select 1 flow)<br />
* '''Task occurrences across time''' (select 1 task)<br />
* '''Task repetition in cases''' (select 1 task)<br />
* You can export the BPMN diagram contents as a flat list by clicking the '''Export all BPMN elements as CSV'''.<br />
* You can export a list of BPMN elements in the order that they appear in the flow by clicking the '''Export element order'''.<br />
<br />
=== KPI's on BPMN Diagram===<br />
The following KPI's are shown:<br />
* '''Cases having task''': Number of cases in the process mining data, that have this task (=event type).<br />
* '''Task occurred''': Number of times this type of event has occurred in the process mining data. This number is the same or larger than the Cases having task count. If it's larger, the event has occurred more than once in a case (looping, repetition).<br />
<br />
Flow has a different meaning in the BPMN diagram than in the traditional process mining diagram. In the process mining diagram, a flow is ''direct'' transition between two events. This means that no other event has occurred between the start and end event of the flow. In the BPMN diagram. Following KPI's for flows are shown for in-memory models (there are no flow KPI's for Snowflake models):<br />
* '''Flow median duration''': Median duration from the task event of the flow to the end event of the flow.<br />
* '''Flow occurred''': Number of times the flow has occurred in all cases. The BPMN flow occurs when in the case there occurs the starting event and that is followed by the end event at any point in the case.<br />
* '''Other events between''': Number of events that has occurred between the starting and ending event in the flow.<br />
<br />
== Design Model Selector ==<br />
In addition to the ''BPMN Editor'', there is also a '''Design Model Selector''' component available, which adds a button to the dashboard for opening an overlay BPMN editor. The Design Model Selector is better when there is no space in the dashboard to show the BPMN model.<br />
<br />
The Design Model Selector validates the BPMN model when the editor is closed, so invalid BPMN models cannot be saved.<br />
<br />
== Conformance Statistics ==<br />
'''Conformance Statistics''' visualization shows an overview of how many cases are conformant and deviating (both as absolute case count and percentage of total cases). In addition, the Conformance Statistics component shown average duration of cases and average number of events per case in both the conformant and deviating cases groups. The used BPMN model is stored in the ''designModel'' variable in the context of the conformance statistics visualization.<br />
<br />
[[Category: QPR ProcessAnalyzer]]</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_BPMN_Editor&diff=28283QPR ProcessAnalyzer BPMN Editor2026-05-06T08:17:58Z<p>TeeHiet: TK-63956</p>
<hr />
<div>This page describes components that are used for editing BPMN models and viewing conformance analysis results. Note that for dashboards that use BPMN and conformance functionality, you need to create a variable '''designModel''' with behavior ''Stored'' (in the ''Dashboard Properties'' in ''Variables'' tab), so that the dashboard is able to store the defined BPMN model. Note also that the BPMN editor only allows to add BPMN elements that are supported by the conformance checking functionality.<br />
<br />
== BPMN Editor ==<br />
The '''BPMN Editor''' analyzes process mining data with the help of a designed BPMN process model. You can for example:<br />
* See process mining KPI's and statistics calculated on the fly top of the BPMN diagram during the modeling the BPMN<br />
* Run conformance analysis using the designed BPMN model<br />
* Filter data directly from the BPMN diagram<br />
<br />
The BPMN diagram can be drawn from scratch, opened from QPR ProcessDesigner repository via QPR MEA Web Service, or imported from a BPMN 2.0 XML file. The ready diagram can be saved to the QPR ProcessDesigner repository or exported to a BPMN 2.0 XML file.<br />
<br />
BPMN diagrams are created by dragging items from the tool palette. Start event, end event, task and gateways are the most used elements. When you add a BPMN task to the canvas, all event types are shown in a list next to the task, and an event type can be selected to match it with the created task. When the task is added, KPI values are calculated and shown in the blue background. When flows are added, KPI values are calculated and shown for them, too. By clicking the KPI in the top right legend, the KPI value is hidden, to make the BPMN diagram more readable if there are lots of items.<br />
<br />
When you select a BPMN task, it suggest to create a filter. In the dropdown list you can select which type of filter is created. When you select a BPMN flow, it also suggest to create a filter.<br />
<br />
You can create a filter to get only the conforming or nonconforming cases based on the current BPMN model by selecting '''Include conforming cases''' or '''Include nonconforming cases''' from the context menu.<br />
<br />
=== Auto-creating BPMN Diagram from Eventlog ===<br />
BPMN editor's context menu has the '''Auto-create diagram''' option which will automatically create and layout a fully conforming BPMN diagram from the filtered eventlog. The created diagram contains paths for all the process variations in the filtered eventlog. The diagram will have one start element and one end element, all the event types appear as BPMN tasks in the diagram. The auto-creation intelligently identifies the types of gateways, using either the exclusive or parallel gateways. Parallel gateways indicate that there are activities occurring simultaneously in the process that are typically independent of each other.<br />
<br />
Eventlogs often contain a large number of process variations, even in smaller datasets. Capturing every variation in a single BPMN diagram can quickly lead to a model that is overly complex and difficult to interpret. A practical approach is to first filter the eventlog to include only the cases that represent the desired variations or process behaviors. Using the variation filter is typically the easiest way to select the process behavior you want to include to the BPMN diagram. You may need to iterate a few times by adjusting filters and regenerating the diagram to arrive at a BPMN model that represents the desired process flow. If the auto-created diagram still does not fully meet your needs, you can always continue refining it manually using the BPMN editor.<br />
<br />
The auto-creation feature is available for the Snowflake models, and it uses the expression language's [[Generic_Functions_in_QPR_ProcessAnalyzer#:~:text=ToBpmn|ToBpmn]] function which generates the BPMN diagram in the Snowflake by calling a Python function powered by the PM4Py library (https://processintelligence.solutions/pm4py). The function is executed in the same Snowflake ODBC connection where the eventlog data is located. To use the auto-creation feature, the required Python libraries need to be deployed to Snowflake as instructed [[Snowflake_Connection_Configuration#Enable_auto-create_BPMN_diagrams|here]].<br />
<br />
=== Adding tasks and flows, and Deleting Diagram ===<br />
There are following functions available:<br />
* '''Add tasks and flows''' will create a BPMN model that is the same as the as-is model. Thus, the as-is model will conform perfectly to the design model. After the tasks and flows are created, you can edit the design model and remove the events and flows that shouldn't occur in the process. Note however, that the amount of flows that is created can easily be overwhelming. To overcome this, you can first filter out those events and flows that shouldn't occur in the desired process and then use the auto-create. After creating the design model, you can remove the filter to check the conformance of the whole model. Note that due to performance reasons, the number of flows in the auto-generated model is limited to 1000.<br />
* '''Add tasks only''' will generate only the tasks without any flows. The result is a model that needs to be filled with flows to be a valid BPMN model.<br />
* '''Delete diagram''' will delete the current diagram and start from an empty canvas.<br />
<br />
=== Opening and Saving a Diagram in the Repository ===<br />
To open a diagram from the repository:<br />
# Click the '''Open diagram from repository''' button on the bottom left of the BPMN Editor. The Open Diagram from Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In the '''Diagrams''' hierarchy, select a BPMN diagram.<br />
# Click '''Open'''.<br />
<br><br />
To save a diagram to the repository:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In '''Diagrams''' hierarchy, select the target BPMN diagram location.<br />
# Click '''Save'''.<br />
Note that a BPMN diagram may contain an entire diagram hierarchy. When a BPMN diagram is saved, the entire diagram hierarchy is replaced at the level where the saving is made.<br />
<br />
=== Creating a New Diagram to the Repository ===<br />
A new diagram can be created to the repository as follows:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# Select the diagram under which the new diagram should be created.<br />
# Click '''New Diagram'''.<br />
# Enter the diagram name in the dialog that opens. A duplicate name cannot be created on the same diagram level.<br />
# Click '''Create'''.<br />
After creation, the new diagram is added under the previously selected diagram.<br />
<br />
=== Renaming or Deleting a Diagram from the Repository ===<br />
A diagram can be renamed or deleted from the repository as follows:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# Select the diagram you want to rename or delete.<br />
# Click either '''Rename Diagram''' or '''Delete Diagram'''.<br />
# Depending on the chosen action, give a new name for the diagram and click '''Rename''' or click '''Delete''' in the confirmation dialog.<br />
<br />
=== Reports Selectable in BPMN Diagram ===<br />
There are also following reports available for in-memory models:<br />
* '''Duration distribution between tasks''' (select 2 tasks)<br />
* '''Flow duration distribution''' (select 1 flow)<br />
* '''Task occurrences across time''' (select 1 task)<br />
* '''Task repetition in cases''' (select 1 task)<br />
* You can export the BPMN diagram contents as a flat list by clicking the '''Export all BPMN elements as CSV'''.<br />
* You can export a list of BPMN elements in the order that they appear in the flow by clicking the '''Export element order'''.<br />
<br />
=== KPI's on BPMN Diagram===<br />
The following KPI's are shown:<br />
* '''Cases having task''': Number of cases in the process mining data, that have this task (=event type).<br />
* '''Task occurred''': Number of times this type of event has occurred in the process mining data. This number is the same or larger than the Cases having task count. If it's larger, the event has occurred more than once in a case (looping, repetition).<br />
<br />
Flow has a different meaning in the BPMN diagram than in the traditional process mining diagram. In the process mining diagram, a flow is ''direct'' transition between two events. This means that no other event has occurred between the start and end event of the flow. In the BPMN diagram. Following KPI's for flows are shown for in-memory models (there are no flow KPI's for Snowflake models):<br />
* '''Flow median duration''': Median duration from the task event of the flow to the end event of the flow.<br />
* '''Flow occurred''': Number of times the flow has occurred in all cases. The BPMN flow occurs when in the case there occurs the starting event and that is followed by the end event at any point in the case.<br />
* '''Other events between''': Number of events that has occurred between the starting and ending event in the flow.<br />
<br />
== Design Model Selector ==<br />
In addition to the ''BPMN Editor'', there is also a '''Design Model Selector''' component available, which adds a button to the dashboard for opening an overlay BPMN editor. The Design Model Selector is better when there is no space in the dashboard to show the BPMN model.<br />
<br />
The Design Model Selector validates the BPMN model when the editor is closed, so invalid BPMN models cannot be saved.<br />
<br />
== Conformance Statistics ==<br />
'''Conformance Statistics''' visualization shows an overview of how many cases are conformant and deviating (both as absolute case count and percentage of total cases). In addition, the Conformance Statistics component shown average duration of cases and average number of events per case in both the conformant and deviating cases groups. The used BPMN model is stored in the ''designModel'' variable in the context of the conformance statistics visualization.<br />
<br />
[[Category: QPR ProcessAnalyzer]]</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_BPMN_Editor&diff=28282QPR ProcessAnalyzer BPMN Editor2026-05-06T08:12:48Z<p>TeeHiet: TK-63956</p>
<hr />
<div>This page describes components that are used for editing BPMN models and viewing conformance analysis results. Note that for dashboards that use BPMN and conformance functionality, you need to create a variable '''designModel''' with behavior ''Stored'' (in the ''Dashboard Properties'' in ''Variables'' tab), so that the dashboard is able to store the defined BPMN model. Note also that the BPMN editor only allows to add BPMN elements that are supported by the conformance checking functionality.<br />
<br />
== BPMN Editor ==<br />
The '''BPMN Editor''' analyzes process mining data with the help of a designed BPMN process model. You can for example:<br />
* See process mining KPI's and statistics calculated on the fly top of the BPMN diagram during the modeling the BPMN<br />
* Run conformance analysis using the designed BPMN model<br />
* Filter data directly from the BPMN diagram<br />
<br />
The BPMN diagram can be drawn from scratch, opened from QPR ProcessDesigner repository via QPR MEA Web Service, or imported from a BPMN 2.0 XML file. The ready diagram can be saved to the QPR ProcessDesigner repository or exported to a BPMN 2.0 XML file.<br />
<br />
BPMN diagrams are created by dragging items from the tool palette. Start event, end event, task and gateways are the most used elements. When you add a BPMN task to the canvas, all event types are shown in a list next to the task, and an event type can be selected to match it with the created task. When the task is added, KPI values are calculated and shown in the blue background. When flows are added, KPI values are calculated and shown for them, too. By clicking the KPI in the top right legend, the KPI value is hidden, to make the BPMN diagram more readable if there are lots of items.<br />
<br />
When you select a BPMN task, it suggest to create a filter. In the dropdown list you can select which type of filter is created. When you select a BPMN flow, it also suggest to create a filter.<br />
<br />
You can create a filter to get only the conforming or nonconforming cases based on the current BPMN model by selecting '''Include conforming cases''' or '''Include nonconforming cases''' from the context menu.<br />
<br />
=== Auto-creating BPMN Diagram from Eventlog ===<br />
BPMN editor's context menu has the '''Auto-create diagram''' option which will automatically create and layout a fully conforming BPMN diagram from the filtered eventlog. The created diagram contains paths for all the process variations in the filtered eventlog. The diagram will have one start element and one end element, all the event types appear as BPMN tasks in the diagram. The auto-creation intelligently identifies the types of gateways, using either the exclusive or parallel gateways. Parallel gateways indicate that there are activities occurring simultaneously in the process that are typically independent of each other.<br />
<br />
Eventlogs often contain a large number of process variations, even in smaller datasets. Capturing every variation in a single BPMN diagram can quickly lead to a model that is overly complex and difficult to interpret. A practical approach is to first filter the eventlog to include only the cases that represent the desired variations or process behaviors. Using the variation filter is typically the easiest way to select the process behavior you want to include to the BPMN diagram. You may need to iterate a few times by adjusting filters and regenerating the diagram to arrive at a BPMN model that represents the desired process flow. If the auto-created diagram still does not fully meet your needs, you can always continue refining it manually using the BPMN editor.<br />
<br />
The auto-creation feature is available for the Snowflake models, and it uses the expression language's [[Generic_Functions_in_QPR_ProcessAnalyzer#:~:text=ToBpmn|ToBpmn]] function which generates the BPMN diagram in the Snowflake by calling a Python function powered by the PM4Py library (https://processintelligence.solutions/pm4py). The function is executed in the same Snowflake ODBC connection where the eventlog data is located. To use the auto-creation feature, the required Python libraries need to be deployed to Snowflake as instructed [[Snowflake_Connection_Configuration#Enable_auto-create_BPMN_diagrams|here]].<br />
<br />
=== Adding tasks and flows, and Deleting Diagram ===<br />
There are following functions available:<br />
* '''Add tasks and flows''' will create a BPMN model that is the same as the as-is model. Thus, the as-is model will conform perfectly to the design model. After the tasks and flows are created, you can edit the design model and remove the events and flows that shouldn't occur in the process. Note however, that the amount of flows that is created can easily be overwhelming. To overcome this, you can first filter out those events and flows that shouldn't occur in the desired process and then use the auto-create. After creating the design model, you can remove the filter to check the conformance of the whole model. Note that due to performance reasons, the number of flows in the auto-generated model is limited to 1000.<br />
* '''Add tasks only''' will generate only the tasks without any flows. The result is a model that needs to be filled with flows to be a valid BPMN model.<br />
* '''Delete diagram''' will delete the current diagram and start from an empty canvas.<br />
<br />
=== Opening and Saving a Diagram in the Repository ===<br />
To open a diagram from the repository:<br />
# Click the '''Open diagram from repository''' button on the bottom left of the BPMN Editor. The Open Diagram from Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In the '''Diagrams''' hierarchy, select a BPMN diagram.<br />
# Click '''Open'''.<br />
<br><br />
To save a diagram to the repository:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# In the '''Process Models''' hierarchy, select a BPMN model.<br />
# In '''Diagrams''' hierarchy, select the target BPMN diagram location.<br />
# Click '''Save'''.<br />
Note that a BPMN diagram may contain an entire diagram hierarchy. When a BPMN diagram is saved, the entire diagram hierarchy is replaced at the level where the saving is made.<br />
<br />
=== Creating a New Diagram to the Repository ===<br />
A new diagram can be created to the repository as follows:<br />
# Click the '''Save diagram to repository''' button on the bottom left of the BPMN Editor. The Save Diagram to Repository dialog will open.<br />
# Select the diagram under which the new diagram should be created.<br />
# Click '''New Diagram'''.<br />
# Enter the diagram name in the dialog that opens. A duplicate name cannot be created on the same diagram level.<br />
# Click '''Create'''.<br />
After creation, the new diagram is added under the previously selected diagram.<br />
<br />
=== Reports Selectable in BPMN Diagram ===<br />
There are also following reports available for in-memory models:<br />
* '''Duration distribution between tasks''' (select 2 tasks)<br />
* '''Flow duration distribution''' (select 1 flow)<br />
* '''Task occurrences across time''' (select 1 task)<br />
* '''Task repetition in cases''' (select 1 task)<br />
* You can export the BPMN diagram contents as a flat list by clicking the '''Export all BPMN elements as CSV'''.<br />
* You can export a list of BPMN elements in the order that they appear in the flow by clicking the '''Export element order'''.<br />
<br />
=== KPI's on BPMN Diagram===<br />
The following KPI's are shown:<br />
* '''Cases having task''': Number of cases in the process mining data, that have this task (=event type).<br />
* '''Task occurred''': Number of times this type of event has occurred in the process mining data. This number is the same or larger than the Cases having task count. If it's larger, the event has occurred more than once in a case (looping, repetition).<br />
<br />
Flow has a different meaning in the BPMN diagram than in the traditional process mining diagram. In the process mining diagram, a flow is ''direct'' transition between two events. This means that no other event has occurred between the start and end event of the flow. In the BPMN diagram. Following KPI's for flows are shown for in-memory models (there are no flow KPI's for Snowflake models):<br />
* '''Flow median duration''': Median duration from the task event of the flow to the end event of the flow.<br />
* '''Flow occurred''': Number of times the flow has occurred in all cases. The BPMN flow occurs when in the case there occurs the starting event and that is followed by the end event at any point in the case.<br />
* '''Other events between''': Number of events that has occurred between the starting and ending event in the flow.<br />
<br />
== Design Model Selector ==<br />
In addition to the ''BPMN Editor'', there is also a '''Design Model Selector''' component available, which adds a button to the dashboard for opening an overlay BPMN editor. The Design Model Selector is better when there is no space in the dashboard to show the BPMN model.<br />
<br />
The Design Model Selector validates the BPMN model when the editor is closed, so invalid BPMN models cannot be saved.<br />
<br />
== Conformance Statistics ==<br />
'''Conformance Statistics''' visualization shows an overview of how many cases are conformant and deviating (both as absolute case count and percentage of total cases). In addition, the Conformance Statistics component shown average duration of cases and average number of events per case in both the conformant and deviating cases groups. The used BPMN model is stored in the ''designModel'' variable in the context of the conformance statistics visualization.<br />
<br />
[[Category: QPR ProcessAnalyzer]]</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_BPMN_Editor&diff=28281QPR ProcessAnalyzer BPMN Editor2026-05-06T07:13:29Z<p>TeeHiet: TK-63956</p>
<hr />
<div>This page describes components that are used for editing BPMN models and viewing conformance analysis results. Note that for dashboards that use BPMN and conformance functionality, you need to create a variable '''designModel''' with behavior ''Stored'' (in the ''Dashboard Properties'' in ''Variables'' tab), so that the dashboard is able to store the defined BPMN model. Note also that the BPMN editor only allows to add BPMN elements that are supported by the conformance checking functionality.<br />
<br />
== BPMN Editor ==<br />
The '''BPMN Editor''' analyzes process mining data with the help of a designed BPMN process model. You can for example:<br />
* See process mining KPI's and statistics calculated on the fly top of the BPMN diagram during the modeling the BPMN<br />
* Run conformance analysis using the designed BPMN model<br />
* Filter data directly from the BPMN diagram<br />
<br />
The BPMN diagram can be drawn from scratch, opened from QPR ProcessDesigner repository via QPR MEA Web Service, or imported from a BPMN 2.0 XML file. The ready diagram can be saved to the QPR ProcessDesigner repository or exported to a BPMN 2.0 XML file.<br />
<br />
BPMN diagrams are created by dragging items from the tool palette. Start event, end event, task and gateways are the most used elements. When you add a BPMN task to the canvas, all event types are shown in a list next to the task, and an event type can be selected to match it with the created task. When the task is added, KPI values are calculated and shown in the blue background. When flows are added, KPI values are calculated and shown for them, too. By clicking the KPI in the top right legend, the KPI value is hidden, to make the BPMN diagram more readable if there are lots of items.<br />
<br />
When you select a BPMN task, it suggest to create a filter. In the dropdown list you can select which type of filter is created. When you select a BPMN flow, it also suggest to create a filter.<br />
<br />
You can create a filter to get only the conforming or nonconforming cases based on the current BPMN model by selecting '''Include conforming cases''' or '''Include nonconforming cases''' from the context menu.<br />
<br />
=== Auto-creating BPMN Diagram from Eventlog ===<br />
BPMN editor's context menu has the '''Auto-create diagram''' option which will automatically create and layout a fully conforming BPMN diagram from the filtered eventlog. The created diagram contains paths for all the process variations in the filtered eventlog. The diagram will have one start element and one end element, all the event types appear as BPMN tasks in the diagram. The auto-creation intelligently identifies the types of gateways, using either the exclusive or parallel gateways. Parallel gateways indicate that there are activities occurring simultaneously in the process that are typically independent of each other.<br />
<br />
Eventlogs often contain a large number of process variations, even in smaller datasets. Capturing every variation in a single BPMN diagram can quickly lead to a model that is overly complex and difficult to interpret. A practical approach is to first filter the eventlog to include only the cases that represent the desired variations or process behaviors. Using the variation filter is typically the easiest way to select the process behavior you want to include to the BPMN diagram. You may need to iterate a few times by adjusting filters and regenerating the diagram to arrive at a BPMN model that represents the desired process flow. If the auto-created diagram still does not fully meet your needs, you can always continue refining it manually using the BPMN editor.<br />
<br />
The auto-creation feature is available for the Snowflake models, and it uses the expression language's [[Generic_Functions_in_QPR_ProcessAnalyzer#:~:text=ToBpmn|ToBpmn]] function which generates the BPMN diagram in the Snowflake by calling a Python function powered by the PM4Py library (https://processintelligence.solutions/pm4py). The function is executed in the same Snowflake ODBC connection where the eventlog data is located. To use the auto-creation feature, the required Python libraries need to be deployed to Snowflake as instructed [[Snowflake_Connection_Configuration#Enable_auto-create_BPMN_diagrams|here]].<br />
<br />
=== Adding tasks and flows, and Deleting Diagram ===<br />
There are following functions available:<br />
* '''Add tasks and flows''' will create a BPMN model that is the same as the as-is model. Thus, the as-is model will conform perfectly to the design model. After the tasks and flows are created, you can edit the design model and remove the events and flows that shouldn't occur in the process. Note however, that the amount of flows that is created can easily be overwhelming. To overcome this, you can first filter out those events and flows that shouldn't occur in the desired process and then use the auto-create. After creating the design model, you can remove the filter to check the conformance of the whole model. Note that due to performance reasons, the number of flows in the auto-generated model is limited to 1000.<br />
* '''Add tasks only''' will generate only the tasks without any flows. The result is a model that needs to be filled with flows to be a valid BPMN model.<br />
* '''Delete diagram''' will delete the current diagram and start from an empty canvas.<br />
<br />
=== Reports Selectable in BPMN Diagram ===<br />
There are also following reports available for in-memory models:<br />
* '''Duration distribution between tasks''' (select 2 tasks)<br />
* '''Flow duration distribution''' (select 1 flow)<br />
* '''Task occurrences across time''' (select 1 task)<br />
* '''Task repetition in cases''' (select 1 task)<br />
* You can export the BPMN diagram contents as a flat list by clicking the '''Export all BPMN elements as CSV'''.<br />
* You can export a list of BPMN elements in the order that they appear in the flow by clicking the '''Export element order'''.<br />
<br />
=== KPI's on BPMN Diagram===<br />
The following KPI's are shown:<br />
* '''Cases having task''': Number of cases in the process mining data, that have this task (=event type).<br />
* '''Task occurred''': Number of times this type of event has occurred in the process mining data. This number is the same or larger than the Cases having task count. If it's larger, the event has occurred more than once in a case (looping, repetition).<br />
<br />
Flow has a different meaning in the BPMN diagram than in the traditional process mining diagram. In the process mining diagram, a flow is ''direct'' transition between two events. This means that no other event has occurred between the start and end event of the flow. In the BPMN diagram. Following KPI's for flows are shown for in-memory models (there are no flow KPI's for Snowflake models):<br />
* '''Flow median duration''': Median duration from the task event of the flow to the end event of the flow.<br />
* '''Flow occurred''': Number of times the flow has occurred in all cases. The BPMN flow occurs when in the case there occurs the starting event and that is followed by the end event at any point in the case.<br />
* '''Other events between''': Number of events that has occurred between the starting and ending event in the flow.<br />
<br />
== Design Model Selector ==<br />
In addition to the ''BPMN Editor'', there is also a '''Design Model Selector''' component available, which adds a button to the dashboard for opening an overlay BPMN editor. The Design Model Selector is better when there is no space in the dashboard to show the BPMN model.<br />
<br />
The Design Model Selector validates the BPMN model when the editor is closed, so invalid BPMN models cannot be saved.<br />
<br />
== Conformance Statistics ==<br />
'''Conformance Statistics''' visualization shows an overview of how many cases are conformant and deviating (both as absolute case count and percentage of total cases). In addition, the Conformance Statistics component shown average duration of cases and average number of events per case in both the conformant and deviating cases groups. The used BPMN model is stored in the ''designModel'' variable in the context of the conformance statistics visualization.<br />
<br />
[[Category: QPR ProcessAnalyzer]]</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=PA_Configuration_database_table&diff=28221PA Configuration database table2026-04-28T12:05:17Z<p>TeeHiet: TK-64494</p>
<hr />
<div>QPR ProcessAnalyzer database has a configuration table '''PA_Configuration''' containing settings listed in the tables below. You need '''SQL Server Management Studio''' to edit the settings in the configuration table. QPR ProcessAnalyzer Server needs to be restarted (e.g. IIS application pool recycled) for the changes to take effect.<br />
<br />
For boolean values, ''true'' and ''1'' are valid values for yes, and ''false'' and ''0'' are valid for no.<br />
<br />
== General Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultDataSource<br />
||<br />
||Datasource where datatables data is stored when datatables are created by a script when the datasource is not explicitly specified in the script. Options are '''Snowflake''' and '''SqlServer'''. Value ''snowflake'' can be used when the ''SnowflakeConnectionString'' setting is defined, and value ''sqlserver'' can be used when the setting ''SqlServerConnectionString'' is configured. The setting can be changed without affecting the existing datatables, as the setting only affect new datatables. When this setting is empty, datatables are created in the metadata database.<br />
|-<br />
||SnowflakeConnectionString<br />
||<br />
||ODBC connection string for the Snowflake account. This setting is needed to make analytics calculations in the Snowflake. More information how to configure the [[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]]. The Snowflake ODBC driver also needs to be installed in the machine running the QPR ProcessAnalyzer Server. When this setting has been configured, users can create Snowflake stored datatables and models using Snowflake calculation.<br />
<br />
When running QPR ProcessAnalyzer in the Snowpark Container Services, leave the SnowflakeConnectionString empty because then the connection string is created automatically using the method provided by the Snowpark Container Services.<br />
|-<br />
||SqlServerConnectionString<br />
||<br />
||Connection string for the SQL Server database containing the datatables data. It's recommended to use a separate database, but it's also possible to connect to the same database as the configuration data. If this setting is not configured, local datatables cannot be created (SQL Server stored). Existing datatables located in the configuration datatabase still work even if this setting has not be configured. Note that the connection uses ADO.Net (not ODBC), so the connection string is similar to the configuration database ([[Server_settings_in_appsettings.json|appsettings.json]] file).<br />
|-<br />
||DefaultColorPalette<br />
||<br />
||Charts color palette used globally in the environment. Defined as a json array of strings encoded with RGB hex (with or without alpha). Note that when a color palette in a chart has been changed, the chart starts using a chart-specific color palette, and the global color palette doesn't affect those charts. <br />
<br />
Example: ["#1F77B4", "#FF7F0E", "#2CA02C", "#D62728", "#9467BD", "#8C564B", "#E377C2", "#7F7F7F", "#BCBD22", "#17BECF"]<br />
|-<br />
||OpenAIAPIKey<br />
||<br />
||API key for the OpenAI API (https://platform.openai.com/docs/api-reference). It needs to be configured to use the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function.<br />
|-<br />
||OpenAIDefaultModelName<br />
||gpt-4o<br />
||OpenAI large language model (LLM) to use for the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function. If not defined, '''gpt-4o''' will be used. Note that only LLM's that support the function calling feature, are suitable for the AI Assistant. More information about OpenAI models: https://platform.openai.com/docs/models.<br />
|-<br />
||DefaultCortexAgentsModelName<br />
||llama3.1-70b<br />
||Specifies the default language model when using Snowflake Cortex Agents (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). If not defined, '''llama3.1-70b''' is used.<br />
|-<br />
||<span id="QueryTimeout">QueryTimeout</span><br />
||300<br />
||Timeout (in seconds) for requests made to /api/expression/query and /api/expression endpoints. When the timeout is exceeded, the query is stopped and a timeout error is returned. Purpose of the timeout is to protect the system against potentially too long running or even never-ending queries which might otherwise jam the system.<br />
|-<br />
||SessionIdleTimeout<br />
||3600<br />
||Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time.<br />
|-<br />
||SessionMaximumDuration<br />
||86400<br />
||Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.<br />
|-<br />
|DatabaseId<br />
|<br />
||Unique identifier for the QPR ProcessAnalyzer environment. Any characters between a-z, A-Z, 0-9 and _ (underscore) can be used in the DatabaseId. If the DatabaseId is missing or set to null, the system will generate a new GUID during startup and use it as the DatabaseId. The DatabaseId can also be an empty string. If using several QPR ProcessAnalyzer environments, make sure each use a different DatabaseId. The DatabaseId is used as part of the table names in Snowflake and SQL Server (in the datatables database). Thus if the DatabaseId is changed, all tables in Snowflake and SQL Server named with qprpa_dt_<DatabaseId>_<DatatableId> need to be renamed.<br />
|-<br />
||<span id="CacheOnlyPrimaryKeysForFilters">CacheOnlyPrimaryKeysForFilters</span><br />
||false<br />
||Defines whether to include all columns in the Snowflake event cache filter tables (''false''), or only the primary key columns (''true''). When ''false'', cache table creation is slower, but the analysis calculation is faster because the original event table is not used anymore. When ''false'', also the cache tables require more storage space in Snowflake.<br />
|}<br />
<br />
== Localization Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultUiLanguage<br />
||en_US<br />
||Language code for the UI language that new user accounts get by default. Thus, a created user account has this language until the user changes her/his language. Also the login page is translated using this language when QPR ProcessAnalyzer is used for the first time in that web browser (when user has changed the language, it's remembered by the browser). This setting must be one of the supported language codes (xx_XX):<br />
* English: '''en_US'''<br />
* Finnish: '''fi_FI'''<br />
* French: '''fr_FR'''<br />
* German: '''de_DE'''<br />
* Polish: '''pl_PL'''<br />
* Portuguese: '''pt_BR'''<br />
* Spanish: '''es_ES'''<br />
* Swedish: '''sv_SE'''<br />
* Ukrainian: '''uk_UK'''<br />
|-<br />
||DefaultDateFormat<br />
||MM/dd/yyyy<br />
||Default date format that new user accounts get by default. The date format does not contain the time part (e.g. hours, minutes and seconds). Defined using the .Net date format (https://docs.microsoft.com/en-us/dotnet/standard/base-types/custom-date-and-time-format-strings).<br />
|-<br />
||DefaultFirstDayOfWeek<br />
||0<br />
||Default first day of the week that new user accounts get by default. '''0''' is Sunday and '''1''' is Monday. This information is used by the UI when showing e.g. calendars.<br />
|-<br />
||DefaultUse12HourClock<br />
||false<br />
||Defines whether the 12-hour clock is used by default (instead of the 24-hour clock) for the new user accounts when showing time information in the UI. Defined as '''true''' or '''false'''. More information about the 12-hour clock: https://en.wikipedia.org/wiki/12-hour_clock.<br />
|-<br />
|}<br />
<br />
== ETL Scripts Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||AllowExternalDatasources<br />
||true<br />
||Can be used to disallow all connections to external datasources in the expression language and SQL scripts to improve security. Disallowed operations include ODBC, OLE DB, SQL Server (Ado.Net), SAP, Salesforce, and call web service. Note that this setting does not prevent the Snowflake processing. Regardless of this setting, QPR ScriptLauncher can be used to extract data from source systems.<br />
|-<br />
||SandboxDatabaseConnectionString<br />
||<br />
||Connection string to scripting sandbox database (ETL). If not defined, SQL-based ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the [[Server_settings_in_appsettings.json|QPR ProcessAnalyzer database connection string]]. More information: [[Setting up Scripting Sandbox]].<br />
|-<br />
||AllowNonTemporaryETLTargetTable<br />
||false<br />
||Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##). More information about temporary tables: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-table-transact-sql?view=sql-server-ver15#temporary-tables.<br />
|-<br />
||DatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to datatables.<br />
|-<br />
|SandboxDatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to sandbox tables in the SQL scripts.<br />
|-<br />
||<span style="color:lightgrey;">DatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.<br />
|-<br />
||<span style="color:lightgrey;">SandboxDatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for sandbox SqlBulkCopy operations.<br />
|}<br />
<br />
== MCP and OAuth Server Settings ==<br />
MCP server settings are needed for QPR ProcessAnalyzer to act as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP server]].<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||McpServerConfiguration<br />
||Used to configure the MCP server built-in to ProcessAnalyzer server. If not set, MCP server functionality is disabled and MCP clients can't access to this server using MCP. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''McpApiKey''' (string): If defined and not empty, defines the API key that can be used to connect to QPR ProcessAnalyzer MCP server without any other authentication. Default value is empty.<br><br />
Example value when using API Key authentication:<br />
<pre><br />
{ "McpApiKey": "xnTqr@Hd87JcuCmQZbjUHfwD@" }<br />
</pre><br />
Example value when using OAuth 2.0 authentication:<br />
<pre><br />
{ "McpApiKey": null }<br />
</pre><br />
Note that when using OAuth 2.0 authentication the BuiltInOAuthServerConfiguration (see below) needs to be defined with an AcceptedAudiences value other than the default.<br />
|-<br />
||BuiltInOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for OAuth server built-in to ProcessAnalyzer server. If not set, built-in OAuth server functionality is disabled and clients can't connect to this server using OAuth. If set, contains a string representation of a JSON object that supports the following properties: <br />
* '''Issuer''' (string): OAuth issuer, which identifies a trusted authorization server that authenticates users and issues OAuth 2.0 access tokens and JSON Web Tokens (JWTs). If not defined or empty, default value is used, which is of format: <QPR ProcessAnalyzer server's base URL>/builtin-oauth. For example: https://example.com/builtin-oauth. The default value is empty.<br />
* '''AcceptedAudiences''' (array of strings): Array of strings that define all the accepted audiences this QPR ProcessAnalyzer server is serving. When authorizing user using OAuth, these values are matched with the audience-parameter (a.k.a. client id) of the authorization. Only requests with a value that matches a value in this array are accepted. If null, audience-parameters are not validated at all. Instead, all authorization requests will pass the audience validation check. This also enables [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. The default value is an empty array.<br />
* '''SigningKey''' (string): Signing key for the built-in OAuth identity provider. If empty, generates a non-deterministic key based on the physical system where QPR ProcessAnalyzer is running. NOTE: Once QPR ProcessAnalyzer server is restarted, these non-deterministic keys no longer work. If defined, string must contain the key either in PEM ([https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsa.importfrompem?view=net-10.0 RFC 7468 PEM-encoded key]) or JSON ([https://datatracker.ietf.org/doc/html/rfc7517 RFC 7517]) format. The default value is empty.<br />
* '''TokenLifetimeSeconds''' (integer): Token lifetime in seconds for the built-in OAuth identity provider. After access token created by built-in gets older than this lifetime, it becomes unusable and a new token has to be created. The default value is 3600.<br />
* '''RefreshTokenLifetimeSeconds''' (integer): Refresh token lifetime in seconds for the built-in OAuth identity provider. After a refresh token gets older than this lifetime, it becomes unusable and the user has to authenticate again. The default value is 2592000 (30 days).<br />
* '''DisableExternalOAuthForwarding''' (boolean): Can be used to disable forwarding OAuth requests to any configured external OAuth authorization server or SAML identity provider. If set, a QPR ProcessAnalyzer's own login view functionality is always used when authorizing a user. The default value is false.<br />
* '''ClientCredentials''' (array of objects): List of confidential client registrations for the ''client_credentials'' grant type. Each entry maps a client application (identified by ''ClientId'' and ''ClientSecret'') to a ProcessAnalyzer user, enabling machine-to-machine authentication without interactive login. If not defined or empty, the ''client_credentials'' grant type is not available. Each object in the array supports the following properties:<br />
** '''ClientId''' (string): The unique client identifier used in the ''client_id'' parameter of the token request.<br />
** '''ClientSecret''' (string): The client secret used to authenticate the client in the ''client_secret'' parameter of the token request. Also supports HTTP Basic authentication (''Authorization: Basic base64(client_id:client_secret)'').<br />
** '''MappedUserLoginName''' (string): The login name of the ProcessAnalyzer user this client acts as. The issued access token will represent this user and carry their identity and permissions. The user must exist and be active in ProcessAnalyzer.<br />
** '''Description''' (string): Optional human-readable description for this client registration.<br />
Example ClientCredentials definition:<br />
<pre><br />
"ClientCredentials": [<br />
{<br />
"ClientId": "my-backend-service",<br />
"ClientSecret": "a-secure-random-secret",<br />
"MappedUserLoginName": "service-account",<br />
"Description": "Backend integration service"<br />
}<br />
]<br />
</pre><br />
<br />
Example BuiltInOAuthServerConfiguration configuration:<br><br />
<pre><br />
{<br />
"Issuer": "",<br />
"AcceptedAudiences": ["qpr-processanalyzer"],<br />
"SigningKey": "",<br />
"TokenLifetime": 3600<br />
}<br />
</pre><br />
|}<br />
<br />
== In-memory Calculation Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||NumberOfParallelModelReaders<br />
||4<br />
||Models and datatable contents can be loaded with multiple simultaneous connections to the database to speed up the loading. This setting determines how many parallel loaders/readers at maximum (loaders are loading at the same time). For smaller models there are less parallel loaders than the defined limit: If there are less than 100000 rows in the table, there is only one loader. If there are less than 200000 rows in the table, there are only two loaders, and so on. <br />
<br />
The more there are parallel loaders, the more processor load and network bandwidth is consumed, and other operations in QPR ProcessAnalyzer might slow down. Note also that the performance optimum is achieved with a certain number of parallel loaders which differs between environment. Thus to achieve the best performance, data loading should be tested with different number of parallel loaders. Increasing number of parallel loaders beyond the optimum decreases the performance.<br />
<br />
|-<br />
||StartupModelLoadingMaxParallelism<br />
||2<br />
||Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the [[Automatic_Model_Loading_on_Server_Startup|Automatic Loading on Server Startup]]. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, '''2''' is used as a default value.<br />
<br />
Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server. <br />
<br />
This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.<br />
|}<br />
<br />
== SAML 2.0 Federated Authentication Settings ==<br />
Note that the SAMLMetadataUrl and ServiceProviderLocation are mandatory for the federated authentication to work. Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SAMLMetadataUrl<br />
||<br />
Metadata URL of the identity provider (IdP). Check that the metadata url can actually be opened using a web browser and is publicly available. The metadata is an XML document starting with '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''. This setting is mandatory for the SAML authentication to work.<br />
|-<br />
||ServiceProviderLocation<br />
||<br />
Specifies the QPR ProcessAnalyzer server location (the root path which contains e.g. the ''ui'' folder). It's used by the url to redirect back to QPR ProcessAnalyzer after a successful authentication from the identity provider. The setting is defined in the following form: '''https://<hostname>/qprpa''', for example '''<nowiki>https://customer.onqpr.com/qprpa</nowiki>'''. Note that the actual redirect back url is '''https://<hostname>/qprpa/api/Saml2/Acs''' (/api/Saml2/Acs is automatically included to the url). This setting is mandatory for the SAML authentication to work. Note that if this reply url is configured the identity provider, it must match with the ServiceProviderLocation setting.<br />
|-<br />
||SAMLUserIdAttribute<br />
||<br />
Name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not defined, the '''saml:Assertion''' > '''saml:Subject''' > '''saml:NameID''' attribute in the assertion is used. If this setting is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the saml:NameID element is different than the usual SAML attributes that are defined by the saml:Attribute elements. For example, if an email address is used as a user id, the value of the setting could be for example ''<nowiki>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</nowiki>''.<br />
|-<br />
||SAMLGroupsAttribute<br />
||Attribute name in SAML assertion that is mapped to user groups in QPR ProcessAnalyzer. The user group names are case sensitive. When a user logs in, the user is added to and removed from groups based on the information in the SAML assertion. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped.<br />
<br />
In the SAML assertion, attributes are in the saml:Assertion > saml:AttributeStatement > saml:Attribute elements (the Name attribute in the saml:Attribute element is used for matching).<br />
|-<br />
||SAMLEncryptionCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to encrypt SAML assertions. The public key of the certificate is published in the service provider metadata, where the identity provider can read it and encrypt SAML assertions. QPR ProcessAnalyzer as the service provider uses the corresponding private key of the certificate to decrypt SAML assertions. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. This setting is needed only when using the SAML assertions encryption. Even though this setting is defined, the SAML assertions are not required to be encrypted. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|-<br />
||SAMLSigningCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to sign SAML authentication requests sent from QPR ProcessAnalyzer to the identity provider. The public key of the certificate is published in the service provider metadata, where the identity provider can read it, to verify the authenticity of the SAML requests. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. If this setting is not defined, the internal hard-coded signing certificate is used. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|}<br />
<br />
== SMTP Server Settings ==<br />
SMTP server settings are needed for QPR ProcessAnalyzer to send email messages. Email sending is used by the [[Email_Notifications|notifications]] and the [[Generic_Functions_in_QPR_ProcessAnalyzer#SendEmail|SendEmail]] function in the expression language.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SmtpServer<br />
||DNS name, host name or IP address of the SMTP server. Mandatory setting for the email sending to work.<br />
|-<br />
||SmtpPort<br />
||TCP port number of the SMTP server. If not defined, port 25 is used by default.<br />
|-<br />
||SmtpAuthenticationUsername<br />
||User name for authenticating to the SMTP server. If not defined, no authentication is used to connect to the SMTP server.<br />
|-<br />
||SmtpFromAddress<br />
||Email address where email messages sent by QPR ProcessAnalyzer appear to be coming from. This doesn't need to be a real email address, although the address used may affect email spam filters. The setting configured here is the default email address to use in following cases:<br />
* ''From address'' is not set for the email notifications<br />
* ''From'' parameter is not defined for the expression language ''SendEmail'' function<br />
* ''EmailFrom'' parameter is not defined for the SQL Scripting SendEmail operation<br />
|-<br />
||SmtpAuthenticationPassword<br />
||Password for authenticating to the SMTP server.<br />
|-<br />
||SmtpEnableSSL<br />
||Use value '''True''' or '''False''' depending whether TLS connection to the SMTP server is used or not. If not defined, ''False'' is the default value.<br />
|}<br />
<br />
== OAuth Client (for External OAuth Server) ==<br />
Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||ExternalOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for server that is used to authenticate the user signing in to ProcessAnalyzer. If not set, external OAuth server will not be used for authentication. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''Authority''' (string): OAuth authority URL for authentication. E.g., https://accounts.google.com/<br />
* '''Audience''' (string): Mandatory. OAuth audience/client ID for validating OAuth tokens.<br />
* '''AuthorizeUrlOverride''' (string): Override URL for the OAuth authorization endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''TokenUrlOverride''' (string): Override URL for the OAuth token endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''UserInfoUrlOverride''' (string): Override URL to fetch user information from the OAuth provider. If empty or not defined, the default URL from the authority's discovery document is used. Should not be used if OpendID Connect is to be used as access token validation is skipped.<br />
* '''ClientSecret''' (string): OAuth client secret for confidential client authentication. If configured, this value is sent as the client_secret parameter when exchanging authorization codes for tokens.<br />
* '''Issuer''' (string): OAuth issuer for validating OAuth tokens. If empty, the authority URL's issuer is used.<br />
* '''UserNameClaim''' (string): Name of the claim whose value is to be used as the name of the authenticated user. The default value is "preferred_username".<br />
* '''UserGroupsClaim''' (string): Name of the claim whose value is to be used as the names of the user groups the authenticated user belongs to. When a user logs in, the user is added to and removed from groups based on the information in the UserGroupsClaim. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped. The default value is empty, i.e. groups are not synchronized.<br><br />
Example configuration:<br><br />
<pre><br />
{<br />
"Authority": "https://accounts.google.com/",<br />
"Audience": "...",<br />
"ClientSecret": "...",<br />
"UserNameClaim": "name"<br />
}<br />
<br />
</pre><br />
|}<br />
<br />
== Readonly Information ==<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
|<span style="color:lightgrey;">DatabaseVersion</span><br />
||Database schema version. It will be updated automatically when the newer version of QPR ProcessAnalyzer Server connects to the database and performs migration for the database schema.<br />
|-<br />
||<span style="color:lightgrey;">InitializationScriptDatabaseVersion</span><br />
||Database version that was when the database was initialized when the software was installed. Do not change this setting.<br />
|-<br />
||<span style="color:lightgrey;">MinimumDatabaseVersion</span><br />
||Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.<br />
|}</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28198QPR ProcessAnalyzer as MCP Server2026-04-27T12:13:40Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
=== MCP Tool Configuration ===<br />
Every script can define its own '''McpTool''' configuration as JSON. Supported values are same as [https://modelcontextprotocol.io/specification/2025-11-25/server/tools#tool here], except for the '''name''' which is always generated automatically and can't be overridden. Defining the McpTool configuration will override any default configurations generated for scripts automatically by QPR ProcessAnalyzer. For example, specifying the value for "title" here will override the default functionality of using script's name as title of the tool.<br />
<br><br />
'''Example''': The following JSON configures the MCP tool with a customized title and description, as well as some additional [https://github.com/modelcontextprotocol/csharp-sdk/blob/main/src/ModelContextProtocol.Core/Protocol/ToolAnnotations.cs MCP tool annotations]:<syntaxhighlight lang="json"><br />
{<br />
"title": "Example MCP tool title",<br />
"description": "Example MCP tool description",<br />
"annotations": {<br />
"destructiveHint": true,<br />
"idempotentHint": true,<br />
"openWorldHint": true,<br />
"readOnlyHint": false<br />
}<br />
}<br />
</syntaxhighlight><br />
<br />
=== Defining Input Parameters ===<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines a script with five different types of parameters:<syntaxhighlight lang="json"><br />
{<br />
"type": "object",<br />
"properties": {<br />
"stringParameter": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"numberParameter": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"booleanParameter": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"arrayParameter": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"objectParameter": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</syntaxhighlight><br><br />
After this, the tool can be called, for example, with the following set of parameters:<syntaxhighlight lang="json"><br />
{<br />
"stringParameter": "hello",<br />
"numberParameter": 123.456,<br />
"booleanParameter": true,<br />
"arrayParameter": [ 1, 2, 3 ],<br />
"objectParameter": { "inner": "test" }<br />
}<br />
</syntaxhighlight><br />
<br />
=== Defining Structured Tool Output ===<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having the "models" property with information about each model:<syntaxhighlight lang="json"><br />
{<br />
"type": "object",<br />
"properties": {<br />
"string": {<br />
"type": "string",<br />
"description": "String value"<br />
},<br />
"number": {<br />
"type": "number",<br />
"description": "Number value"<br />
},<br />
"boolean": {<br />
"type": "boolean",<br />
"description": "Boolean value"<br />
},<br />
"array": {<br />
"type": "array",<br />
"description": "Array value",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"object": {<br />
"type": "object",<br />
"description": "Object value",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</syntaxhighlight><br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line="1"><br />
let returnValue = ScriptById(1).Run(#{<br />
"stringParameter": "hello",<br />
"numberParameter": 123.456,<br />
"booleanParameter": true,<br />
"arrayParameter": [1, 2, 3]<br />
"objectParameter": {<br />
"inner": "test"<br />
}<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
Now, if script having id 1 has the following script source code:<syntaxhighlight lang="typescript"><br />
#{<br />
"string": stringParameter,<br />
"number": numberParameter,<br />
"boolean": booleanParameter,<br />
"array": arrayParameter,<br />
"object": objectParameter<br />
}<br />
<br />
</syntaxhighlight><br />
and is configured as specified in the previous chapter, the result of expression will be the following valid JSON object as string:<syntaxhighlight lang="json"><br />
{<br />
"string": "hello",<br />
"number": 123.456,<br />
"boolean": true,<br />
"array": [1,2,3],<br />
"object": {"inner": "text"}<br />
}<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28192QPR ProcessAnalyzer as MCP Server2026-04-27T11:42:48Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
=== MCP Tool Configuration ===<br />
Every script can define its own '''McpTool''' configuration as JSON. Supported values are same as [https://modelcontextprotocol.io/specification/2025-11-25/server/tools#tool here], except for the '''name''' which is always generated automatically and can't be overridden. Defining the McpTool configuration will override any default configurations generated for scripts automatically by QPR ProcessAnalyzer. For example, specifying the value for "title" here will override the default functionality of using script's name as title of the tool.<br />
<br><br />
'''Example''': The following JSON configures the MCP tool with a customized title and description, as well as some additional [https://github.com/modelcontextprotocol/csharp-sdk/blob/main/src/ModelContextProtocol.Core/Protocol/ToolAnnotations.cs MCP tool annotations]:<br />
<pre><br />
{<br />
"title": "Example MCP tool title",<br />
"description": "Example MCP tool description",<br />
"annotations": {<br />
"destructiveHint": true,<br />
"idempotentHint": true,<br />
"openWorldHint": true,<br />
"readOnlyHint": false<br />
}<br />
}<br />
</pre><br />
<br />
=== Defining Input Parameters ===<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines a script with five different types of parameters:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"stringParameter": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"numberParameter": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"booleanParameter": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"arrayParameter": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"objectParameter": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
After this, the tool can be called, for example, with the following set of parameters:<br />
<pre><br />
{<br />
"stringParameter": "bar",<br />
"numberParameter": 123.456,<br />
"booleanParameter": true,<br />
"arrayParameter": [ 1, 2, 3 ],<br />
"objectParameter": { "inner": "test" }<br />
}<br />
</pre><br />
<br />
=== Defining Structured Tool Output ===<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having the "models" property with information about each model:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"models": {<br />
"type": "array",<br />
"description": "Array of models",<br />
"items": {<br />
"type": "object",<br />
"properties": {<br />
"id": {<br />
"type": "integer",<br />
"description": "Unique model identifier"<br />
},<br />
"name": {<br />
"type": "string",<br />
"description": "Name of the model"<br />
},<br />
"description": {<br />
"type": "string",<br />
"description": "Description of a model"<br />
}<br />
}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28191QPR ProcessAnalyzer as MCP Server2026-04-27T11:37:04Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
=== MCP Tool Configuration ===<br />
Every script can define its own '''McpTool''' configuration as JSON. Supported values are same as [https://modelcontextprotocol.io/specification/2025-11-25/server/tools#tool here], except for the '''name''' which is always generated automatically and can't be overridden. Defining the McpTool configuration will override any default configurations generated for scripts automatically by QPR ProcessAnalyzer. For example, specifying the value for "title" here will override the default functionality of using script's name as title of the tool.<br />
<br><br />
'''Example''': The following JSON configures the MCP tool with a customized title and description, as well as some additional [https://github.com/modelcontextprotocol/csharp-sdk/blob/main/src/ModelContextProtocol.Core/Protocol/ToolAnnotations.cs MCP tool annotations]:<br />
<pre><br />
{<br />
"title": "Example MCP tool title",<br />
"description": "Example MCP tool description",<br />
"annotations": {<br />
"destructiveHint": true,<br />
"idempotentHint": true,<br />
"openWorldHint": true,<br />
"readOnlyHint": false<br />
}<br />
}<br />
</pre><br />
<br />
=== Defining Input Parameters ===<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines a script with five different types of parameters:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"stringParameter": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"numberParameter": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"booleanParameter": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"arrayParameter": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"objectParameter": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
After this, the tool can be called, for example, with the following set of parameters:<br />
<pre><br />
{<br />
"stringParameter": "bar",<br />
"numberParameter": 123.456,<br />
"booleanParameter": true,<br />
"arrayParameter": [ 1, 2, 3 ],<br />
"objectParameter": { "inner": "test" }<br />
}<br />
</pre><br />
<br />
=== Defining Structured Tool Output ===<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having five different types of properties.:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"string": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"number": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"boolean": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"array": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"object": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_Objects_in_Expression_Language&diff=28190QPR ProcessAnalyzer Objects in Expression Language2026-04-27T11:23:58Z<p>TeeHiet: TK-64041</p>
<hr />
<div>==Filter==<br />
Filters contain a set of filter rules used to filter cases and events in models. Filters are objects located in the models. Filters are owned by the creator user, and when a filter publish mode is private, only the creator can use it.<br />
<br />
{| class="wikitable"<br />
!'''Filter properties'''<br />
! '''Description'''<br />
|-<br />
||CreatedBy (User)<br />
||Returns the user who created the filter.<br />
|-<br />
||CreatedDate (DateTime)<br />
||Returns date when the filter created date.<br />
|-<br />
||Description (String)<br />
||Returns description of the filter.<br />
|-<br />
||Id (Integer)<br />
||Returns id of the filter.<br />
|-<br />
||LastModifiedBy (User)<br />
||Returns user who modified the filter.<br />
|-<br />
||LastModifiedDate (DateTime)<br />
||Returns date when the filter last modified.<br />
|-<br />
||Model<br />
||Returns model where the filter belongs to.<br />
|-<br />
||ModelId (Integer)<br />
||Returns model where the filter belongs to.<br />
|-<br />
||Name (String)<br />
||Returns the name of the filter.<br />
|-<br />
||Project<br />
||Returns project where the filter belongs to.<br />
|-<br />
||ProjectId (Integer)<br />
||Returns project id where the filter belongs to.<br />
|-<br />
||PublishMode (String)<br />
||Returns publish mode of the filter, one of the following: '''Private''', '''Public''', or '''Default'''.<br />
|-<br />
||Rules (Dictionary)<br />
||Returns a dictionary containing the filter rules in the filter.<br />
|}<br />
<br />
{| class="wikitable"<br />
!'''Filter functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||DeletePermanently<br />
||(none)<br />
||<br />
Deletes the filter permanently. To delete own filters, the '''Filtering''' permission is needed, and to delete any filters the '''ManageViews''' permission is needed.<br />
|-<br />
||Modify<br />
||Dictionary<br />
||<br />
Modifies filter properties. The parameter is a dictionary containing the properties to be changed. Following properties can be changed: ''Name'', ''Description'', ''PublishMode'', and ''Rules''.<br />
<br />
The function returns the updated filter object. Requires ''GenericWrite'' permission for the Project and global ''CreateModel'' permission.<br />
<br />
Example:<br />
<pre><br />
FilterById(1)<br />
.Modify(#{<br />
"Name": "My filter",<br />
"Description": "My description",<br />
"PublishMode": "Public",<br />
"Rules": #{<br />
"Items": [<br />
#{<br />
"Type": "IncludeCases",<br />
"Items": [<br />
#{<br />
"Type": "CaseAttributeValue",<br />
"Attribute": "Account Manager",<br />
"StringifiedValues": [<br />
"0Mary Wilson"<br />
]<br />
}<br />
]<br />
}<br />
]<br />
}<br />
}<br />
)<br />
</pre><br />
|}<br />
<br />
Function to get filter id:<br />
{| class="wikitable"<br />
!'''Functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||FilterById<br />
||<br />
* Filter id (Integer)<br />
||<br />
Returns Filter object corresponding to the provided filter id.<br />
|}<br />
<br />
==Model==<br />
Notes:<br />
* For in-memory models that are offline, the object counts represent the situation when the model was last time online (loaded into the memory). ''null'' is returned if the model has never been loaded into the memory.<br />
* If [[Case_Level_Permissions|Case permissions]] are used for the model, and user doesn't have '''GenericWrite''' permission for the model, ''null'' is returned for data security reasons. Users that have the '''GenericWrite''' permission, see null when the model is offline, and when online, they see counts where the case level permissions settings are applied.<br />
* Properties ''CaseAttributes'', ''EventAttributes'' and ''Eventlog'' work only for the in-memory models and they require the model to be loaded into the memory. If the model is not in the memory, it is loaded when these properties is used. Other model properties down require the model to be in the memory.<br />
<br />
{| class="wikitable"<br />
!'''Model properties'''<br />
! '''Description'''<br />
|-<br />
||AllFilters (Filter*)<br />
||Returns an array of all [[#Filter|filters]] in the model where the user has access to. In addition to the ''Filters'' property, ''AllFilters'' also returns private filters of other users. The ''ManageViews'' permission is required to use this property.<br />
|-<br />
||Calendars (BusinessCalendar*)<br />
||<br />
Returns all [[Business_Calendar|business calendars]] stored to the Model as an array. Returns an empty array, if there are no business calendars stored to the model. Note: UI allows to set only one business calendar for a Model.<br />
|-<br />
||CaseAttributes (AttributeType*)<br />
||[[#AttributeType|CaseAttributes]] in the model returned in the alphabetical order. Using this property requires that the model is loaded in the memory. If the model is not in the memory, it's loaded when this property is used.<br />
|-<br />
||CasesDatatable (Datatable)<br />
||Returns the Datatable the model uses as a datasource for cases. Returns ''null'' if the cases Datatable is not defined or if model uses other than the Datatable datasource.<br />
|-<br />
||Configuration (Dictionary)<br />
||Returns the Model configuration as dictionary. Example:<br />
<pre><br />
ModelById(123).Configuration.DataSource.Events.DataTableName<br />
</pre><br />
|-<br />
||ConfigurationJson (String)<br />
||Returns the Model configuration as JSON string.<br />
|-<br />
||CreatedBy (User)<br />
||User who created the model.<br />
|-<br />
||CreatedDate (DateTime)<br />
||Timestamp when the model was created.<br />
|-<br />
||DefaultCalendar (BusinessCalendar)<br />
||Returns the default [[Business_Calendar|business calendar]] of the Model. Returns ''null'', if there are no calendars in the Model or no calendar has been set as a default calendar. Note: UI allows to set only one business calendar for a Model, which is also the default calendar.<br />
|-<br />
||DefaultFilter (Filter)<br />
||Default filter of the model. Returns ''null'' if the model does not have a default filter.<br />
|-<br />
||DefaultFilterId (Integer)<br />
||Default filter id of the model. Returns ''null'' if the model does not have a default filter.<br />
|-<br />
||Description (String)<br />
||Model description. The model description may contain line breaks.<br />
|-<br />
||DeletedDate (DateTime)<br />
||Timestamp when Model was deleted (moved to the recycle bin).<br />
|-<br />
||DeletedBy (User)<br />
||User how deleted the Model.<br />
|-<br />
||Diagrams (Diagram*)<br />
||Returns an array of all [[Diagram_in_Expression_Language|diagrams]] in the model.<br />
|-<br />
||EstimatedMemory (Integer)<br />
||Returns an estimation of how much memory in bytes the model requires.<br />
|-<br />
||EventsDatatable (Datatable)<br />
||Returns the Datatable the model uses as a datasource for events. Returns ''null'' if the events Datatable is not defined or if model uses other than the Datatable datasource.<br />
|-<br />
||EventAttributes (AttributeType*)<br />
||[[#AttributeType|EventAttributes]] in the model returned in the alphabetical order. Using this property requires that the model is loaded in the memory. If the model is not in the memory, it's loaded when this property is used.<br />
|-<br />
||EventLog (EventLog)<br />
||EventLog containing the entire model (i.e. event log where no filters have been applied). Using this property requires that the model is loaded in the memory. If the model is not in the memory, it's loaded when this property is used.<br />
|-<br />
||Filters (Filter*)<br />
||Returns an array of all public [[#Filter|filters]], the default filter (if any) and the user's own private filters in the model. Note that the other users's private filters are not returned even for administrators.<br />
|-<br />
||Id (Integer)<br />
||Model Id. Model Id is generated by QPR ProcessAnalyzer when the model is created.<br />
|-<br />
||IsValidInMemoryModel (boolean)<br />
||Returns ''true'' if all the following conditions are met:<br />
* CheckModelValidity function doesn't return any issues (because invalid models are assumed to be Snowflake models).<br />
* Model is not an object-centric model.<br />
* Data source of the model is ''ODBC'' or ''Expression'', or the referred datatable has ''DataSourceType'' either ''Local'' or ''SqlServer''.<br />
|-<br />
||LastModifiedBy (User)<br />
||User who last time modified the model properties. Note that datatables containing the eventlog data are separate objects having similar fields to track the last modification and last data import.<br />
|-<br />
||LastModifiedDate (DateTime)<br />
||Timestamp when the model was modified the last time.<br />
|-<br />
||Name (String)<br />
||Model name.<br />
|-<br />
||NCache (Integer)<br />
||Number of objects related to the model when the model is loaded into the memory.<br />
|-<br />
||NCaseAttributes (Integer)<br />
||Number of [[#AttributeType|CaseAttributes]] in model. Works only for in-memory models.<br />
|-<br />
||NCases (Integer)<br />
||Number of [[#Case|Cases]] in the model. Works only for in-memory models.<br />
|-<br />
||NEventAttributes (Integer)<br />
||Number of [[#AttributeType|EventAttributes]] in model. Works only for in-memory models.<br />
|-<br />
||NEvents (Integer)<br />
||Number of [[#Event|Events]] in model. Works only for in-memory models.<br />
|-<br />
||NEventTypes (Integer)<br />
||Number of [[#EventType|EventTypes]] in the model. Works only for in-memory models.<br />
|-<br />
||Project (Project)<br />
||[[#Project|Project]] where the model belongs to.<br />
|-<br />
||ProjectId (Integer)<br />
||[[#Project|Project]] id where the model belongs to.<br />
|-<br />
||Status (String)<br />
||<br />
Memory availability status of the model. There are the following statuses:<br />
* '''Loading''': The model is currently loading into the memory. When the loading is ready, the status changes to ''online''. If the loading fails, the status changes to ''offline''.<br />
* '''Offline''': The model is currently not loaded into the memory. The model needs to be loaded into the memory, so that analyses can be calculated from the model (occurs automatically when an analysis is requested).<br />
* '''Online''': The model is in the memory and ready for analysis calculation. If the model is dropped from the memory, its status changes to ''offline''.<br />
|-<br />
||UsedDatatables (Datatable*)<br />
||Returns all datatables the model uses as a datasource.<br />
<br />
Example: List datatables used by a model:<br />
<pre><br />
StringJoin(", ", OrderByValue(ModelById(1).UsedDataTables.Name))<br />
</pre><br />
|}<br />
<br />
{| class="wikitable"<br />
!'''Model functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||CalendarByName (BusinessCalendar)<br />
||<br />
name (String)<br />
||<br />
Returns a [[Business_Calendar|business calendar]] stored to the Model by the name of the calendar. Business calendars can be stored to models in the model properties. Returns ''null'', if a calendar with the provided name is not stored to the model.<br />
<br />
Examples:<br />
<pre><br />
ModelById(123).CalendarByName("MyCalendar")<br />
</pre><br />
|-<br />
||CreateDiagram (Diagram)<br />
||Parameters dictionary<br />
||<br />
Creates a [[Diagram_in_Expression_Language|diagram]] to the model. Parameters is a dictionary containing diagram properties. Following properties are available:<br />
* '''Name''' (string): Diagram name that distinguishes diagrams in a model.<br />
* '''Description''' (string): Diagram description text.<br />
* '''Content''' (dictionary): Diagram content as dictionary.<br />
<br />
Example:<br />
<pre><br />
ModelById(1)<br />
.CreateDiagram(#{<br />
"Name": "My diagram",<br />
"Description": "This is my new diagram",<br />
"Content": #{ ... },<br />
})<br />
</pre><br />
|-<br />
||CreateFilter (Filter)<br />
||Parameters dictionary<br />
||Creates a filter to a model. Requires ''GenericWrite'' permission for the project and global ''CreateModel'' permission. If a filter with that name already exists in the model, an exception is thrown.<br />
The parameters dictionary may have the following properties:<br />
* '''Name''': Name of the filter. This property is mandatory.<br />
* '''Description''': Description of the filter. This property is optional.<br />
* '''Rules''': Filter rules for the filter defined as a dictionary according to the [[Filtering_in_QPR_ProcessAnalyzer_Queries|filter json format]]. This property is mandatory.<br />
* '''PublishMode''': Publish mode of the filter which is one of the following: ''Private'', ''Public'' or ''Default''. This property is optional, and the default value is ''Private''.<br />
<br />
Example:<br />
<pre><br />
let newFilter = modelById(1).CreateFilter(#{ <br />
"Name": "My Filter",<br />
"Rules": #{<br />
"Items": [#{<br />
"Type": "IncludeCases",<br />
"Items": [#{<br />
"Type": "CaseAttributeValue",<br />
"Attribute": "Account Manager",<br />
"StringifiedValues": [ "0Robert Miller" ]<br />
}]<br />
}]<br />
},<br />
"PublishMode": "Public"<br />
});<br />
}<br />
</pre><br />
|-<br />
||DeletePermanently<br />
||(none)<br />
||Deletes the Model permanently. The model doesn't need to be in the recycle bin to be able to delete it permanently.<br />
|-<br />
||Modify (Model)<br />
||Dictionary<br />
||<br />
Modifies model properties. The parameter is a dictionary containing the properties to be changed. Following properties can be changed: ''Name'', ''Description'', ''ProjectId'', and ''Configuration''.<br />
<br />
The function returns the updated model object. Requires the ''GenericWrite'' permission for the project and the global ''CreateModel'' permission.<br />
<br />
Example:<br />
<pre><br />
ModelById(1)<br />
.Modify(#{<br />
"Name": "My model",<br />
"Description": "My description",<br />
"ProjectId": 2,<br />
"Configuration": #{<br />
"DataSource": #{<br />
"Cases": #{<br />
"DataSourceType": "datatable",<br />
"DataTableName": "My cases datatable",<br />
"Columns": #{<br />
"CaseId": "Case Name"<br />
}<br />
},<br />
"Events": #{<br />
"DataSourceType": "datatable",<br />
"DataTableName": "My events datatable",<br />
"Columns": #{<br />
"CaseId": "Case Name",<br />
"EventType": "Event Type",<br />
"Timestamp": "Start Time"<br />
}<br />
}<br />
}<br />
}<br />
}<br />
)<br />
</pre><br />
|-<br />
||ResetModelCache<br />
||(none)<br />
||<br />
Synchronously clears all cached model data. For a Snowflake model, deletes all cache tables related to the model from Snowflake. For an in-memory model, drops the model from the memory and also drops all other model related caches from the memory. <br />
|-<br />
||ResetPreprocessings<br />
||(none)<br />
||<br />
Removes all cached items related to the Model, e.g. preprocessings and calculation results. In practice, the Model is reset to a state where it was right after the model was loaded into memory.<br />
|-<br />
||Restore<br />
||(none)<br />
||Restores the Model from the recycle bin back to the original location.<br />
|-<br />
||<span id="ToSqlDataFrame">ToSqlDataFrame</span><br />
||In-memory dataframe<br />
||Converts an in-memory dataframe to an SQL dataframe. In practice, an SQL query is created from the in-memory dataframe and the query is executed in the datasource so that the data is available in the datasource for further SQL operations. This function is intended only to small amounts of data which is less than 16384 rows.<br />
<br />
Example: Select matching cases from events data using in-memory dataframe:<br />
<pre><br />
let model = ModelById(1);<br />
let dfEvents = model.EventsDatatable.SqlDataFrame;<br />
let inMemoryDf = ToDataFrame(<br />
[["1"], ["2"], ["3"]],<br />
[#{"Name": "id", "DataType": "String"}]<br />
);<br />
model.ToSqlDataFrame(inMemoryDf)<br />
.Join(dfEvents, ["id": "CaseId"])<br />
.SelectDistinct(["CaseId"])<br />
.Collect();<br />
</pre><br />
|-<br />
||<span id="TriggerNotifications">TriggerNotifications</span> (Boolean)<br />
||Notification names (String*)<br />
||Triggers the given notifications for the Model. Notifications are given by their names. Triggering means that the configured rules are run and notification emails are sent as defined by the rules. If the notification names parameter is not provided, all notifications in the Model are triggered.<br />
<br />
The function return ''true'' if any notification were triggered, otherwise ''false''.<br />
<pre><br />
ModelById(123).TriggerNotifications(["Notification 1", "Notification 2"]);<br />
Triggers notifications Notification 1 and Notification 2 in model id 123.<br />
<br />
ModelById(123).TriggerNotifications();<br />
Triggers all notifications in model id 123.<br />
</pre><br />
|-<br />
||<span id="CheckModelValidity">CheckModelValidity</span> (Object array)<br />
||CheckData field in dictionary<br />
||Checks the model validity and returns found issues. The returned data is an array of objects where each object represents one validity error and contains the following properties:<br />
* '''IssueType''' (String): Specifies the issue type.<br />
* '''ContextType''' (String): Context in which the issue was found, and it can be '''EventDataSource''', '''CaseDataSource''', '''OcelDataSource'''.<br />
* '''Details''' (Dictionary): Additional details which depend on the type of the issue.<br />
<br />
There are two types of checks available (based on whether the '''CheckData''' parameter is defined):<br />
* ''Lightweight check'': The check is based on only the configuration data stored in QPR ProcessAnalyzer. This check is very quick and does not require running queries in datasource (e.g., in Snowflake).<br />
* ''Full check'': The check is comprehensive and it's able to detect any validity issues the model may have. The full check requires running queries to the actual data which makes the check slower, and in case of Snowflake, it uses the Snowflake warehouse to run the queries.<br />
<br />
The lightweight check is performed automatically by the [[QPR_ProcessAnalyzer_Project_Workspace|Workspace]], so if there are any validity issues that the lightweight check can detect, the Workspace notifies about them immediately. If there are any problems with the model calculation results, it might be a good idea to run the full validity check to confirm whether the problems are due to the model being invalid.<br />
<br />
Example: Lightweight check:<br />
<pre><br />
ToJson(ModelById(1).CheckModelValidity())<br />
</pre><br />
<br />
Example: Full check:<br />
<pre><br />
ToJson(ModelById(1).CheckModelValidity(#{ "CheckData": true }))<br />
</pre><br />
|-<br />
||CortexAgentsQuery<br />
||<br />
||Creates a Snowflake Cortex semantic model (see ''GetSemanticModel'' function) for the process mining model and makes a natural language query on it using Snowflake Cortex Agents. More information: https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents. <br />
<br />
There are the following parameters:<br />
# '''Parameters''': Dictionary parameters given to the Cortex Agents REST API query (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). There is a special handling for the following parameters:<br />
#* '''model''': If not defined, uses the default Cortex Agents model name configured into the database, or if that is not defined, uses "llama3.1-70b".<br />
#* '''_tools''': Additional tool_spec of type "cortex_analyst_text_to_sql" will be added to this value with a reference to the generated semantic model.<br />
#* '''_tool_resources''': Generated semantic model is added as an additional resource.<br />
# '''Filter configuration''': Can be a string containing filter JSON or a dictionary containing the filter configuration. The semantic model is created for the filtered eventlog. If not defined, the entire model eventlog will be used.<br />
# '''Event column role nappings''': Mappings to apply for event columns. If not defined, default column mappings are used.<br />
# '''Case column role mappings''': Mappings to apply for case columns. If not defined, default column mappings are used.<br />
<br />
The function returns a dictionary with the following keys:<br />
# '''Response''': Actual response as a dictionary returned by the Cortex Agents.<br />
# '''Response items''': Contains processed response consisting of an array of objects having the following properties:<br />
#* '''Text''': Textual response.<br />
#* '''Sql''': Response SQL query string. Not mandatory.<br />
#* '''SqlDataFrame''': SqlDataFrame created for the SQL query in the Sql property. Only present if Sql is present.<br />
|-<br />
||GetSemanticModel<br />
||<br />
||Creates a Snowflake Cortex Analyst semantic model for the process mining model and returns it as a dictionary. More information: https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-analyst/semantic-model-spec.<br />
<br />
There are the following parameters:<br />
# '''Filter configuration''': Can be a string containing filter JSON or a dictionary containing the filter. The semantic model is created for the filtered eventlog. If not defined, the entire model eventlog will be used.<br />
# '''Event column role mappings''': Mappings to apply for event columns. If not defined, default column mappings are used.<br />
# '''Case column role mappings''': Mappings to apply for case columns. If not defined, default column mappings are used.<br />
<br />
Examples: Returns a semantic model without any filtering applied.<br />
<pre><br />
ModelById(1).GetSemanticModel();<br />
</pre><br />
|}<br />
<br />
Function to get Model by model id:<br />
{| class="wikitable"<br />
!'''Functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||ModelById<br />
||<br />
* Model id (Integer)<br />
||<br />
Returns [[QPR_ProcessAnalyzer_Objects_in_Expression_Language#Model|Model]] object corresponding to the provided model id.<br />
|}<br />
<br />
==Object-centric model==<br />
Object-centric models additionally have the following properties and functions.<br />
<br />
{| class="wikitable"<br />
!'''Object-Centric model properties'''<br />
! '''Description'''<br />
|-<br />
||IsOcelModel (boolean)<br />
||Returns ''true'' when the model is an OCEL model.<br />
|-<br />
||OcelEvents (Datatable)<br />
||Datatable containing event data for the OCEL model. Value ''null'' is returned if event datatable has not been configured for the model. Throws an unsupported operation exception if the model is not an OCEL model.<br />
|-<br />
||OcelEventToObject (Datatable)<br />
||Datatable containing event-to-object relations data for the OCEL model. Value ''null'' is returned if event-to-object relation datatable has not been configured for the model. Throws an unsupported operation exception if the model is not an OCEL model.<br />
|-<br />
||OcelEventTypes (Dictionary)<br />
||Returns a dictionary containing event type names as keys and the datatables holding event data for that event type in this OCEL model as value. An empty array is returned if event types datatable has not been configured for the model. Throws an unsupported operation exception if the model is not an OCEL model.<br />
<br />
Example: Get datatable for "Create order" events:<br />
<pre><br />
ModelById(1).OcelEventTypes.Get("Create order")<br />
</pre><br />
|-<br />
||OcelObjects (Datatable)<br />
||Datatable containing objects data for the OCEL model. Value ''null'' is returned if object datatable has not been configured for the model. Throws an unsupported operation exception if the model is not an OCEL model.<br />
|-<br />
||OcelObjectToObject (Datatable)<br />
||Datatable containing object-to-object relations data for the OCEL model. Value ''null'' is returned if object-to-object relation datatable has not been configured for the model. Throws an unsupported operation exception if the model is not an OCEL model.<br />
|-<br />
||OcelObjectTypes (Dictionary)<br />
||Returns a dictionary containing object type names as keys and the datatables holding data for that object type in this OCEL model as value. An empty array is returned if object types have not been configured for this model. Throws an unsupported operation exception if the model is not an OCEL model.<br />
|}<br />
<br />
{| class="wikitable"<br />
!'''Object-centric model functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||OcelEventType<br />
||Event type name (String)<br />
||<br />
Datatable containing event type attributes of given event type in this OCEL model. Value ''null'' is returned if a datatable is not configured for this model for given event type. Throws an unsupported operation exception if the model is not an OCEL model.<br />
<br />
Example: Get datatable for "Create order" events:<br />
<pre><br />
ModelById(1).OcelEventType("Create order")<br />
</pre><br />
|-<br />
||OcelObjectType<br />
||Object type name (String)<br />
||Datatable containing object type attributes of given object type in this OCEL model. Value ''null'' is returned if a datatable is not configured for this model for given object type. Throws an unsupported operation exception if the model is not an OCEL model.<br />
|-<br />
||OcelObjectTypeConfiguration<br />
||Object type name (String)<br />
||Returns a matching configuration object with the following properties:<br><br />
# Datatable: name of the datatable<br />
# Unit: unit label for object type items<br />
''Null'' is returned if the given object type is not found in the model configuration. <br />
If the object type name is not specified or ''null'', the function returns a dictionary containing configurations for all defined object types.<br />
|}<br />
<br />
== Project ==<br />
{| class="wikitable"<br />
!'''Project properties'''<br />
! '''Description'''<br />
|-<br />
||CreatedBy (User)<br />
||User who created the Project.<br />
|-<br />
||CreatedDate (DateTime)<br />
||Timestamp when the Project was created.<br />
|-<br />
||Configuration (Dictionary)<br />
||Project settings as Dictionary object. See example in ''ConfigurationJson'' property.<br />
|-<br />
||ConfigurationJson (String)<br />
||Project settings as json string.<br />
<pre><br />
{<br />
"DefaultLocationInDataSource": {<br />
"Database": "MyDatabase",<br />
"Schema": "MySchema"<br />
},<br />
"ConnectionStringKeys": {<br />
"Snowflake": "MyKey1",<br />
"SqlServer": "MyKey2"<br />
}<br />
}<br />
</pre><br />
|-<br />
||Dashboards (Dashboard*)<br />
||Returns all [[Dashboard_in_Expression_Language|dashboards]] in the project.<br />
|-<br />
||Datatables (Datatable*)<br />
||Returns all Datatables in the project.<br />
|-<br />
||DeletedDate (DateTime)<br />
||Timestamp when the Project was deleted (moved to the recycle bin).<br />
|-<br />
||Description (String)<br />
||Project description. The project description may contain line breaks.<br />
|-<br />
||DeletedBy (User)<br />
||User who deleted the Project (moved to the recycle bin).<br />
|-<br />
||Id (Integer)<br />
||Id of the Project.<br />
|-<br />
||LastModifiedBy (User)<br />
||User who last modified the Project.<br />
|-<br />
||LastModifiedDate (DateTime)<br />
||Timestamp when the Project was last modified (refers to the project name, description and parent, not the contents of the project).<br />
|-<br />
||Name (String)<br />
||Name of the Project.<br />
|-<br />
||Models (Model*)<br />
||Models that are in the Project.<br />
|-<br />
||Parent (Project)<br />
||Parent project, i.e. a Project where the Project is located in the hierarchy of Projects. Returns ''null'' for root level Projects. Throws an error if user doesn't have access to the parent project.<br />
|-<br />
||ParentProjectId (Integer)<br />
||Parent project id. Returns ''null'' for root level Projects. The parent project id is returned even if user doesn't have access to the parent project.<br />
|-<br />
||Scripts (Script*)<br />
||Scripts that are in the Project.<br />
|-<br />
||Secrets (Dictionary*)<br />
||Returns array of all [[Storing_Secrets_for_Scripts|secrets]] in the project as Dictionary with following properties:<br />
* '''Name''' (string): Name of the secret.<br />
* '''Type''' (string): Type of the secret which is one of the following: "odbc", "sap", "salesforce".<br />
|}<br />
<br />
{| class="wikitable"<br />
!'''Project functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||CreateDashboard (Dashboard)<br />
||Parameters dictionary<br />
||Creates a dashboard to the project. ''EditDashboards'' permission to the project is required. The parameter is dictionary with following supported dashboard properties:<br />
* '''Name''' (String): Name of the dashboard.<br />
* '''Identifier''' (String): Identifier of the dashboard.<br />
* '''Description''' (String): Description of the dashboard.<br />
* '''Content''' (Dictionary): Content of the dashboard.<br />
<br />
Example: Create empty dashboard.<br />
<pre><br />
ProjectById(1)<br />
.CreateDashboard(#{<br />
"Name": "My dashboard",<br />
"Identifier": "MyDashboard"<br />
});<br />
</pre><br />
<br />
Example: Create dashboard with a chart.<br />
<pre><br />
ProjectById(1)<br />
.CreateDashboard(#{<br />
"Name": "My dashboard",<br />
"Content": #{<br />
"version": 4,<br />
"typeName": "View",<br />
"name": "My dashboard",<br />
"subElements": [<br />
#{<br />
"position": #{<br />
"x": 0,<br />
"y": 0,<br />
"width": 0.5,<br />
"height": 0.5,<br />
"zOrder": 0<br />
},<br />
"element": #{<br />
"typeName": "Chart",<br />
"configuration": #{<br />
"root": #{<br />
"expressionType": "Cases",<br />
"expressionParameters": #{}<br />
},<br />
"measures": [#{<br />
"expressionType": "Count",<br />
"expressionParameters": #{}<br />
}]<br />
}<br />
}<br />
}<br />
]<br />
}<br />
});<br />
</pre><br />
|-<br />
||<span id="CreateDatatable">CreateDatatable</span> (Datatable)<br />
||<br />
* Parameters dictionary<br />
||Creates datatable to the project. After creation, there are no columns or rows in the datatable. The function returns the created datatable entity. Following properties can be set for the datatable:<br />
* '''Name''' (string): Name of the datatable. This parameter is mandatory.<br />
* '''Description''' (string): Description for the datatable. This parameter is optional.<br />
* '''NameInDataSource''' (string): Table name in the datasource (e.g., in Snowflake) which this datatable is linked to. This parameter is optional.<br />
* '''SchemaNameInDataSource''' (string): Schema name in the datasource (e.g., in Snowflake) which this datatable is linked to. This parameter is optional.<br />
* '''DatabaseNameInDataSource''' (string): Database name in the datasource (e.g., in Snowflake) which this datatable is linked to. This parameter is optional.<br />
* '''Type''' (string): Defines where the data for the datatable is located. Available values are '''Snowflake''', '''SqlServer''', and '''Local'''. This parameter is optional and default value is defined by the [[PA_Configuration_database_table#General_Settings|DefaultDataSource]] setting.<br />
* '''Connection''': Connection object for the datatable. This parameter is optional.<br />
<br />
Example: Create a new datatable:<br />
<pre><br />
ProjectById(1).CreateDatatable(#{<br />
"Name": "My datatable"<br />
});<br />
</pre><br />
<br />
Example: Create Snowflake datatable linked to a custom table:<br />
<pre><br />
ProjectById(1).CreateDatatable(#{<br />
"Name": "My datatable",<br />
"Description": "My description",<br />
"NameInDataSource": "MyTable",<br />
"SchemaNameInDataSource": "MySchema",<br />
"DatabaseNameInDataSource": "MyDatabase",<br />
"Type": "Snowflake"<br />
});<br />
</pre><br />
<br />
Example: Create Snowflake datatable where connection string is stored as a [[Storing_Secrets_for_Scripts|secret]]:<br />
<pre><br />
ProjectById(1).CreateDatatable(#{<br />
"Name": "My datatable",<br />
"Type": "Snowflake",<br />
"Connection": ProjectById(1).CreateSnowflakeConnection(#{ "OdbcConnectionStringKey": "MyKey" })<br />
});<br />
</pre><br />
|-<br />
||CreateMeaConnection<br />
||<br />
||<br />
Creates an object representing connection to QPR MEA (QPR Suite) Web Service. The function parameter is a dictionary containing the property '''ConnectionStringKey''' which defines the MEA connection string secret name in the same project. When the connection object has been created, MEA Web Service [[QPR_MEA_Integration|queries and other operations]] can be executed using it.<br />
<br />
Example: create connection:<br />
<pre><br />
let connection = ProjectByName("MyProject").CreateMeaConnection( #{"ConnectionStringKey": "MyMeaConnection"} );<br />
</pre><br />
<br />
Example: use connection:<br />
<pre><br />
let results = connection.QueryObjects("[PG.785401983.683494101]", "name, typename");<br />
</pre><br />
|-<br />
||CreateModel (Model)<br />
||<br />
* Parameters dictionary<br />
||Creates a model to a project. Requires ''GenericWrite'' permission for the Project and global ''CreateModel'' permission. If a model with that name already exists, an exception is thrown.<br />
<br />
Parameters dictionary has the following properties:<br />
* '''Name''': Name of the model. This property is mandatory.<br />
* '''Description''': Description of the model. This property is optional.<br />
* '''Configuration''': Configuration dictionary for the model. This property is technically optional, but a working model requires at least datasource settings to be defined.<br />
<br />
Example:<br />
<pre><br />
ProjectById(1).CreateModel(#{ <br />
"Name": "My model",<br />
"Description": "My description",<br />
"Configuration": #{<br />
"DataSource": #{<br />
"Cases": #{<br />
"DataSourceType": "datatable",<br />
"DataTableName": "My cases datatable",<br />
"Columns": #{<br />
"CaseId": "Case Name"<br />
}<br />
},<br />
"Events": #{<br />
"DataSourceType": "datatable",<br />
"DataTableName": "My events datatable",<br />
"Columns": #{<br />
"CaseId": "Case Name",<br />
"EventType": "Event Type",<br />
"Timestamp": "Start Time"<br />
}<br />
}<br />
}<br />
}<br />
});<br />
</pre><br />
|-<br />
||<span id="CreateProject">CreateProject</span> (Project)<br />
||<br />
* Parameters dictionary<br />
||Create a project as a sub-project of the context project. Returns the created project. Requires the ''ManageProject'' permission.<br />
<br />
Parameters dictionary has the following properties:<br />
* '''Name''' (string): Name of the project. This property is required.<br />
* '''Description''' (string): Description of the project.<br />
* '''ParentProjectId''' (integer): Id of the parent project where the new project is created. This parameter is usually not needed because the parent project is the context project. The CreateProject function is also available in the generic context where the ''ParentProjectId'' parameter is needed to create sub-projects.<br />
* '''DatabaseNameInDataSource''' (string): Snowflake database the project is linked to. Data for the datatables in this project will be located in this database.<br />
* '''SchemaNameInDataSource''' (string): Snowflake schema the project is linked to. Data for the datatables in this project will be located in this schema. If the schema is defined, also the ''DatabaseNameInDataSource'' needs to be defined.<br />
* '''SnowflakeConnectionStringKey''' (string): Snowflake connection string key to be used for the datatables in this project. <br />
<br />
Example:<br />
<pre><br />
ProjectById(1).CreateProject(#{<br />
"Name": "My project", <br />
"Description": "My description", <br />
"DatabaseNameInDataSource": "My database", <br />
"SchemaNameInDataSource": "My schema" <br />
})<br />
</pre><br />
|-<br />
||DatatableByName (Datatable)<br />
||Datatable name (String)<br />
||<br />
Returns Datatable by its name located in the project. Returns null, if Datatable with that name does not exist in the project.<br />
<br />
Example:<br />
<pre><br />
ProjectById(123).DatatableByName("MyDatatable1")<br />
</pre><br />
<br />
Example: Get datatable by name, and create it if it doesn't exist:<br />
<pre><br />
let project = ProjectById(123);<br />
let datatableName = "MyDatatable1";<br />
let datatable = project.DatatableByName(datatableName);<br />
if (datatable == null) {<br />
datatable = project.CreateDatatable(datatableName);<br />
}<br />
</pre><br />
|-<br />
||DeletePermanently<br />
||(none)<br />
||Deletes the Project permanently. Note that the Project doesn't need to be in the recycle bin to be able to delete it permanently.<br />
|-<br />
||Export (String)<br />
||(none)<br />
||Exports the project and its content to a json string. The json format is described in [[Projects Export File Format]].<br />
<br />
Example: Export project id 1 to json data:<br />
<pre><br />
ProjectById(1).Export();<br />
</pre><br />
|-<br />
||Import<br />
||JSON string<br />
||Creates one or several projects from a json string. The project(s) are created as child projects of the context project. The json format is described in [[Projects Export File Format]]. The function returns the created project objects. In case the project names already exist, the import operation automatically adjusts the names to be unique.<br />
<br />
Example: Create project from json data (as child of project id 1):<br />
<pre><br />
let jsonData = `{ "Projects": [ { "Name": "My project" } ] }`;<br />
let result = ProjectById(1).Import(jsonData);<br />
let createdProjectId = result["Projects"][0].Id;<br />
</pre><br />
|-<br />
||Restore<br />
||(none)<br />
||Restores the Project from the recycle bin back to the original location.<br />
|-<br />
||ModelByName (Model)<br />
||Model name (String)<br />
||<br />
Returns Model by its name located in the project. Returns null, if Model with that name does not exist in the project.<br />
<br />
Example:<br />
<pre><br />
ProjectById(123).ModelByName("My Model 1")<br />
</pre><br />
|-<br />
||<span id="ModifyProject">Modify</span> (Project)<br />
||Dictionary of settings to change<br />
||<br />
Change project settings. Following settings are supported:<br />
* '''Name''' (String): Name of the project.<br />
* '''Description''' (String): Description text of the project.<br />
* '''ParentProjectId''' (Integer): Parent project id. Changing this effectively moves the project into different parent project.<br />
* '''DatabaseNameInDataSource''': Name of the Snowflake database where the project's datatables are located. The database needs to exist in the same Snowflake account configured in the Snowflake connection string. When defining this setting, define also the ''SchemaNameInDataSource''.<br />
* '''SchemaNameInDataSource''': Name of the Snowflake schema where the project's datatables are located. The schema needs to exist in the same Snowflake account configured in the Snowflake connection string. When defining this setting, define also the ''DatabaseNameInDataSource''.<br />
* '''SnowflakeConnectionStringKey''' (String): Snowflake connection string key for the project. Snowflake datatables in the project will use connection string behind this key (unless specified by the datatatable).<br />
* '''SqlServerConnectionStringKey''' (String): SQL Server connection string key. SQL Server datatables in the project will use connection string behind this key (unless specified by the datatatable).<br />
<br />
''ManageProject'' permission is needed to change project properties.<br />
<br />
Example: Change project name and move project into other parent project:<br />
<pre><br />
ProjectById(1)<br />
.Modify(#{<br />
"Name": "Project 1"<br />
"ParentProjectId": 2<br />
});<br />
</pre><br />
<br />
Example: Set Snowflake connection string key for the project:<br />
<pre><br />
ProjectById(1)<br />
.Modify(#{<br />
"SnowflakeConnectionStringKey": "MyKey1"<br />
});<br />
</pre><br />
|-<br />
||ScriptByName (Script)<br />
||Script name (String)<br />
||<br />
Returns Script by its name located in the project. Returns null, if Script with that name does not exist in the project.<br />
<br />
Example:<br />
<pre><br />
ProjectById(123).ScriptByName("MyScript1")<br />
</pre><br />
|-<br />
||<span id="SetSecret">SetSecret</span><br />
||<br />
# Secret type (string)<br />
# Secret name (string)<br />
# Secret value (string)<br />
||Sets or adds a [[Storing_Secrets_for_Scripts|secret]] for the project. Setting the secret value to ''null'' removes the secret. There can be several secrets with the same name in the same project if the type of the secret is different. Setting secrets requires the project specific ''ManageProject'' permission.<br />
<br />
Parameters:<br />
# '''Type''' (string): Secret type which is one of the following:<br />
#* "externaldatatableconnection": Snowflake ODBC connection string for datatables.<br />
#* "odbc": ODBC connection string (e.g., to extract data in scripts, or load an in-memory model).<br />
#* "oledb": OleDB connection string (e.g., to extract data in scripts, or load an in-memory model).<br />
#* "sap": SAP password.<br />
#* "salesforce": Salesforce password.<br />
#* "sql": SQL Server connection string.<br />
#* "qprmea": QPR MEA connection string.<br />
# '''Name''' (string): Secret name, used to refer to the secret in the commands.<br />
# '''Value''' (string): Secret value which contains the confidential information.<br />
<br />
Example: Set SAP password:<br />
<pre><br />
ProjectById(1).SetSecret("sap", "MySapPassword", "I l0ve 5AP!");<br />
</pre><br />
<br />
Example: Remove SAP password:<br />
<pre><br />
ProjectById(1).SetSecret("sap", "MySapPassword", null);<br />
</pre><br />
|}<br />
<br />
Functions to get project:<br />
{| class="wikitable"<br />
!'''Functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||ProjectById<br />
||Project id (Integer)<br />
||<br />
Returns project object corresponding to the provided project id.<br />
|-<br />
||ProjectByName<br />
||Project name (String)<br />
||<br />
Returns project object by given project name. If there is no such project or user doesn't have access to it, ''null'' value is returned. If there are multiple projects with the same name, one of them is returned.<br />
<br />
Example:<br />
<pre><br />
let project = ProjectByName("My Project");<br />
</pre><br />
|}<br />
<br />
Functions to create project:<br />
{| class="wikitable"<br />
!'''Functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||<span id="CreateProject">CreateProject</span> (Project)<br />
||Parameters dictionary<br />
||Create a project. This is a similar function as the [[QPR_ProcessAnalyzer_Objects_in_Expression_Language#CreateProject|CreateProject function]] in the project context. This function in the generic context is needed to create root-level projects (which don't have parent project).<br />
<br />
Example: create a root project:<br />
<pre><br />
CreateProject(#{<br />
"Name": "My project"<br />
})<br />
</pre><br />
<br />
Example: create a sub-project:<br />
<pre><br />
CreateProject(#{<br />
"Name": "My project"<br />
"ParentProjectId": 1<br />
})<br />
</pre><br />
|-<br />
||<span id="Import">Import</span> (Project*)<br />
||JSON string<br />
||Creates one or several projects from a json string. The project(s) are created as the root level projects. The json format is described in [[Projects Export File Format]]. The function returns the created project objects. In case the project names already exist, the import operation automatically adjusts the names to be unique.<br />
<br />
Example: Create a root level project from json data:<br />
<pre><br />
let jsonData = `{ "Projects": [ { "Name": "My project" } ] }`;<br />
let result = Import(jsonData);<br />
let createdProjectId = result["Projects"][0].Id;<br />
</pre><br />
|}<br />
<br />
== Script ==<br />
Scripts are entities that contain executable code, that can be run. Usually scripts contains ETL routines but also other kind of tasks are possible.<br />
<br />
{| class="wikitable"<br />
!'''Script properties'''<br />
! '''Description'''<br />
|-<br />
||Code (String)<br />
||Script code.<br />
|-<br />
||Configuration (Dictionary)<br />
||Script's configuration.<br />
|-<br />
||CreatedBy (User)<br />
||User who created the Script.<br />
|-<br />
||CreatedDate (DateTime)<br />
||Timestamp when the Script was created.<br />
|-<br />
||CurrentRunStart (DateTime)<br />
||Timestamp of the current run start. Null if the script is currently not running.<br />
|-<br />
||Description (String)<br />
||Description of the Script.<br />
|-<br />
||Id (Integer)<br />
||Id of the Script.<br />
|-<br />
||Language (String)<br />
||Either of the following scripting language: '''Expression''' or '''SQL'''. When language is Expression, the script is run as an expression script, and when language is SQL, the script is run as an SQL script (using the sandbox database).<br />
|-<br />
||LastModifiedBy (User)<br />
||User who last modified the Script.<br />
|-<br />
||LastModifiedDate (DateTime)<br />
||Timestamp when the Script was last modified.<br />
|-<br />
||LastRunEnd (DateTime)<br />
||Timestamp of the last completed script run end (either successful completion or failure). Null if the Script hasn't been run yet.<br />
|-<br />
||LastRunResult (String)<br />
||Result of the last run. Options are:<br />
* '''Completed''': The last run was completed successfully.<br />
* '''Failed''': An error occurred during the last run, so likely the script did not complete as intended.<br />
* '''Aborted''': Script run was manually stopped prematurely by a user, so the script did not proceeded in the end.<br />
<br />
Null if the Script hasn't been run yet.<br />
|-<br />
||LastRunStart (DateTime)<br />
||Timestamp of the last completed script run start time. Null if the Script hasn't been run yet.<br />
|-<br />
||Name (String)<br />
||Name of the Script.<br />
|-<br />
||OperationId (Integer)<br />
||Id of the operation which runs the Script. Null if the script is currently not running.<br />
|-<br />
||Project (Project)<br />
||Project where the Script is located. Null if the script is in the global context.<br />
|-<br />
||ProjectId (Integer)<br />
||Id of the project where the Script is located. Null if the script is in the global context.<br />
|-<br />
||Status (String)<br />
||Current status of the script. Options are:<br />
* '''Ready''': Script is not running. In this status, the script can be started (changing the status to ''Running'').<br />
* '''Running''': Script is running. In this status, the script can be stopped (changing the status to ''Stopping''). Calling stop just requests a script to stop, and the actual stopping occurs some time later.<br />
* '''Stopping''': Script has been requested to be stopped, but it's still running. In this status, neither start nor stop can be called for the script. When the script eventually stops, its status changes to ''Ready''.<br />
|}<br />
<br />
{| class="wikitable"<br />
!'''Script functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||Run (Object)<br />
||Dictionary of parameters<br />
||<br />
Runs the script using the provided parameters. The parameters are available in the script as variables (see the example). Any type of variables can be passed to the script. Note that if the script assumes certain variables, but that they are not passed to the script, the script run will throw an error. <br />
<br />
For SQL scripts, the passed parameters are available in the script as variables in format '''@_parameter_<ParameterName>''' where <ParameterName> is the name of the parameter, e.g. ''parameter_myParameter1''. Only string type of parameters can be used, so any other type of data in parameter values is converted into strings.<br />
<br />
The return value of the script is returned by the Run function. Expression scripts return a value with the ''return'' statement or alternatively the result of the last line of the script is the return value. If the script does not return any value, the Run function returns ''_empty''. For SQL scripts, the return value is the last dataset produced by the script (returned as a DataFrame) (SQL scripts might create several datasets using the ''--#ShowReport'' command or the ''Show'' parameter).<br />
<br />
When a script is called using the Run function, the called script status does not change, because it's the parent script that is ''Running''. Also the called script log is not filled, but instead the logging goes to the calling script.<br />
<br />
It's possible to call a script using the Run function several times simultaneously.<br />
<br />
If there is an error when running the called script, the Run function throws the error to the calling script.<br />
<br />
Scripts are run in the script entity context, so for example the following properties are available:<br />
* Id: Script id<br />
* Name: Script name<br />
* Project.Id: Project id where the script is located<br />
* Project.Name: Name of the project where the script is located<br />
<br />
Example: Following script (id 123) raises a specified number to a specified power:<br />
<pre><br />
return Pow(numberToRaise, exponent);<br />
</pre><br />
<br />
The script can be called as follows (returning 16):<br />
<pre><br />
let runResult = ScriptById(123).Run(#{<br />
"numberToRaise": 4,<br />
"exponent": 2<br />
})<br />
</pre><br />
|-<br />
||<span id="Start">Start</span><br />
||Dictionary of parameters<br />
||Starts the script. The function call doesn't wait for the script run to complete (i.e., asynchronous behavior) which is same as starting the script in the [[Managing_Scripts#Starting_Script|Workspace]].<br />
<br />
Parameters to the script can be provided as a dictionary of name-value pairs (which is not possible when script is started in the Workspace). Return value is the script run id (integer) if the script was started. If the script is already running, return value is ''null''.<br />
<br />
Example: Start script (without parameters) and store the script run id:<br />
<pre><br />
let runId = ScriptById(1).Start();<br />
</pre><br />
<br />
Example: Start script with passing parameters:<br />
<pre><br />
ScriptById(1).Start(#{<br />
"variable1": "val1",<br />
"variable2": 5<br />
});<br />
</pre><br />
|-<br />
||Stop<br />
||<br />
||Stops the script. The operation doesn't wait for the stopping to complete (i.e., asynchronous behavior) which is same as stopping the script in the [[Managing_Scripts#Stopping_Script|Workspace]]. Depending on the operation that the script is performing, the stopping might take some time.<br />
<br />
Return value is the script run id (integer) if the script was running. If the script isn't running, the return value is ''null''.<br />
<br />
Example:<br />
<pre><br />
let runId = ScriptById(1).Stop();<br />
</pre><br />
|}<br />
<br />
Function to get a script by the script id:<br />
{| class="wikitable"<br />
!'''Functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||ScriptById<br />
||<br />
* Script id (Integer)<br />
||<br />
Returns Script object corresponding to the given script id. If script with the given id doesn't exist or user doesn't have permissions to it, an error is given.<br />
|}<br />
<br />
== User/Group ==<br />
User objects represents users and user groups. Note that some properties can only be used for users and some for groups.<br />
<br />
{| class="wikitable"<br />
!'''User/group properties'''<br />
! '''Description'''<br />
|-<br />
||CreatedBy (User)<br />
||Returns the user who created the user.<br />
|-<br />
||CreatedDate (DateTime)<br />
||Returns the date when the user was created.<br />
|-<br />
||DefaultDashboard (String)<br />
||Returns the configured [[User_Settings#Starting_dashboard|starting dashboard]] ("default dashboard") identifier for a group (for users, the starting dashboard cannot be configured). The starting dashboard is automatically opened when a user logs in.<br />
|-<br />
||Description (String)<br />
||Description of the user.<br />
|-<br />
||EffectiveDefaultDashboard (String)<br />
||Returns the [[User_Settings#Starting_dashboard|starting dashboard]] of a user. Value ''null'' means that the user doesn't have a starting dashboard. The starting dashboard comes from the user's groups. If multiple of user's groups have the starting dashboard defined, the user's starting dashboard will be taken from a group having alphabetically the first name.<br />
|-<br />
||Email (String)<br />
||Email address of the user.<br />
|-<br />
||FullName (String)<br />
||Full name of the user or group name.<br />
|-<br />
||GlobalPermissions (String*)<br />
||Array of global [[Roles and Permissions#Global_and_Project_Roles|permissions]] of the user. Global permissions come from the global roles assigned to the user and groups that the user belongs to. Note that to get the effective permissions for certain objects, also project specific permissions need to be taken into account.<br />
|-<br />
||GroupMemberNames (String*)<br />
||Array of names of members of a user group. This property is available for groups.<br />
|-<br />
||GroupMembers (User*)<br />
||Array of members of a user group. This property is available for groups.<br />
|-<br />
||GroupNames (String*)<br />
||Array of names of user groups the user belongs to. This property is available for users.<br />
|-<br />
||Groups (User*)<br />
||Array of user groups the user belongs to. This property is available for users.<br />
|-<br />
||HasPassword (Boolean)<br />
||Returns true if user has a password defined in QPR ProcessAnalyzer and thus user can authenticate using the password. If user doesn't have a password, the SAML authentication is the only way to log in. ''ManageUsers'' permission is needed to access this property for other users.<br />
|-<br />
||Id (Integer)<br />
||Id of the user, which is unique for every user.<br />
|-<br />
||IsActive (Boolean)<br />
||Returns true only if the user is active (not disabled).<br />
|-<br />
||IsGroup (Boolean)<br />
||Returns true if the user is a user group.<br />
|-<br />
||IsLocked (Boolean)<br />
||Returns true if user account is currently [[User_Session_Management#Preventing_password_guessing_attacks|locked]]. ''ManageUsers'' permission is needed to access this property.<br />
|-<br />
||LastLockedDate (DateTime)<br />
||Returns date when user account was locked the last time. Returns ''null'' if the user account has never been locked. ''ManageUsers'' permission is needed to access this property.<br />
|-<br />
||LastLoginDate (DateTime)<br />
||Returns date when the user made last successful login. ''ManageUsers'' permission is needed to access this property for other users.<br />
|-<br />
||LastModifiedBy (User)<br />
||Returns the user who last modified this user.<br />
|-<br />
||LastModifiedDate (DateTime)<br />
||Returns the date when the user was last modified.<br />
|-<br />
||Name (String)<br />
||Login name of the user or group.<br />
|-<br />
||Roles (Object**)<br />
||<br />
Returns all roles of the user (both global and project roles) as a nested array structure.<br />
<br />
Example:<br />
<pre><br />
ToJson(Users.Where(name == "qpr").Roles)<br />
Returns (for example):<br />
[<br />
[{"calcId": "Project:1"}, "Administrator"],<br />
[{"calcId": "Project:2"}, "Analyzer"],<br />
[{"calcId": "Project:3"}, "Viewer"],<br />
[null, "RunScripts"],<br />
[null, "Administrator"]<br />
]<br />
</pre><br />
|}<br />
<br />
{| class="wikitable"<br />
!'''User/group functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||EffectivePermissionsFor (String Array)<br />
||<br />
* Project to get permissions<br />
||<br />
Returns effective (actual) permission of the user to the given project. Project is given as a [[#Project|project object]] (not as a project id). Effective permissions determine the actual permissions that the user has, i.e. a combination of all permissions assigned to the user and groups the user belong to, including both project specific and global roles.<br />
<br />
Permissions for the EffectivePermissionsFor function are as follows:<br />
* All users can query their own permissions<br />
* To get permissions for any user, the user needs to have [[Roles_and_Permissions|ManageUsers permission]].<br />
<br />
Note that ''inactive'' users don't have any effective permissions, so the EffectivePermissionsFor function does not return any permissions for those users.<br />
<br />
Examples:<br />
<pre><br />
UserById(1).EffectivePermissionsFor(ModelById(2).Project)<br />
Returns (for example): ["EditDashboards", "Filtering", "GenericRead"]<br />
</pre><br />
|-<br />
||GetAttribute<br />
||<br />
||<br />
Returns user attribute value by given attribute name and optionally by the model/project/dashboard context. Supported data types are String, Integer, Float, and DateTime. To store more complex data types, data can be converted into json and stored as string. If the attribute doesn't exist, null is returned.<br />
<br />
For example, if using dashboard as context, the attributes are effectively bound to each user and each dashboard separately. Thus, there can be several attributes with the same name as long as the dashboard is different.<br />
<br />
Parameters:<br />
# '''Attribute name''' (String): Name of the attribute.<br />
# '''Attribute context''' (Project/Model/Dashboard): Optional context object the attribute is linked to.<br />
<br />
Users have permissions to get attributes for themselves, and also (administrator) users with global ''ManageUsers'' permission can get attributes for all users. In addition, if using the context object, the ''GenericRead'' permission is required for the context object.<br />
<br />
Example: Get user attribute MyDataValue for myself:<br />
<pre><br />
CurrentUser<br />
.GetAttribute("MyDataValue");<br />
</pre><br />
<br />
Example: Get user attribute MyDataValue for user John:<br />
<pre><br />
Users<br />
.Where(Name=="John")<br />
.GetAttribute("MyDataValue");<br />
</pre><br />
<br />
Example: Get user attribute MyDataValue for user 1 related to dashboard id 1:<br />
<pre><br />
UserById(1)<br />
.GetAttribute("MyDataValue", DashboardById(1));<br />
</pre><br />
|-<br />
||SetAttribute<br />
||<br />
||<br />
Sets user attribute value for given attribute name and optionally for the model/project/dashboard context. Supported data types are String, Integer, Float, and DateTime. To store more complex data types, data can be converted into json and stored as string. If setting value ''null'', the user attribute is removed. Required permissions are same as in the GetAttribute function.<br />
<br />
Parameters:<br />
# '''Attribute name''' (String): Name of the attribute.<br />
# '''Attribute value''' (String/Integer/Float/DateTime): Attribute value to be stored.<br />
# '''Attribute context''' (Project/Model/Dashboard): Optional context object the attribute value is linked to.<br />
<br />
Example: Set user attribute MyDataValue for myself:<br />
<pre><br />
CurrentUser<br />
.SetAttribute("MyDataValue ", "value");<br />
</pre><br />
<br />
Example: Set value 123 as user attribute MyDataValue for user John:<br />
<pre><br />
Users<br />
.Where(Name=="John")<br />
.SetAttribute("MyDataValue", 123);<br />
</pre><br />
<br />
Example: Set current time as user attribute MyDataValue for user 1 related to dashboard id 1:<br />
<pre><br />
UserById(1)<br />
.GetAttribute("MyDataValue", Now, DashboardById(1));<br />
</pre><br />
|}<br />
<br />
Function to get User by user id:<br />
{| class="wikitable"<br />
!'''Functions'''<br />
!'''Parameters'''<br />
! '''Description'''<br />
|-<br />
||UserById (User)<br />
||<br />
* User id (Integer)<br />
||<br />
Returns User object that has the provided user id. Also groups can be queried with this function. Returns an access denied error if the user with given id does not exist or the current user does not have access to it.<br />
|}</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28189QPR ProcessAnalyzer as MCP Server2026-04-27T11:08:48Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
=== MCP Tool Configuration ===<br />
Every script can define its own '''McpTool''' configuration as JSON. Supported values are same as [https://modelcontextprotocol.io/specification/2025-11-25/server/tools#tool here], except for the '''name''' which is always generated automatically and can't be overridden. Defining the McpTool configuration will override any default configurations generated for scripts automatically by QPR ProcessAnalyzer. For example, specifying the value for "title" here will override the default functionality of using script's name as title of the tool.<br />
<br><br />
'''Example''': The following JSON configures the MCP tool with a customized title and description, as well as some additional [https://github.com/modelcontextprotocol/csharp-sdk/blob/main/src/ModelContextProtocol.Core/Protocol/ToolAnnotations.cs MCP tool annotations]:<br />
<pre><br />
{<br />
"title": "Example MCP tool title",<br />
"description": "Example MCP tool description",<br />
"annotations": {<br />
"destructiveHint": true,<br />
"idempotentHint": true,<br />
"openWorldHint": true,<br />
"readOnlyHint": false<br />
}<br />
}<br />
</pre><br />
<br />
=== Defining Input Parameters ===<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines a script with five different types of parameters:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"stringParameter": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"numberParameter": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"booleanParameter": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"arrayParameter": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"objectParameter": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
After this, the tool can be called, for example, with the following set of parameters:<br />
<pre><br />
{<br />
{ "stringParameter", "bar" },<br />
{ "numberParameter", 123.456 },<br />
{ "booleanParameter", true },<br />
{ "arrayParameter", new Object[] { 1, 2, 3 } },<br />
{<br />
"objectParameter", new Dictionary<string, object><br />
{<br />
{ "inner", "value" }<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
=== Defining Structured Tool Output ===<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having five different types of properties.:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"string": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"number": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"boolean": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"array": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"object": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Managing_Scripts&diff=28188Managing Scripts2026-04-27T11:07:58Z<p>TeeHiet: TK-64041</p>
<hr />
<div>In QPR ProcessAnalyzer, scripts can be used for ETL tasks and to automate routines. Scripts are managed in the [[QPR_ProcessAnalyzer_Project_Workspace|Project Workspace]].<br />
<br />
=== Running vs. Calling Scripts ===<br />
''Running'' a script means starting executing a stored script, which can be done in the UI or using the ScriptLauncher. A script can also ''call'' other scripts during the run. The differences between the running and calling are:<br />
* Script can run only once at a time, whereas there are no limitations on how many times a script can be called at the same time<br />
* Script log is written to the running script. No script log is written to the called script.<br />
* Script status shows whether the script is being run or not. The status does not change, when a script is called from other script.<br />
<br />
When a script is running, it's not possible to start another run of the same script, so the first run needs to end to start new. Scripts can call other scripts and a called scripts can run multiple times simultaneously. In the stack of called scripts, the script log is generated to the top level script. Also the top level script shows that it's running and the called scripts do not.<br />
<br />
=== Scripts List ===<br />
When selecting a project and opening the '''Scripts''' tab, all scripts in the project can be seen. Scripts list shows following information:<br />
* '''Name''': Name of the script.<br />
* '''Status''': Status of the script, which is one of following: ''Ready'', ''Running'' or ''Stopping''. For more information about script statuses, see below.<br />
* '''Last run duration''': Duration of the last ended run of the script (the last run result can be any).<br />
* '''Last run date''': Date and time when the last run ended. If you need to know the last run start time, subtract the ''Last run duration'' from this time.<br />
* '''Last run result''': Result of the last run of the script. Either of following: ''Completed'', ''Failed'' or ''Aborted''. For more information about last run results, see below.<br />
* '''Id''': Script id that uniquely identifies the script in the system.<br />
<br />
Scrips are in either of following statuses:<br />
* '''Ready''': Script is currently not running, and can be started.<br />
* '''Running''': Script is currently running, and the script can be stopped. When a script is running, another run of the same script cannot be started.<br />
* '''Stopping''': Script is currently being stopped. When a script is in this status, the script cannot be started nor stopped, so you need to wait for the script to stop. There may be a delay in stopping a script, depending on the operation currently performed by the script.<br />
<br />
The last script run result can be either of the following:<br />
* '''Completed''': The last run ended successfully, i.e. without any errors or exceptions. Note that despite of the technically successful run, the script might still not work as intended.<br />
* '''Failed''': The last run ended to an error or exception. To see more information about the reason of the failure, see the [[#Viewing_Script_Log|last run log]].<br />
* '''Aborted''': The last run was stopped by a user, so the script did not run till the end.<br />
<br />
=== Script Properties ===<br />
To open Script Properties, '''right-click''' the script on the Scripts tab in the Workspace and select '''Properties'''.<br><br />
The Script Properties lists the following information on the '''General''' tab:<br />
* '''Script ID''': A unique ID in the system.<br />
* '''Language''': The script's language, either "SQL" or "Expression".<br />
* '''Status''': As above in Scripts List.<br />
* '''Last run start''': Date and time when the last run started.<br />
* '''Last run end''': As "Last run date" above in Scripts List.<br />
* '''Last run duration''': As above in Scripts List.<br />
* '''Last run result''': As above in Scripts List.<br />
* '''Last modified''': Date and time when the script was last modified.<br />
* '''Last modified by''': User who last modified the script.<br />
* '''Created''': Date and time when the script was created.<br />
* '''Created by''': User who created the script.<br />
<br />
The script Properties has the following information on the '''Input'' tab:<br />
* '''JSON schema for input parameters''': A text box for defining the [[QPR_ProcessAnalyzer_as_MCP_Server#Defining_Input_Parameters|input parameters]].<br />
<br />
The script Properties has the following information on the '''Output'' tab:<br />
* '''JSON schema for script output''': A text box for defining the [[QPR_ProcessAnalyzer_as_MCP_Server#Defining_Structured_Tool_Output|output parameters]].<br />
<br />
The Script Properties has the following information on the '''MCP''' tab:<br />
* '''MCP tool''': A checkbox to select whether the script can be used as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP]] tool. Only System Administrators can modify this setting. Note that once a script has been defined as an MCP tool, only System Administrators are able to modify the script itself.<br />
* '''JSON for MCP tool configuration''': A text box for defining the [[QPR_ProcessAnalyzer_as_MCP_Server#MCP_Tool_Configuration|MCP tool configuration]].<br />
<br />
The Script Properties has the following information on the '''Description''' tab:<br />
* A textbox to edit the description of the script.<br />
<br />
=== Editing Script ===<br />
Open the scripts editor as follows:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Edit'''. Alternatively, you can hover the script and click the ''Edit'' button in the end of the row.<br />
<br />
If the script has been defined as an MCP tool, only System Administrators are able to edit the script.<br />
<br />
The script editor can show multiple scripts in the tabs, allowing to easily switch between the scrips. The editor remembers all scripts that have been opened during the session.<br />
<br />
In the script editor, you can:<br />
* Run the script by clicking the '''Run''' button.<br />
* Stop a running script by clicking the '''Stop''' button.<br />
* Save a script having unsaved changes by clicking the '''Save''' button.<br />
* To run a script having unsaved changes, click the '''Save and Run''' button. Note that the script needs to be saved to run it.<br />
* To go back to the list of scripts, click the '''Go back''' button. If there are unsaved changes in any of the opened scripts, you need to either save or cancel the changes.<br />
* To close a script, click the ''Close'' button for the tab showing the script. If there are unsaved changes, you need to either save or cancel changes.<br />
<br />
=== Starting Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Run'''. Alternatively, you can hover the script and click the ''Run'' button in the end of the row.<br />
<br />
Note that when running a script in the UI, the script must not contain commands where ''ExecuteInClientSide'' is enabled, because that is only supported when running scripts using [[QPR_ProcessAnalyzer_ScriptLauncher|QPR ScriptLauncher]].<br />
<br />
=== Stopping Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and from the right-click context menu select '''Stop'''. Alternatively, you can hover the script and click the ''Stop'' button in the end of the row.<br />
<br />
Note that it may take a while for a script to actually stop, depending on what kind of operation the script is executing when it's stopped.<br />
<br />
=== Viewing Script Log ===<br />
It's possible to see the script log of the last run, and monitor the currently running script progress. Logs for older runs are not available in the UI, nut they are stored by the system.<br />
<br />
To see the logs:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select either '''View last run log''' or '''View current run log'''. (The script needs to be running to open the current run log.)<br />
# If keeping the current run log open, the latest log entries are updated automatically every two seconds.<br />
<br />
More information about [[QPR_ProcessAnalyzer_Logs#Script_Log|Script Log]].<br />
<br />
=== Creating Script ===<br />
# On the left side projects hierarchy, select the project where you want to create a script.<br />
# Open the '''Scripts''' tab.<br />
# Click the '''New''' button and click '''Script'''. Define a name for the script and the scripting '''Language''' (either '''Expression''' or '''SQL'''), and then click '''Create'''. Note that script names must be unique within a project.<br />
<br />
Note that the scripting language cannot be changed after the script has been created, so a new script needs to be created to change the language.<br />
<br />
Note that each script in the same project needs to have a unique name.<br />
<br />
=== Deleting Script ===<br />
# Select the project where the script(s) to be deleted are located.<br />
# Open the '''Scripts''' tab.<br />
# Select one or several scripts to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
Note that if the script is being run, it cannot be deleted.<br />
<br />
=== Renaming Script ===<br />
# Select the project where the script to be renamed is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the script name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Script ===<br />
Scripts can be moved by dragging them with the left mouse button from the right side list to the target project in the left side hierarchy. Alternatively, you can first select the scripts, then from the right-click context menu select '''Move to''' and finally select the target project.<br />
<br />
=== Duplicating Script ===<br />
# Select the project where the script to be duplicated is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the script is created.<br />
<br />
=== Viewing Script Run Results ===<br />
Script runs can be [[Managing_Scripts#Running_Script|started]] and [[Managing_Scripts#Stopping_Script|stopped]] in the UI. Note that when running scripts using the UI, return values or results of the script cannot be viewed. If you want to use scripts that return data, there are following options:<br />
* Script can write data to the script log<br />
* Script can write data to a datatable<br />
* Script can be called from a dashboard and use the dashboard to present the returned data (see more below).</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28187QPR ProcessAnalyzer as MCP Server2026-04-27T11:06:04Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
=== MCP Tool Configuration ===<br />
Every script can define its own '''McpTool''' configuration as JSON. Supported values are same as [https://modelcontextprotocol.io/specification/2025-11-25/server/tools#tool here], except for the '''name''' which is always generated automatically and can't be overridden. Defining the McpTool configuration will override any default configurations generated for scripts automatically by QPR ProcessAnalyzer. For example, specifying the value for "title" here will override the default functionality of using script's name as title of the tool.<br />
<br><br />
'''Example''': The following JSON configures the MCP tool with a customized title and description, as well as some additional [https://github.com/modelcontextprotocol/csharp-sdk/blob/main/src/ModelContextProtocol.Core/Protocol/ToolAnnotations.cs MCP tool annotations]:<br />
<pre><br />
{<br />
"title": "Example MCP tool title",<br />
"description": "Example MCP tool description",<br />
"annotations": {<br />
"destructiveHint": true,<br />
"idempotentHint": true,<br />
"openWorldHint": true,<br />
"readOnlyHint": false<br />
}<br />
}<br />
</pre><br />
<br />
=== Defining Input Parameters ===<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines a script with five different types of parameters:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"stringParameter": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"numberParameter": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"booleanParameter": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"arrayParameter": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"objectParameter": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
After this, the tool can be called, for example, with the following set of parameters:<br />
<pre><br />
{<br />
{ "stringParameter", "bar" },<br />
{ "numberParameter", 123.456 },<br />
{ "booleanParameter", true },<br />
{ "arrayParameter", new Object[] { 1, 2, 3 } },<br />
{<br />
"objectParameter", new Dictionary<string, object><br />
{<br />
{ "inner", "value" }<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
=== Defining Structured Tool Output ===<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having five different types of properties.:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"string": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"number": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"boolean": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"array": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"object": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28186QPR ProcessAnalyzer as MCP Server2026-04-27T10:53:17Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
=== Defining Input Parameters ===<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines a script with five different types of parameters:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"stringParameter": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"numberParameter": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"booleanParameter": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"arrayParameter": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"objectParameter": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
After this, the tool can be called, for example, with the following set of parameters:<br />
<pre><br />
{<br />
{ "stringParameter", "bar" },<br />
{ "numberParameter", 123.456 },<br />
{ "booleanParameter", true },<br />
{ "arrayParameter", new Object[] { 1, 2, 3 } },<br />
{<br />
"objectParameter", new Dictionary<string, object><br />
{<br />
{ "inner", "value" }<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
=== Defining Structured Tool Output ===<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having five different types of properties.:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"string": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"number": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"boolean": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"array": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"object": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28185QPR ProcessAnalyzer as MCP Server2026-04-27T10:50:09Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
=== Defining Input Parameters ===<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines one required string parameter named '''CaseId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"CaseId": {<br />
"type": "string",<br />
"minLength": 1,<br />
"description": "Unique identifier of the case (i.e, Case ID). Cases may be orders, deliveries, invoices depending on the model name."<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
'''Example''': The following schema defines an integer parameter named '''modelId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"modelId": {<br />
"type": "integer",<br />
"description": "Model ID (identifier)"<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
=== Defining Structured Tool Output ===<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having five different types of properties.:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"string": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"number": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"boolean": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"array": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"object": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28184QPR ProcessAnalyzer as MCP Server2026-04-27T10:48:09Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Defining Input Parameters ==<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines one required string parameter named '''CaseId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"CaseId": {<br />
"type": "string",<br />
"minLength": 1,<br />
"description": "Unique identifier of the case (i.e, Case ID). Cases may be orders, deliveries, invoices depending on the model name."<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
'''Example''': The following schema defines an integer parameter named '''modelId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"modelId": {<br />
"type": "integer",<br />
"description": "Model ID (identifier)"<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
== Defining Structured Tool Output ==<br />
Structured tool output is described using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. By default, scripts don't enforce any schema and the result is considered to be just text.<br />
<br><br />
'''Example''': The following example configures the script's return value to contain an object having five different types of properties.:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"string": {<br />
"type": "string",<br />
"description": "String parameter"<br />
},<br />
"number": {<br />
"type": "number",<br />
"description": "Number parameter"<br />
},<br />
"boolean": {<br />
"type": "boolean",<br />
"description": "Boolean parameter"<br />
},<br />
"array": {<br />
"type": "array",<br />
"description": "Array parameter",<br />
"nullable": true,<br />
"items": {<br />
"type": "integer"<br />
}<br />
},<br />
"object": {<br />
"type": "object",<br />
"description": "Object parameter",<br />
"properties": {<br />
"inner": {"type": "string"}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28183QPR ProcessAnalyzer as MCP Server2026-04-27T10:41:28Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Defining Input Parameters ==<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
<br />
'''Example''': The following schema defines one required string parameter named '''CaseId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"CaseId": {<br />
"type": "string",<br />
"minLength": 1,<br />
"description": "Unique identifier of the case (i.e, Case ID). Cases may be orders, deliveries, invoices depending on the model name."<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
'''Example''': The following schema defines an integer parameter named '''modelId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"modelId": {<br />
"type": "integer",<br />
"description": "Model ID (identifier)"<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
== Defining Structured Tool Output ==<br />
Structured tool output is described using a JSON schema. This allows the MCP client to interpret the response as structured data instead of only plain text. The schema is defined as part of the MCP tool configuration, and the script should return data that matches the configured structure.<br />
<br><br />
'''Example''': The following example defines an object containing a '''filters''' array. Each array item is an object with named properties:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"filters": {<br />
"type": "array",<br />
"description": "List of defined filters in the given model (as parameter).",<br />
"items": {<br />
"type": "object",<br />
"properties": {<br />
"Filter name": {<br />
"type": "string",<br />
"description": "Human-readable name of the filter."<br />
},<br />
"Filter ID": {<br />
"type": "integer",<br />
"description": "Unique identifier of the filter."<br />
},<br />
"Privacy mode": {<br />
"enum": [<br />
"Default Public",<br />
"Public",<br />
"Private"<br />
],<br />
"description": "Visibility and access level of the filter."<br />
},<br />
"Filter description": {<br />
"type": "string",<br />
"description": "Optional free-text description explaining the purpose and intended use of the filter."<br />
},<br />
"Filter rules": {<br />
"type": "string",<br />
"description": "Filter definition expressed in JSON format. The rules specify the exact criteria used to include or exclude data."<br />
}<br />
}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28182QPR ProcessAnalyzer as MCP Server2026-04-27T10:41:08Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Defining Input Parameters ==<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br><br />
'''Example''': The following schema defines one required string parameter named '''CaseId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"CaseId": {<br />
"type": "string",<br />
"minLength": 1,<br />
"description": "Unique identifier of the case (i.e, Case ID). Cases may be orders, deliveries, invoices depending on the model name."<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
'''Example''': The following schema defines an integer parameter named '''modelId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"modelId": {<br />
"type": "integer",<br />
"description": "Model ID (identifier)"<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
== Defining Structured Tool Output ==<br />
Structured tool output is described using a JSON schema. This allows the MCP client to interpret the response as structured data instead of only plain text. The schema is defined as part of the MCP tool configuration, and the script should return data that matches the configured structure.<br />
<br><br />
'''Example''': The following example defines an object containing a '''filters''' array. Each array item is an object with named properties:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"filters": {<br />
"type": "array",<br />
"description": "List of defined filters in the given model (as parameter).",<br />
"items": {<br />
"type": "object",<br />
"properties": {<br />
"Filter name": {<br />
"type": "string",<br />
"description": "Human-readable name of the filter."<br />
},<br />
"Filter ID": {<br />
"type": "integer",<br />
"description": "Unique identifier of the filter."<br />
},<br />
"Privacy mode": {<br />
"enum": [<br />
"Default Public",<br />
"Public",<br />
"Private"<br />
],<br />
"description": "Visibility and access level of the filter."<br />
},<br />
"Filter description": {<br />
"type": "string",<br />
"description": "Optional free-text description explaining the purpose and intended use of the filter."<br />
},<br />
"Filter rules": {<br />
"type": "string",<br />
"description": "Filter definition expressed in JSON format. The rules specify the exact criteria used to include or exclude data."<br />
}<br />
}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28181QPR ProcessAnalyzer as MCP Server2026-04-27T10:40:25Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Defining Input Parameters ==<br />
MCP tool input parameters are defined using a JSON schema following the [https://modelcontextprotocol.io/specification/2025-11-25/basic#json-schema-usage Model Context Protocol's JSON Schema]. Each supported input parameter is listed under '''properties'''. By default, script don't enforce any schema.<br />
'''Example''': The following schema defines one required string parameter named '''CaseId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"additionalProperties": false,<br />
"properties": {<br />
"CaseId": {<br />
"type": "string",<br />
"minLength": 1,<br />
"description": "Unique identifier of the case (i.e, Case ID). Cases may be orders, deliveries, invoices depending on the model name."<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
'''Example''': The following schema defines an integer parameter named '''modelId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"additionalProperties": false,<br />
"properties": {<br />
"modelId": {<br />
"type": "integer",<br />
"description": "Model ID (identifier)"<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
== Defining Structured Tool Output ==<br />
Structured tool output is described using a JSON schema. This allows the MCP client to interpret the response as structured data instead of only plain text. The schema is defined as part of the MCP tool configuration, and the script should return data that matches the configured structure.<br />
<br><br />
'''Example''': The following example defines an object containing a '''filters''' array. Each array item is an object with named properties:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"filters": {<br />
"type": "array",<br />
"description": "List of defined filters in the given model (as parameter).",<br />
"items": {<br />
"type": "object",<br />
"properties": {<br />
"Filter name": {<br />
"type": "string",<br />
"description": "Human-readable name of the filter."<br />
},<br />
"Filter ID": {<br />
"type": "integer",<br />
"description": "Unique identifier of the filter."<br />
},<br />
"Privacy mode": {<br />
"enum": [<br />
"Default Public",<br />
"Public",<br />
"Private"<br />
],<br />
"description": "Visibility and access level of the filter."<br />
},<br />
"Filter description": {<br />
"type": "string",<br />
"description": "Optional free-text description explaining the purpose and intended use of the filter."<br />
},<br />
"Filter rules": {<br />
"type": "string",<br />
"description": "Filter definition expressed in JSON format. The rules specify the exact criteria used to include or exclude data."<br />
}<br />
}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28180QPR ProcessAnalyzer as MCP Server2026-04-27T10:34:04Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the '''MCP tool''' checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Defining Input Parameters ==<br />
MCP tool input parameters are defined using a JSON schema where each supported input parameter is listed under '''properties''', and '''additionalProperties''' can be set to false to reject unknown parameters.<br><br />
'''Example''': The following schema defines one required string parameter named '''CaseId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"additionalProperties": false,<br />
"properties": {<br />
"CaseId": {<br />
"type": "string",<br />
"minLength": 1,<br />
"description": "Unique identifier of the case (i.e, Case ID). Cases may be orders, deliveries, invoices depending on the model name."<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
'''Example''': The following schema defines an integer parameter named '''modelId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"additionalProperties": false,<br />
"properties": {<br />
"modelId": {<br />
"type": "integer",<br />
"description": "Model ID (identifier)"<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
== Defining Structured Tool Output ==<br />
Structured tool output is described using a JSON schema. This allows the MCP client to interpret the response as structured data instead of only plain text. The schema is defined as part of the MCP tool configuration, and the script should return data that matches the configured structure.<br />
<br><br />
'''Example''': The following example defines an object containing a '''filters''' array. Each array item is an object with named properties:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"filters": {<br />
"type": "array",<br />
"description": "List of defined filters in the given model (as parameter).",<br />
"items": {<br />
"type": "object",<br />
"properties": {<br />
"Filter name": {<br />
"type": "string",<br />
"description": "Human-readable name of the filter."<br />
},<br />
"Filter ID": {<br />
"type": "integer",<br />
"description": "Unique identifier of the filter."<br />
},<br />
"Privacy mode": {<br />
"enum": [<br />
"Default Public",<br />
"Public",<br />
"Private"<br />
],<br />
"description": "Visibility and access level of the filter."<br />
},<br />
"Filter description": {<br />
"type": "string",<br />
"description": "Optional free-text description explaining the purpose and intended use of the filter."<br />
},<br />
"Filter rules": {<br />
"type": "string",<br />
"description": "Filter definition expressed in JSON format. The rules specify the exact criteria used to include or exclude data."<br />
}<br />
}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28179QPR ProcessAnalyzer as MCP Server2026-04-27T10:33:28Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the **MCP tool** checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Defining Input Parameters ==<br />
MCP tool input parameters are defined using a JSON schema where each supported input parameter is listed under '''properties''', and '''additionalProperties''' can be set to false to reject unknown parameters.<br><br />
'''Example''': The following schema defines one required string parameter named '''CaseId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"additionalProperties": false,<br />
"properties": {<br />
"CaseId": {<br />
"type": "string",<br />
"minLength": 1,<br />
"description": "Unique identifier of the case (i.e, Case ID). Cases may be orders, deliveries, invoices depending on the model name."<br />
}<br />
}<br />
}<br />
</pre><br />
<br><br />
'''Example''': The following schema defines an integer parameter named '''modelId''':<br />
<pre><br />
{<br />
"type": "object",<br />
"additionalProperties": false,<br />
"properties": {<br />
"modelId": {<br />
"type": "integer",<br />
"description": "Model ID (identifier)"<br />
}<br />
}<br />
}<br />
</pre><br />
When a tool is called, input is validated against the configured parameter schema. Validation is performed against the sanitized parameter collection so that empty or omitted parameter sets are handled consistently.<br />
<br />
== Defining Structured Tool Output ==<br />
Structured tool output is described using a JSON schema. This allows the MCP client to interpret the response as structured data instead of only plain text. The schema is defined as part of the MCP tool configuration, and the script should return data that matches the configured structure.<br />
<br><br />
'''Example''': The following example defines an object containing a '''filters''' array. Each array item is an object with named properties:<br />
<pre><br />
{<br />
"type": "object",<br />
"properties": {<br />
"filters": {<br />
"type": "array",<br />
"description": "List of defined filters in the given model (as parameter).",<br />
"items": {<br />
"type": "object",<br />
"properties": {<br />
"Filter name": {<br />
"type": "string",<br />
"description": "Human-readable name of the filter."<br />
},<br />
"Filter ID": {<br />
"type": "integer",<br />
"description": "Unique identifier of the filter."<br />
},<br />
"Privacy mode": {<br />
"enum": [<br />
"Default Public",<br />
"Public",<br />
"Private"<br />
],<br />
"description": "Visibility and access level of the filter."<br />
},<br />
"Filter description": {<br />
"type": "string",<br />
"description": "Optional free-text description explaining the purpose and intended use of the filter."<br />
},<br />
"Filter rules": {<br />
"type": "string",<br />
"description": "Filter definition expressed in JSON format. The rules specify the exact criteria used to include or exclude data."<br />
}<br />
}<br />
}<br />
}<br />
}<br />
}<br />
</pre><br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28178QPR ProcessAnalyzer as MCP Server2026-04-27T10:18:30Z<p>TeeHiet: TK-64041</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API key. Both the authentication methods can be configured at the same time to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication, set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_CONFIGURATION database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
Some clients use the [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint: /.well-known/openid-configuration. To get this endpoint working when QPR ProcessAnalyzer is hosted in Windows in IIS, the following setup is required:<br />
<br />
Add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br />
<pre><br />
https://<your-host>/.well-known/openid-configuration<br />
</pre><br />
<br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
== Creating MCP Tools ==<br />
MCP tools are implemented using [[Managing_Scripts|scripts]] written in QPR ProcessAnalyzer expression language. A script will be added as the MCP tool when the **MCP tool** checkbox is enabled in the [[Managing_Scripts#Script_Properties|Script Properties]]. Only system administrator users can enable the MCP tool checkbox. Also, scripts that are MCP tools, only system administrators can modify them because any changes to the MCP interface is restricted to system administrators for security reasons.<br />
<br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# Open or create the script.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Testing MCP tools in QPR ProcessAnalyzer ==<br />
When developing MCP tools, it might be useful try test them in QPR ProcessAnalyzer before publishing as MCP tools. Scripts (used as MCP tools) can be called in the [[Navigation_Menu#Expression_Designer|Expression Designer]]. The following example expression calls a script with some parameters and shows the return value as json:<br />
<syntaxhighlight lang="typescript" line><br />
let returnValue = ScriptById(1).Run(#{<br />
"string_param": "value1",<br />
"integer_param": 123,<br />
"boolean_param": false,<br />
"array_param": ["a", "b", "c"]<br />
});<br />
return ToJson(returnValue);<br />
</syntaxhighlight><br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_CONFIGURATION database table.<br />
* '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_CONFIGURATION database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. This is often automatically done by MCP Client software.<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
* Connect to Server: <br />
** In MCP Inspector, provide the server's MCP endpoint URL (e.g., https://your-pa-server/qprpa/api/mcp)<br />
** Select Streamable HTTP as the transport type.<br />
** Select "Via Proxy" as connection type.<br />
* Authenticate: <br />
** If using API Key-based authentication, configure "X-Mcp-Api-Key" as additional custom header with the value specified in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting of the PA server.<br />
** If using OAuth, set one of the accepted audience values to Authentication/OAuth 2.0 Flow/Client ID (or leave it empty if DCR is enabled).<br />
*** Open Auth Settings<br />
*** Click "Quick OAuth Flow"-button.<br />
**** Perform OAuth authorization using the built-in OAuth provider.<br />
**** Provided that the authentication has been configured correctly, a successful authentication message should be shown.<br />
** Click Connect.<br />
* List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool created for a parameterless QPR ProcessAnalyzer script having id 216, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "Script-216",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 0<br />
}<br />
}<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Data_Schema_Dialog&diff=28125Data Schema Dialog2026-04-16T13:35:18Z<p>TeeHiet: TK-63602</p>
<hr />
<div>The Data Schema dialog provides a visual way to manage your project's Snowflake datatables and the relationships (foreign keys) between them.<br><br />
The Data Schema dialog displays an entity-relationship (ER) diagram of your datatables and their relations. The ER diagram automatically arranges the datatables and relations for a clear overview. You cannot manually change the position of items.<br />
<br />
You can zoom in and out, and pan across the diagram to explore your data schema. The view is constrained to keep the diagram visible. Clicking on a datatable or a relation in the diagram will select it and open a corresponding details panel on the side, allowing you to view and edit its properties. Clicking on an empty area of the diagram will unselect any item and close the panel.<br><br />
If your project has no datatables to display, a message "Start by adding a datatable" will appear.<br />
<br />
Note that datatables stored in SQL Server or those used in an object-centric model (Objects, Events, EventToObject, ObjectToObject) are not displayed in this dialog.<br />
<br />
== Column Display ==<br />
A dropdown menu allows you to control the level of detail shown for columns in the datatables. The following selections are available:<br />
* '''Don't show columns''': Hides all columns for a clean, high-level view.<br />
* '''Show key and relation columns''': Displays only primary keys, foreign keys, and the columns they target.<br />
* '''Show all columns''': Shows every column for all datatables in the diagram.<br />
<br />
== Permissions ==<br />
Your ability to make changes is determined by your project permissions. If you lack GenericWrite permissions, all fields will be read-only, and buttons for creating new items will be hidden. Deleting datatables requires the DeleteModel permission.<br />
<br />
== Handling Invalid Relations ==<br />
When the dialog opens, it checks for invalid relations (e.g., a relation pointing to a non-existent datatable or column). If any are found, an error message will appear with a Delete invalid relations button to remove them.<br />
<br />
== Creating a New Datatable ==<br />
# Click the New datatable button to open the "New datatable" side panel.<br />
# Enter a unique name for your datatable in the Datatable name field.<br />
# Click Save.<br />
The new datatable will be created and will appear selected in the diagram, automatically opening the "Datatable details" panel for further configuration.<br><br />
The Save button is disabled if the chosen name is already in use by another datatable in the project.<br />
<br />
== Datatable Details ==<br />
To edit an existing datatable, select it in the diagram to open the Datatable details panel. This panel has three tabs: Properties, Columns, and Data location.<br />
<br />
=== Properties Tab ===<br />
This tab displays key information about the datatable. The Properties tab has the following editable Fields:<br />
* '''Datatable name''': The name of the datatable. Must be unique within the project.<br />
* '''Description''': An optional, multi-line text field for notes.<br />
<br />
The Properties tab has the following read-only fields:<br />
* '''Datatable ID''': The system-assigned numeric ID.<br />
* '''Snowflake object type''': Shows if the datatable is a Table or a View in Snowflake.<br />
* '''Row count''': The number of rows in the datatable.<br />
* '''Column count''': The number of columns in the datatable.<br />
* '''Data changed''': Timestamp of the last data load performed via QPR ProcessAnalyzer.<br />
* '''Data changed by''': The user who performed the last data load.<br />
* '''Properties changed''': Timestamp of the last change to the datatable's properties (e.g., name, columns).<br />
* '''Properties changed by''': The user who last changed the properties.<br />
* '''Created''': Timestamp of the datatable's creation.<br />
* '''Created by''': The user who created the datatable.<br />
<br />
Click '''Save''' to apply any changes made to the name or description.<br />
<br />
=== Columns Tab ===<br />
This tab shows a table of all columns in the datatable, allowing you to add, edit, reorder, and delete them.<br />
<br />
==== Editing a Column ====<br />
* To rename a column, simply edit the text in the Column name field. The change is saved automatically when you click outside the textbox. Duplicate column names are not allowed.<br />
* Use the Key checkbox to designate a column as part of the datatable's primary key.<br />
Note that the Data type of an existing column cannot be changed.<br />
<br />
==== Adding a New Column ====<br />
# Click on the "Add column" row at the bottom of the table.<br />
# Enter a Column name.<br />
# Select the Data type from the dropdown: Text (default), Decimal, Integer, Date, or Boolean.<br />
# Check the Key box if it's a primary key column.<br />
# Click the save button on that row to create the column. The button is only active when a valid column name is entered.<br />
<br />
==== Reordering and Deleting Columns ====<br />
* Drag and drop rows using the handle to reorder columns.<br />
* Click the trashcan icon at the end of a row to delete a column.<br />
<br />
=== Data Location Tab ===<br />
This tab specifies where the datatable's data is stored in Snowflake. You can link a datatable to an existing Snowflake table or let the system manage it. The following fields are available:<br />
* '''Snowflake database''': The database name. Leave empty to use the default from the connection string.<br />
* '''Snowflake schema''': The schema name. Leave empty to use the default.<br />
* '''Snowflake table''': The table or view name. Leave empty to use a system-defined table.<br />
Note: Table names cannot start with "pa_dt" or "qprpa_dt" as these are reserved prefixes.<br />
<br><br />
If you specify a database, you must also specify the schema and table for the changes to be saved.<br />
<br />
=== Deleting a Datatable ===<br />
To delete a datatable, click the '''Delete''' button. This button is hidden if you do not have the DeleteModel permission.<br />
<br />
== Managing Relations (Foreign Keys) ==<br />
Relations define how your datatables are linked. You can create and manage these from the Data Schema diagram.<br />
<br />
=== Creating a New Relation ===<br />
# Click the '''New relation''' button to open the "New relation" side panel.<br />
# Define the relation by selecting the source and target datatables and columns:<br />
#* Source datatable: The table containing the foreign key.<br />
#* Target datatable: The table the foreign key points to.<br />
#* Source column: The column in the source table.<br />
#* Target column: The column in the target table.<br />
#Click Create.<br />
The new relation will appear as a line connecting the two datatables in the diagram.<br />
<br />
=== Editing a Relation ===<br />
To edit an existing relation, select it in the diagram to open the '''Relation details''' panel.<br />
<br />
==== Defining Column Pairs ====<br />
* A relation is defined by at least one pair of columns. Use the '''Source datatable''', '''Target datatable''', '''Source column''', and '''Target column''' dropdowns to define the link.<br />
* Only columns with Text or Integer data types can be used in a relation.<br />
* You can add more column pairs for composite keys by clicking the "Add column pair" button.<br />
* Each additional column pair can be deleted by clicking its delete button.<br />
<br />
'''Searching''': All dropdown lists include a search field to help you quickly find datatables or columns by name. The search is case-insensitive.<br><br />
'''Saving Changes''': Click the Save button to apply your changes. The button is disabled if any dropdown is empty or if the same column is used in multiple pairs within the same relation.<br><br />
'''Automatic Closing''': The panel will close without saving if you select another item or click on an empty space in the diagram.<br><br />
<br />
==== Deleting a Relation ====<br />
To delete a relation, click the '''Delete''' button in the '''Relation details''' panel. A confirmation dialog will appear.</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Data_Schema_Dialog&diff=28124Data Schema Dialog2026-04-16T13:27:18Z<p>TeeHiet: TK-63602</p>
<hr />
<div>The Data Schema dialog in QPR ProcessAnalyzer provides a visual way to manage your project's Snowflake datatables and the relationships (foreign keys) between them.<br><br />
The Data Schema dialog displays an entity-relationship (ER) diagram of your datatables and their relations. The ER diagram automatically arranges the datatables and relations for a clear overview. You cannot manually change the position of items.<br />
<br />
You can zoom in and out, and pan across the diagram to explore your data schema. The view is constrained to keep the diagram visible. Clicking on a datatable or a relation in the diagram will select it and open a corresponding details panel on the side, allowing you to view and edit its properties. Clicking on an empty area of the diagram will unselect any item and close the panel.<br><br />
If your project has no datatables to display, a message "Start by adding a datatable" will appear.<br />
<br />
Note that datatables stored in SQL Server or those used in an object-centric model (Objects, Events, EventToObject, ObjectToObject) are not displayed in this dialog.<br />
<br />
== Column Display ==<br />
A dropdown menu allows you to control the level of detail shown for columns in the datatables. The following selections are available:<br />
* '''Don't show columns''': Hides all columns for a clean, high-level view.<br />
* '''Show key and relation columns''': Displays only primary keys, foreign keys, and the columns they target.<br />
* '''Show all columns''': Shows every column for all datatables in the diagram.<br />
<br />
== Permissions ==<br />
Your ability to make changes is determined by your project permissions. If you lack GenericWrite permissions, all fields will be read-only, and buttons for creating new items will be hidden. Deleting datatables requires the DeleteModel permission.<br />
<br />
== Handling Invalid Relations ==<br />
When the dialog opens, it checks for invalid relations (e.g., a relation pointing to a non-existent datatable or column). If any are found, an error message will appear with a Delete invalid relations button to remove them.<br />
<br />
== Creating a New Datatable ==<br />
# Click the New datatable button to open the "New datatable" side panel.<br />
# Enter a unique name for your datatable in the Datatable name field.<br />
# Click Save.<br />
The new datatable will be created and will appear selected in the diagram, automatically opening the "Datatable details" panel for further configuration.<br><br />
The Save button is disabled if the chosen name is already in use by another datatable in the project.<br />
<br />
== Datatable Details ==<br />
To edit an existing datatable, select it in the diagram to open the Datatable details panel. This panel has three tabs: Properties, Columns, and Data location.<br />
<br />
=== Properties Tab ===<br />
This tab displays key information about the datatable. The Properties tab has the following editable Fields:<br />
* '''Datatable name''': The name of the datatable. Must be unique within the project.<br />
* '''Description''': An optional, multi-line text field for notes.<br />
<br />
The Properties tab has the following read-only fields:<br />
* '''Datatable ID''': The system-assigned numeric ID.<br />
* '''Snowflake object type''': Shows if the datatable is a Table or a View in Snowflake.<br />
* '''Row count''': The number of rows in the datatable.<br />
* '''Column count''': The number of columns in the datatable.<br />
* '''Data changed''': Timestamp of the last data load performed via QPR ProcessAnalyzer.<br />
* '''Data changed by''': The user who performed the last data load.<br />
* '''Properties changed''': Timestamp of the last change to the datatable's properties (e.g., name, columns).<br />
* '''Properties changed by''': The user who last changed the properties.<br />
* '''Created''': Timestamp of the datatable's creation.<br />
* '''Created by''': The user who created the datatable.<br />
<br />
Click '''Save''' to apply any changes made to the name or description.<br />
<br />
=== Columns Tab ===<br />
This tab shows a table of all columns in the datatable, allowing you to add, edit, reorder, and delete them.<br />
<br />
==== Editing a Column ====<br />
* To rename a column, simply edit the text in the Column name field. The change is saved automatically when you click outside the textbox. Duplicate column names are not allowed.<br />
* Use the Key checkbox to designate a column as part of the datatable's primary key.<br />
Note that the Data type of an existing column cannot be changed.<br />
<br />
==== Adding a New Column ====<br />
# Click on the "Add column" row at the bottom of the table.<br />
# Enter a Column name.<br />
# Select the Data type from the dropdown: Text (default), Decimal, Integer, Date, or Boolean.<br />
# Check the Key box if it's a primary key column.<br />
# Click the save button on that row to create the column. The button is only active when a valid column name is entered.<br />
<br />
==== Reordering and Deleting Columns ====<br />
* Drag and drop rows using the handle to reorder columns.<br />
* Click the trashcan icon at the end of a row to delete a column.<br />
<br />
=== Data Location Tab ===<br />
This tab specifies where the datatable's data is stored in Snowflake. You can link a datatable to an existing Snowflake table or let the system manage it. The following fields are available:<br />
* '''Snowflake database''': The database name. Leave empty to use the default from the connection string.<br />
* '''Snowflake schema''': The schema name. Leave empty to use the default.<br />
* '''Snowflake table''': The table or view name. Leave empty to use a system-defined table.<br />
Note: Table names cannot start with "pa_dt" or "qprpa_dt" as these are reserved prefixes.<br />
<br><br />
If you specify a database, you must also specify the schema and table for the changes to be saved.<br />
<br />
=== Deleting a Datatable ===<br />
To delete a datatable, click the '''Delete''' button. This button is hidden if you do not have the DeleteModel permission.<br />
<br />
== Managing Relations (Foreign Keys) ==<br />
Relations define how your datatables are linked. You can create and manage these from the Data Schema diagram.<br />
<br />
=== Creating a New Relation ===<br />
# Click the '''New relation''' button to open the "New relation" side panel.<br />
# Define the relation by selecting the source and target datatables and columns:<br />
#* Source datatable: The table containing the foreign key.<br />
#* Target datatable: The table the foreign key points to.<br />
#* Source column: The column in the source table.<br />
#* Target column: The column in the target table.<br />
#Click Create.<br />
The new relation will appear as a line connecting the two datatables in the diagram.<br />
<br />
=== Editing a Relation ===<br />
To edit an existing relation, select it in the diagram to open the '''Relation details''' panel.<br />
<br />
==== Defining Column Pairs ====<br />
* A relation is defined by at least one pair of columns. Use the '''Source datatable''', '''Target datatable''', '''Source column''', and '''Target column''' dropdowns to define the link.<br />
* Only columns with Text or Integer data types can be used in a relation.<br />
* You can add more column pairs for composite keys by clicking the "Add column pair" button.<br />
* Each additional column pair can be deleted by clicking its delete button.<br />
<br />
'''Searching''': All dropdown lists include a search field to help you quickly find datatables or columns by name. The search is case-insensitive.<br><br />
'''Saving Changes''': Click the Save button to apply your changes. The button is disabled if any dropdown is empty or if the same column is used in multiple pairs within the same relation.<br><br />
'''Automatic Closing''': The panel will close without saving if you select another item or click on an empty space in the diagram.<br><br />
<br />
==== Deleting a Relation ====<br />
To delete a relation, click the '''Delete''' button in the '''Relation details''' panel. A confirmation dialog will appear.</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Data_Schema_Dialog&diff=28123Data Schema Dialog2026-04-16T13:26:49Z<p>TeeHiet: TK-63602</p>
<hr />
<div>The Data Schema dialog in QPR ProcessAnalyzer provides a visual way to manage your project's Snowflake datatables and the relationships (foreign keys) between them.<br><br />
The Data Schema dialog displays an entity-relationship (ER) diagram of your datatables and their relations. The ER diagram automatically arranges the datatables and relations for a clear overview. You cannot manually change the position of items.<br />
<br />
You can zoom in and out, and pan across the diagram to explore your data schema. The view is constrained to keep the diagram visible. Clicking on a datatable or a relation in the diagram will select it and open a corresponding details panel on the side, allowing you to view and edit its properties. Clicking on an empty area of the diagram will unselect any item and close the panel.<br />
If your project has no datatables to display, a message "Start by adding a datatable" will appear.<br />
<br />
Datatables stored in SQL Server or those used in an object-centric model (Objects, Events, EventToObject, ObjectToObject) are not displayed in this dialog.<br />
<br />
== Column Display ==<br />
A dropdown menu allows you to control the level of detail shown for columns in the datatables. The following selections are available:<br />
* '''Don't show columns''': Hides all columns for a clean, high-level view.<br />
* '''Show key and relation columns''': Displays only primary keys, foreign keys, and the columns they target.<br />
* '''Show all columns''': Shows every column for all datatables in the diagram.<br />
<br />
== Permissions ==<br />
Your ability to make changes is determined by your project permissions. If you lack GenericWrite permissions, all fields will be read-only, and buttons for creating new items will be hidden. Deleting datatables requires the DeleteModel permission.<br />
<br />
== Handling Invalid Relations ==<br />
When the dialog opens, it checks for invalid relations (e.g., a relation pointing to a non-existent datatable or column). If any are found, an error message will appear with a Delete invalid relations button to remove them.<br />
<br />
== Creating a New Datatable ==<br />
# Click the New datatable button to open the "New datatable" side panel.<br />
# Enter a unique name for your datatable in the Datatable name field.<br />
# Click Save.<br />
The new datatable will be created and will appear selected in the diagram, automatically opening the "Datatable details" panel for further configuration.<br><br />
The Save button is disabled if the chosen name is already in use by another datatable in the project.<br />
<br />
== Datatable Details ==<br />
To edit an existing datatable, select it in the diagram to open the Datatable details panel. This panel has three tabs: Properties, Columns, and Data location.<br />
<br />
=== Properties Tab ===<br />
This tab displays key information about the datatable. The Properties tab has the following editable Fields:<br />
* '''Datatable name''': The name of the datatable. Must be unique within the project.<br />
* '''Description''': An optional, multi-line text field for notes.<br />
<br />
The Properties tab has the following read-only fields:<br />
* '''Datatable ID''': The system-assigned numeric ID.<br />
* '''Snowflake object type''': Shows if the datatable is a Table or a View in Snowflake.<br />
* '''Row count''': The number of rows in the datatable.<br />
* '''Column count''': The number of columns in the datatable.<br />
* '''Data changed''': Timestamp of the last data load performed via QPR ProcessAnalyzer.<br />
* '''Data changed by''': The user who performed the last data load.<br />
* '''Properties changed''': Timestamp of the last change to the datatable's properties (e.g., name, columns).<br />
* '''Properties changed by''': The user who last changed the properties.<br />
* '''Created''': Timestamp of the datatable's creation.<br />
* '''Created by''': The user who created the datatable.<br />
<br />
Click '''Save''' to apply any changes made to the name or description.<br />
<br />
=== Columns Tab ===<br />
This tab shows a table of all columns in the datatable, allowing you to add, edit, reorder, and delete them.<br />
<br />
==== Editing a Column ====<br />
* To rename a column, simply edit the text in the Column name field. The change is saved automatically when you click outside the textbox. Duplicate column names are not allowed.<br />
* Use the Key checkbox to designate a column as part of the datatable's primary key.<br />
Note that the Data type of an existing column cannot be changed.<br />
<br />
==== Adding a New Column ====<br />
# Click on the "Add column" row at the bottom of the table.<br />
# Enter a Column name.<br />
# Select the Data type from the dropdown: Text (default), Decimal, Integer, Date, or Boolean.<br />
# Check the Key box if it's a primary key column.<br />
# Click the save button on that row to create the column. The button is only active when a valid column name is entered.<br />
<br />
==== Reordering and Deleting Columns ====<br />
* Drag and drop rows using the handle to reorder columns.<br />
* Click the trashcan icon at the end of a row to delete a column.<br />
<br />
=== Data Location Tab ===<br />
This tab specifies where the datatable's data is stored in Snowflake. You can link a datatable to an existing Snowflake table or let the system manage it. The following fields are available:<br />
* '''Snowflake database''': The database name. Leave empty to use the default from the connection string.<br />
* '''Snowflake schema''': The schema name. Leave empty to use the default.<br />
* '''Snowflake table''': The table or view name. Leave empty to use a system-defined table.<br />
Note: Table names cannot start with "pa_dt" or "qprpa_dt" as these are reserved prefixes.<br />
<br><br />
If you specify a database, you must also specify the schema and table for the changes to be saved.<br />
<br />
=== Deleting a Datatable ===<br />
To delete a datatable, click the '''Delete''' button. This button is hidden if you do not have the DeleteModel permission.<br />
<br />
== Managing Relations (Foreign Keys) ==<br />
Relations define how your datatables are linked. You can create and manage these from the Data Schema diagram.<br />
<br />
=== Creating a New Relation ===<br />
# Click the '''New relation''' button to open the "New relation" side panel.<br />
# Define the relation by selecting the source and target datatables and columns:<br />
#* Source datatable: The table containing the foreign key.<br />
#* Target datatable: The table the foreign key points to.<br />
#* Source column: The column in the source table.<br />
#* Target column: The column in the target table.<br />
#Click Create.<br />
The new relation will appear as a line connecting the two datatables in the diagram.<br />
<br />
=== Editing a Relation ===<br />
To edit an existing relation, select it in the diagram to open the '''Relation details''' panel.<br />
<br />
==== Defining Column Pairs ====<br />
* A relation is defined by at least one pair of columns. Use the '''Source datatable''', '''Target datatable''', '''Source column''', and '''Target column''' dropdowns to define the link.<br />
* Only columns with Text or Integer data types can be used in a relation.<br />
* You can add more column pairs for composite keys by clicking the "Add column pair" button.<br />
* Each additional column pair can be deleted by clicking its delete button.<br />
<br />
'''Searching''': All dropdown lists include a search field to help you quickly find datatables or columns by name. The search is case-insensitive.<br><br />
'''Saving Changes''': Click the Save button to apply your changes. The button is disabled if any dropdown is empty or if the same column is used in multiple pairs within the same relation.<br><br />
'''Automatic Closing''': The panel will close without saving if you select another item or click on an empty space in the diagram.<br><br />
<br />
==== Deleting a Relation ====<br />
To delete a relation, click the '''Delete''' button in the '''Relation details''' panel. A confirmation dialog will appear.</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Data_Schema_Dialog&diff=28122Data Schema Dialog2026-04-16T13:25:55Z<p>TeeHiet: TK-63602</p>
<hr />
<div>The Data Schema dialog in QPR ProcessAnalyzer provides a visual way to manage your project's Snowflake datatables and the relationships (foreign keys) between them.<br><br />
The Data Schema dialog displays an entity-relationship (ER) diagram of your datatables and their relations. The ER diagram automatically arranges the datatables and relations for a clear overview. You cannot manually change the position of items.<br />
<br />
You can zoom in and out, and pan across the diagram to explore your data schema. The view is constrained to keep the diagram visible.<br />
<br />
Interaction: Clicking on a datatable or a relation in the diagram will select it and open a corresponding details panel on the side, allowing you to view and edit its properties. Clicking on an empty area of the diagram will unselect any item and close the panel.<br />
Initial State: If your project has no datatables to display, a message "Start by adding a datatable" will appear.<br />
<br />
Datatables stored in SQL Server or those used in an object-centric model (Objects, Events, EventToObject, ObjectToObject) are not displayed in this dialog.<br />
<br />
== Column Display ==<br />
A dropdown menu allows you to control the level of detail shown for columns in the datatables. The following selections are available:<br />
* '''Don't show columns''': Hides all columns for a clean, high-level view.<br />
* '''Show key and relation columns''': Displays only primary keys, foreign keys, and the columns they target.<br />
* '''Show all columns''': Shows every column for all datatables in the diagram.<br />
<br />
== Permissions ==<br />
Your ability to make changes is determined by your project permissions. If you lack GenericWrite permissions, all fields will be read-only, and buttons for creating new items will be hidden. Deleting datatables requires the DeleteModel permission.<br />
<br />
== Handling Invalid Relations ==<br />
When the dialog opens, it checks for invalid relations (e.g., a relation pointing to a non-existent datatable or column). If any are found, an error message will appear with a Delete invalid relations button to remove them.<br />
<br />
== Creating a New Datatable ==<br />
# Click the New datatable button to open the "New datatable" side panel.<br />
# Enter a unique name for your datatable in the Datatable name field.<br />
# Click Save.<br />
The new datatable will be created and will appear selected in the diagram, automatically opening the "Datatable details" panel for further configuration.<br><br />
The Save button is disabled if the chosen name is already in use by another datatable in the project.<br />
<br />
== Datatable Details ==<br />
To edit an existing datatable, select it in the diagram to open the Datatable details panel. This panel has three tabs: Properties, Columns, and Data location.<br />
<br />
=== Properties Tab ===<br />
This tab displays key information about the datatable. The Properties tab has the following editable Fields:<br />
* '''Datatable name''': The name of the datatable. Must be unique within the project.<br />
* '''Description''': An optional, multi-line text field for notes.<br />
<br />
The Properties tab has the following read-only fields:<br />
* '''Datatable ID''': The system-assigned numeric ID.<br />
* '''Snowflake object type''': Shows if the datatable is a Table or a View in Snowflake.<br />
* '''Row count''': The number of rows in the datatable.<br />
* '''Column count''': The number of columns in the datatable.<br />
* '''Data changed''': Timestamp of the last data load performed via QPR ProcessAnalyzer.<br />
* '''Data changed by''': The user who performed the last data load.<br />
* '''Properties changed''': Timestamp of the last change to the datatable's properties (e.g., name, columns).<br />
* '''Properties changed by''': The user who last changed the properties.<br />
* '''Created''': Timestamp of the datatable's creation.<br />
* '''Created by''': The user who created the datatable.<br />
<br />
Click '''Save''' to apply any changes made to the name or description.<br />
<br />
=== Columns Tab ===<br />
This tab shows a table of all columns in the datatable, allowing you to add, edit, reorder, and delete them.<br />
<br />
==== Editing a Column ====<br />
* To rename a column, simply edit the text in the Column name field. The change is saved automatically when you click outside the textbox. Duplicate column names are not allowed.<br />
* Use the Key checkbox to designate a column as part of the datatable's primary key.<br />
Note that the Data type of an existing column cannot be changed.<br />
<br />
==== Adding a New Column ====<br />
# Click on the "Add column" row at the bottom of the table.<br />
# Enter a Column name.<br />
# Select the Data type from the dropdown: Text (default), Decimal, Integer, Date, or Boolean.<br />
# Check the Key box if it's a primary key column.<br />
# Click the save button on that row to create the column. The button is only active when a valid column name is entered.<br />
<br />
==== Reordering and Deleting Columns ====<br />
* Drag and drop rows using the handle to reorder columns.<br />
* Click the trashcan icon at the end of a row to delete a column.<br />
<br />
=== Data Location Tab ===<br />
This tab specifies where the datatable's data is stored in Snowflake. You can link a datatable to an existing Snowflake table or let the system manage it. The following fields are available:<br />
* '''Snowflake database''': The database name. Leave empty to use the default from the connection string.<br />
* '''Snowflake schema''': The schema name. Leave empty to use the default.<br />
* '''Snowflake table''': The table or view name. Leave empty to use a system-defined table.<br />
Note: Table names cannot start with "pa_dt" or "qprpa_dt" as these are reserved prefixes.<br />
<br><br />
If you specify a database, you must also specify the schema and table for the changes to be saved.<br />
<br />
=== Deleting a Datatable ===<br />
To delete a datatable, click the '''Delete''' button. This button is hidden if you do not have the DeleteModel permission.<br />
<br />
== Managing Relations (Foreign Keys) ==<br />
Relations define how your datatables are linked. You can create and manage these from the Data Schema diagram.<br />
<br />
=== Creating a New Relation ===<br />
# Click the '''New relation''' button to open the "New relation" side panel.<br />
# Define the relation by selecting the source and target datatables and columns:<br />
#* Source datatable: The table containing the foreign key.<br />
#* Target datatable: The table the foreign key points to.<br />
#* Source column: The column in the source table.<br />
#* Target column: The column in the target table.<br />
#Click Create.<br />
The new relation will appear as a line connecting the two datatables in the diagram.<br />
<br />
=== Editing a Relation ===<br />
To edit an existing relation, select it in the diagram to open the '''Relation details''' panel.<br />
<br />
==== Defining Column Pairs ====<br />
* A relation is defined by at least one pair of columns. Use the '''Source datatable''', '''Target datatable''', '''Source column''', and '''Target column''' dropdowns to define the link.<br />
* Only columns with Text or Integer data types can be used in a relation.<br />
* You can add more column pairs for composite keys by clicking the "Add column pair" button.<br />
* Each additional column pair can be deleted by clicking its delete button.<br />
<br />
'''Searching''': All dropdown lists include a search field to help you quickly find datatables or columns by name. The search is case-insensitive.<br><br />
'''Saving Changes''': Click the Save button to apply your changes. The button is disabled if any dropdown is empty or if the same column is used in multiple pairs within the same relation.<br><br />
'''Automatic Closing''': The panel will close without saving if you select another item or click on an empty space in the diagram.<br><br />
<br />
==== Deleting a Relation ====<br />
To delete a relation, click the '''Delete''' button in the '''Relation details''' panel. A confirmation dialog will appear.</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Data_Schema_Dialog&diff=28121Data Schema Dialog2026-04-16T13:24:58Z<p>TeeHiet: TK-63602</p>
<hr />
<div>The Data Schema dialog in QPR ProcessAnalyzer provides a visual way to manage your project's Snowflake datatables and the relationships (foreign keys) between them.<br><br />
<br />
Datatables stored in SQL Server or those used in an object-centric model (Objects, Events, EventToObject, ObjectToObject) are not displayed in this dialog.<br />
<br />
== Overview ==<br />
<br />
The Data Schema dialog displays an entity-relationship (ER) diagram of your datatables and their relations. The ER diagram automatically arranges the datatables and relations for a clear overview. You cannot manually change the position of items.<br />
<br />
You can zoom in and out, and pan across the diagram to explore your data schema. The view is constrained to keep the diagram visible.<br />
<br />
Interaction: Clicking on a datatable or a relation in the diagram will select it and open a corresponding details panel on the side, allowing you to view and edit its properties. Clicking on an empty area of the diagram will unselect any item and close the panel.<br />
Initial State: If your project has no datatables to display, a message "Start by adding a datatable" will appear.<br />
<br />
== Column Display ==<br />
A dropdown menu allows you to control the level of detail shown for columns in the datatables. The following selections are available:<br />
* '''Don't show columns''': Hides all columns for a clean, high-level view.<br />
* '''Show key and relation columns''': Displays only primary keys, foreign keys, and the columns they target.<br />
* '''Show all columns''': Shows every column for all datatables in the diagram.<br />
<br />
== Permissions ==<br />
Your ability to make changes is determined by your project permissions. If you lack GenericWrite permissions, all fields will be read-only, and buttons for creating new items will be hidden. Deleting datatables requires the DeleteModel permission.<br />
<br />
== Handling Invalid Relations ==<br />
When the dialog opens, it checks for invalid relations (e.g., a relation pointing to a non-existent datatable or column). If any are found, an error message will appear with a Delete invalid relations button to remove them.<br />
<br />
== Creating a New Datatable ==<br />
# Click the New datatable button to open the "New datatable" side panel.<br />
# Enter a unique name for your datatable in the Datatable name field.<br />
# Click Save.<br />
The new datatable will be created and will appear selected in the diagram, automatically opening the "Datatable details" panel for further configuration.<br><br />
The Save button is disabled if the chosen name is already in use by another datatable in the project.<br />
<br />
== Datatable Details ==<br />
To edit an existing datatable, select it in the diagram to open the Datatable details panel. This panel has three tabs: Properties, Columns, and Data location.<br />
<br />
=== Properties Tab ===<br />
This tab displays key information about the datatable. The Properties tab has the following editable Fields:<br />
* '''Datatable name''': The name of the datatable. Must be unique within the project.<br />
* '''Description''': An optional, multi-line text field for notes.<br />
<br />
The Properties tab has the following read-only fields:<br />
* '''Datatable ID''': The system-assigned numeric ID.<br />
* '''Snowflake object type''': Shows if the datatable is a Table or a View in Snowflake.<br />
* '''Row count''': The number of rows in the datatable.<br />
* '''Column count''': The number of columns in the datatable.<br />
* '''Data changed''': Timestamp of the last data load performed via QPR ProcessAnalyzer.<br />
* '''Data changed by''': The user who performed the last data load.<br />
* '''Properties changed''': Timestamp of the last change to the datatable's properties (e.g., name, columns).<br />
* '''Properties changed by''': The user who last changed the properties.<br />
* '''Created''': Timestamp of the datatable's creation.<br />
* '''Created by''': The user who created the datatable.<br />
<br />
Click '''Save''' to apply any changes made to the name or description.<br />
<br />
=== Columns Tab ===<br />
This tab shows a table of all columns in the datatable, allowing you to add, edit, reorder, and delete them.<br />
<br />
==== Editing a Column ====<br />
* To rename a column, simply edit the text in the Column name field. The change is saved automatically when you click outside the textbox. Duplicate column names are not allowed.<br />
* Use the Key checkbox to designate a column as part of the datatable's primary key.<br />
Note that the Data type of an existing column cannot be changed.<br />
<br />
==== Adding a New Column ====<br />
# Click on the "Add column" row at the bottom of the table.<br />
# Enter a Column name.<br />
# Select the Data type from the dropdown: Text (default), Decimal, Integer, Date, or Boolean.<br />
# Check the Key box if it's a primary key column.<br />
# Click the save button on that row to create the column. The button is only active when a valid column name is entered.<br />
<br />
==== Reordering and Deleting Columns ====<br />
* Drag and drop rows using the handle to reorder columns.<br />
* Click the trashcan icon at the end of a row to delete a column.<br />
<br />
=== Data Location Tab ===<br />
This tab specifies where the datatable's data is stored in Snowflake. You can link a datatable to an existing Snowflake table or let the system manage it. The following fields are available:<br />
* '''Snowflake database''': The database name. Leave empty to use the default from the connection string.<br />
* '''Snowflake schema''': The schema name. Leave empty to use the default.<br />
* '''Snowflake table''': The table or view name. Leave empty to use a system-defined table.<br />
Note: Table names cannot start with "pa_dt" or "qprpa_dt" as these are reserved prefixes.<br />
<br><br />
If you specify a database, you must also specify the schema and table for the changes to be saved.<br />
<br />
=== Deleting a Datatable ===<br />
To delete a datatable, click the '''Delete''' button. This button is hidden if you do not have the DeleteModel permission.<br />
<br />
== Managing Relations (Foreign Keys) ==<br />
Relations define how your datatables are linked. You can create and manage these from the Data Schema diagram.<br />
<br />
=== Creating a New Relation ===<br />
# Click the '''New relation''' button to open the "New relation" side panel.<br />
# Define the relation by selecting the source and target datatables and columns:<br />
#* Source datatable: The table containing the foreign key.<br />
#* Target datatable: The table the foreign key points to.<br />
#* Source column: The column in the source table.<br />
#* Target column: The column in the target table.<br />
#Click Create.<br />
The new relation will appear as a line connecting the two datatables in the diagram.<br />
<br />
=== Editing a Relation ===<br />
To edit an existing relation, select it in the diagram to open the '''Relation details''' panel.<br />
<br />
==== Defining Column Pairs ====<br />
* A relation is defined by at least one pair of columns. Use the '''Source datatable''', '''Target datatable''', '''Source column''', and '''Target column''' dropdowns to define the link.<br />
* Only columns with Text or Integer data types can be used in a relation.<br />
* You can add more column pairs for composite keys by clicking the "Add column pair" button.<br />
* Each additional column pair can be deleted by clicking its delete button.<br />
<br />
'''Searching''': All dropdown lists include a search field to help you quickly find datatables or columns by name. The search is case-insensitive.<br><br />
'''Saving Changes''': Click the Save button to apply your changes. The button is disabled if any dropdown is empty or if the same column is used in multiple pairs within the same relation.<br><br />
'''Automatic Closing''': The panel will close without saving if you select another item or click on an empty space in the diagram.<br><br />
<br />
==== Deleting a Relation ====<br />
To delete a relation, click the '''Delete''' button in the '''Relation details''' panel. A confirmation dialog will appear.</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Data_Schema_Dialog&diff=28120Data Schema Dialog2026-04-16T13:24:18Z<p>TeeHiet: TK-63602</p>
<hr />
<div>The Data Schema dialog in QPR ProcessAnalyzer provides a visual way to manage your project's Snowflake datatables and the relationships (foreign keys) between them.<br><br />
<br />
Note: Datatables stored in SQL Server or those used in an object-centric model (Objects, Events, EventToObject, ObjectToObject) are not displayed in this dialog.<br />
<br />
== Overview ==<br />
<br />
The Data Schema dialog displays an entity-relationship (ER) diagram of your datatables and their relations. The ER diagram automatically arranges the datatables and relations for a clear overview. You cannot manually change the position of items.<br />
<br />
You can zoom in and out, and pan across the diagram to explore your data schema. The view is constrained to keep the diagram visible.<br />
<br />
Interaction: Clicking on a datatable or a relation in the diagram will select it and open a corresponding details panel on the side, allowing you to view and edit its properties. Clicking on an empty area of the diagram will unselect any item and close the panel.<br />
Initial State: If your project has no datatables to display, a message "Start by adding a datatable" will appear.<br />
<br />
== Column Display ==<br />
A dropdown menu allows you to control the level of detail shown for columns in the datatables. The following selections are available:<br />
* '''Don't show columns''': Hides all columns for a clean, high-level view.<br />
* '''Show key and relation columns''': Displays only primary keys, foreign keys, and the columns they target.<br />
* '''Show all columns''': Shows every column for all datatables in the diagram.<br />
<br />
== Permissions ==<br />
Your ability to make changes is determined by your project permissions. If you lack GenericWrite permissions, all fields will be read-only, and buttons for creating new items will be hidden. Deleting datatables requires the DeleteModel permission.<br />
<br />
== Handling Invalid Relations ==<br />
When the dialog opens, it checks for invalid relations (e.g., a relation pointing to a non-existent datatable or column). If any are found, an error message will appear with a Delete invalid relations button to remove them.<br />
<br />
== Creating a New Datatable ==<br />
# Click the New datatable button to open the "New datatable" side panel.<br />
# Enter a unique name for your datatable in the Datatable name field.<br />
# Click Save.<br />
The new datatable will be created and will appear selected in the diagram, automatically opening the "Datatable details" panel for further configuration.<br><br />
The Save button is disabled if the chosen name is already in use by another datatable in the project.<br />
<br />
== Datatable Details ==<br />
To edit an existing datatable, select it in the diagram to open the Datatable details panel. This panel has three tabs: Properties, Columns, and Data location.<br />
<br />
=== Properties Tab ===<br />
This tab displays key information about the datatable. The Properties tab has the following editable Fields:<br />
* '''Datatable name''': The name of the datatable. Must be unique within the project.<br />
* '''Description''': An optional, multi-line text field for notes.<br />
<br />
The Properties tab has the following read-only fields:<br />
* '''Datatable ID''': The system-assigned numeric ID.<br />
* '''Snowflake object type''': Shows if the datatable is a Table or a View in Snowflake.<br />
* '''Row count''': The number of rows in the datatable.<br />
* '''Column count''': The number of columns in the datatable.<br />
* '''Data changed''': Timestamp of the last data load performed via QPR ProcessAnalyzer.<br />
* '''Data changed by''': The user who performed the last data load.<br />
* '''Properties changed''': Timestamp of the last change to the datatable's properties (e.g., name, columns).<br />
* '''Properties changed by''': The user who last changed the properties.<br />
* '''Created''': Timestamp of the datatable's creation.<br />
* '''Created by''': The user who created the datatable.<br />
<br />
Click '''Save''' to apply any changes made to the name or description.<br />
<br />
=== Columns Tab ===<br />
This tab shows a table of all columns in the datatable, allowing you to add, edit, reorder, and delete them.<br />
<br />
==== Editing a Column ====<br />
* To rename a column, simply edit the text in the Column name field. The change is saved automatically when you click outside the textbox. Duplicate column names are not allowed.<br />
* Use the Key checkbox to designate a column as part of the datatable's primary key.<br />
Note that the Data type of an existing column cannot be changed.<br />
<br />
==== Adding a New Column ====<br />
# Click on the "Add column" row at the bottom of the table.<br />
# Enter a Column name.<br />
# Select the Data type from the dropdown: Text (default), Decimal, Integer, Date, or Boolean.<br />
# Check the Key box if it's a primary key column.<br />
# Click the save button on that row to create the column. The button is only active when a valid column name is entered.<br />
<br />
==== Reordering and Deleting Columns ====<br />
* Drag and drop rows using the handle to reorder columns.<br />
* Click the trashcan icon at the end of a row to delete a column.<br />
<br />
=== Data Location Tab ===<br />
This tab specifies where the datatable's data is stored in Snowflake. You can link a datatable to an existing Snowflake table or let the system manage it. The following fields are available:<br />
* '''Snowflake database''': The database name. Leave empty to use the default from the connection string.<br />
* '''Snowflake schema''': The schema name. Leave empty to use the default.<br />
* '''Snowflake table''': The table or view name. Leave empty to use a system-defined table.<br />
Note: Table names cannot start with "pa_dt" or "qprpa_dt" as these are reserved prefixes.<br />
<br><br />
If you specify a database, you must also specify the schema and table for the changes to be saved.<br />
<br />
=== Deleting a Datatable ===<br />
To delete a datatable, click the '''Delete''' button. This button is hidden if you do not have the DeleteModel permission.<br />
<br />
== Managing Relations (Foreign Keys) ==<br />
Relations define how your datatables are linked. You can create and manage these from the Data Schema diagram.<br />
<br />
=== Creating a New Relation ===<br />
# Click the '''New relation''' button to open the "New relation" side panel.<br />
# Define the relation by selecting the source and target datatables and columns:<br />
#* Source datatable: The table containing the foreign key.<br />
#* Target datatable: The table the foreign key points to.<br />
#* Source column: The column in the source table.<br />
#* Target column: The column in the target table.<br />
#Click Create.<br />
The new relation will appear as a line connecting the two datatables in the diagram.<br />
<br />
=== Editing a Relation ===<br />
To edit an existing relation, select it in the diagram to open the '''Relation details''' panel.<br />
<br />
==== Defining Column Pairs ====<br />
* A relation is defined by at least one pair of columns. Use the '''Source datatable''', '''Target datatable''', '''Source column''', and '''Target column''' dropdowns to define the link.<br />
* Only columns with Text or Integer data types can be used in a relation.<br />
* You can add more column pairs for composite keys by clicking the "Add column pair" button.<br />
* Each additional column pair can be deleted by clicking its delete button.<br />
<br />
'''Searching''': All dropdown lists include a search field to help you quickly find datatables or columns by name. The search is case-insensitive.<br><br />
'''Saving Changes''': Click the Save button to apply your changes. The button is disabled if any dropdown is empty or if the same column is used in multiple pairs within the same relation.<br><br />
'''Automatic Closing''': The panel will close without saving if you select another item or click on an empty space in the diagram.<br><br />
<br />
==== Deleting a Relation ====<br />
To delete a relation, click the '''Delete''' button in the '''Relation details''' panel. A confirmation dialog will appear.</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_Project_Workspace&diff=28119QPR ProcessAnalyzer Project Workspace2026-04-16T12:36:31Z<p>TeeHiet: TK-63602</p>
<hr />
<div>In QPR ProcessAnalyzer, ''dashboards'', ''models'', ''datatables'' and ''scripts'' are organized into projects. '''Project Workspace''' shows all projects in a hierarchy (on the left side) and contents of the selected project (on the right side) divided into tabs based on the type of the entity. There are tabs for dashboards, models, datatables, scripts and projects. Dashboards and datatables are described in this article and scripts are described in [[Managing Scripts]].<br />
<br />
The Project Workspace is opened after logging in to QPR ProcessAnalyzer. All actions, such as open, create, modify and delete, are available as buttons in the toolbar and also in the context menu, which can be opened by right clicking the target project, dashboard, datatable, model, or script.<br />
<br />
The projects hierarchy can be hidden by clicking the blue ''Collapse'' button in the top of the divider, to make more space for the contents table. If the Collapse button is not visible, hover the upper side of the divider with the mouse to make the button visible. To show the projects hierarchy again, click the grey ''Expand'' button on the top left of the screen.<br />
<br />
Access control is not taking the projects hierarchy into account. If user has permissions to a project but not its parent project, the project is accessible and shown in the top level of the projects hierarchy. Moving the project is not allowed though because it requires access to the parent project.<br />
<br />
There are the following requirements for names given to objects: it cannot be empty, maximum length is 440 characters, and it cannot contain the slash (/) character.<br />
<br />
== Projects ==<br />
<br />
Projects are organized into a hierarchy, where projects can contain child projects. The hierarchy is visible in the left side of the workspace, where a project can be selected to see its contents on the right side. In addition, there is the '''Projects''' tab showing child projects of the selected project. The Projects tab has two different layouts selectable: Card layout and Table layout.<br />
<br />
[[File:Workspace.png]]<br />
<br />
=== Opening Project ===<br />
Project can be opened in the workspace to see its contents, by clicking the project in the left side hierarchy. Alternatively the '''Projects''' tab can be used browse projects by drilling down into child projects by clicking a project in the card view or by double-clicking a project in the table view.<br />
<br />
=== Changing Project Properties ===<br />
Project properties can be viewed and edited in the [[Project_Properties_Dialog|Project properties dialog]] that can be opened by right-clicking the project either in the left side project hierarchy or in the table view and then selecting '''Properties'''.<br />
<br />
=== Creating Project ===<br />
# On the left side projects hierarchy, select the project where you want to create a new project.<br />
# Click the '''New''' button and click '''Project'''.<br />
# Define a name for the projects and click '''Create'''.<br />
<br />
=== Deleting Project ===<br />
# Select project(s) you want to delete on the table layout in the '''Projects''' tab.<br />
# Click the '''Delete''' button or right-click and select '''Delete''' from the popup menu, then click '''Delete''' for the confirmation message. (The deleted project goes to the bin.)<br />
<br />
A project can also be deleted by right-clicking a single project on the left side hierarchy and selecting '''Delete''' from the popup menu.<br />
<br />
Note that project cannot be deleted if the project or its child projects contain the currently selected model.<br />
<br />
=== Renaming Project ===<br />
# Select the project to be renamed on the table layout in the '''Projects''' tab.<br />
# Click the '''Rename''' button.<br />
# Change the project name in the opening dialog and click '''OK'''.<br />
<br />
A project can also be renamed by right-clicking a single project on the left side hierarchy and selecting '''Rename''' from the popup menu.<br />
<br />
=== Moving Project ===<br />
Projects can be moved by dragging them with a mouse from the table layout in '''Projects''' tab to a new parent project in the left side hierarchy.<br />
<br />
Projects can also be moved by right-clicking the project in the left side hierarchy or on the table layout in the '''Projects''' tab, selecting the '''Move''' option in the popup menu, and then selecting the new parent project in the opening list of projects.<br />
<br />
=== Exporting Project ===<br />
Projects can be exported to a file as follows:<br />
# On the left side projects hierarchy, right-click the project you want to export. (Alternatively, the project can be selected in the '''Projects''' tab.)<br />
# In the opening context menu, click '''Export'''.<br />
# The project is exported to a file.<br />
<br />
Notes about the project export files:<br />
* Export files don't contain object ID's, and new ID's are created in the import. If there are scripts that refer to objects by their ID's, the imported scripts won't work. It's a good practice to write scripts to refer to other objects by their names rather than ID's.<br />
* In the export file, the ''ModelId'' dashboard variable is replaced with the ''ModelName'' variable containing the model name. In the import, the ''ModelName'' variable is replaced by the ''ModelId'' variable referring to a corresponding model created in the import. This is required because model ID's are not part of the export file, and the model name is used to refer to the model. This replacement is not supported by the chart-specific model selection, so the setting needs to be set manually after the import.<br />
* Child projects are not part of the export file.<br />
* Project permissions are not part of the export file.<br />
* Project secrets are not part of the export file.<br />
* Private filters are not part of the export file.<br />
* Datatables data is not part of the export file. If you also want to export data, use the CSV export. If the data is in Snowflake and there is great amount of data, it's recommended to use Snowflake tools for exporting and importing data.<br />
<br />
=== Importing Project ===<br />
# From the left side projects hierarchy, select the project where you want to import the project as a child project, or select the top level of the hierarchy if you want to import a top level project.<br />
# Click the '''New''' button, and select '''Import Project'''.<br />
# Select a '''.json file''' to be imported.<br />
# Project is imported and it appears as a child project of the selected project.<br />
<br />
If there is already a project with the same name under the same parent project, the created project will get a slightly different name than specified in the file.<br />
<br />
=== Project-level Snowflake Database, Schema and Connection String===<br />
In the [[Project_Properties_Dialog#Secrets|Project Properties Dialog]], the project can be linked to a Snowflake database and schema where data for the project's datatables are located. The datatables can use either the default names or user-defined custom names. <br />
<br />
[[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]] can be set for each project separately, and then datatables in the project will use the project-level connection string instead of the global [[PA_Configuration_database_table#SnowflakeConnectionString|Snowflake connection string]]. If you need to set other Snowflake parameters than the database, schema or warehouse (such as Snowflake account or warehouse), the project-level connection string needs to be used.<br />
<br />
It's also possible to use both the project-level connection string and the database/schema settings.<br />
<br />
Note that in the Snowflake Native App, it's not possible to define different account or user in the connection string (only the warehouse can be changed).<br />
<br />
== Dashboards ==<br />
Dashboards can be created, opened, moved, deleted, imported and exported in the '''Dashboards''' tab, which shows all dashboards in the selected project.<br />
<br />
=== Opening Dashboard ===<br />
# Select the project where the dashboard to be opened is located.<br />
# Open the '''Dashboards''' tab.<br />
# Double-click the dashboard in the list, or select the dashboard with a single click and click the '''Open''' button.<br />
<br />
=== Creating Dashboard ===<br />
# On the left side projects hierarchy, select the project where you want to create the dashboard.<br />
# Open the '''Dashboards''' tab.<br />
# Click the '''New''' button and click '''Dashboard'''. The [[QPR_ProcessAnalyzer_Dashboard_Designer|dashboard designer]] opens.<br />
# The dashboard can be named by opening the menu on the right and clicking '''Dashboard properties'''. The name can be defined in the '''General''' tab. The dialog can be closed by clicking the '''Done''' button.<br />
# The dashboard is saved when clicking the '''Save''' button.<br />
<br />
Note that each dashboard in the same project needs to have a unique name.<br />
<br />
=== Deleting Dashboard ===<br />
# Select the project where the dashboard(s) to be deleted are located.<br />
# Open the '''Dashboards''' tab.<br />
# Select one or several dashboards to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
=== Renaming Dashboard ===<br />
# Select the project where the dashboard to be renamed is located.<br />
# Open the '''Dashboards''' tab.<br />
# Select the dashboard to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the dashboard name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Dashboard ===<br />
Dashboards can be moved by dragging them with a mouse from the right side list to the target project in the left side hierarchy. Alternatively, dashboards to be moved can be selected and from the context menu, select '''Move to''' and then select the target project.<br />
<br />
=== Duplicating Dashboard ===<br />
# Select the project where the dashboard to be duplicated is located.<br />
# Open the '''Dashboards''' tab.<br />
# Select the dashboard to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the dashboard is created.<br />
<br />
=== Importing Dashboard ===<br />
Dashboards can be exported and imported as .qprpa files containing the dashboard structure (e.g., charts with their settings) without the actual data. A single .qprpa file can contain several dashboards.<br />
<br />
When dashboards are imported, the selected model will be set for the imported dashboards. Note also that when exporting and imported dashboards, the filter rules are preserved but the stored filter is lost (because the .qprpa files don't contain stored filters).<br />
<br />
Dashboard file can be imported if it has been exported using same or earlier QPR ProcessAnalyzer version. If the dashboard was exported using later version, it might not be possible to import it, if the dashboard structure supported by QPR ProcessAnalyzer has been improved between the versions.<br />
<br />
To import dashboards from a file:<br />
# From the left side projects hierarchy, select the project where you want to import the dashboard(s).<br />
# Open the '''Dashboards''' tab.<br />
# In the header, select a model that will be used for the imported dashboards.<br />
# Click the '''New''' button, and select '''Import Dashboard'''.<br />
# Select a '''.qprpa file''' to be imported.<br />
# Dashboards are imported, after which they appear as selected.<br />
<br />
=== Exporting Dashboard ===<br />
Dashboards can be exported to a .qprpa file, and the same file can contain several dashboards. Dashboards can be exported as follows:<br />
# Navigate to the project where the dashboard(s) to be exported are located.<br />
# Open the '''Dashboards''' tab and select the dashboard(s).<br />
# Click the '''Export''' button. The file can is stored to disk.<br />
<br />
== Models ==<br />
'''Models''' tab shows all models in the selected project. Models can be opened, new created, edited, deleted, imported and exported (you can go through an end-to-end instructions how to [[Creating_Process_Mining_Model|create model from eventlog data from a CSV file]]).<br />
<br />
Model status is shown as an icon left of the model name, indicating the type and validity of the model (and for in-memory models whether the model is in the server memory or being loaded into memory). Models have the following statuses:<br />
* '''Case-centric model''': Model is a valid case-centric Snowflake model.<br />
* '''Object-centric model''': Model is a valid object-centric Snowflake model.<br />
* '''Online''' (for in-memory models): Model is currently in the memory and available to dashboards and analyses. Applicable only for in-memory models.<br />
* '''Offline''' (for in-memory models): Model is currently not the memory (and thus it's not consuming any memory resources). Applicable only for in-memory models.<br />
* '''Loading''' (for in-memory models): Model is currently being loaded into the memory. The loading needs to complete until the model can be used. Applicable only for in-memory models.<br />
* (no icon): When no icon is shown, datasource for the model hasn't been defined and the model cannot be used. To define the datasource, open the [[#Editing_Model_Settings|model properties]] and configure the events and cases datasources.<br />
<br />
The memory capacity of the server limits how many in-memory models there can be in the memory at the same time. Also loading a model into memory might take a while depending the model size. Note that in QPR ProcessAnalyzer, all processing is performed in the server/cloud side, so the model does not need to be loaded into user workstation, and thus it doesn't consume resources in the workstation side.<br />
<br />
=== Opening Model ===<br />
# Select the project where the model to be opened is located.<br />
# Open the '''Models''' tab.<br />
# Double-click the model in the list, or select the model with a single click and click the '''Open''' button. Model is opened in the [[Navigation_Menu#Process_Discovery|Process Discovery]] view.<br />
<br />
=== Editing Model Settings ===<br />
Model level settings are organized into following dialogs: Properties (general settings), Attributes, Notifications and Business calendar. Most settings can be changed while the model is in the memory, but changing datasource related settings and attribute settings will drop the model from the memory.<br />
# Select the project where the model is located.<br />
# Open the '''Models''' tab.<br />
# Select the model and select one of the following options: '''Properties''', '''Attributes''', '''Notifications''' or '''Business Calendar'''.<br />
# After viewing or editing properties, close the dialog by clicking '''OK'''.<br />
<br />
See more about model settings:<br />
* [[Business_Calendar|Business calendar]] (both Snowflake and in-memory models)<br />
* [[Calculated_Attributes_in_QPR_ProcessAnalyzer|Calculated case and event attributes]] (only for in-memory models)<br />
* [[Email_Notifications|Email notifications]] (only for in-memory models)<br />
* [[Case_Level_Permissions|Case level permissions]] (only for in-memory models)<br />
<br />
=== Hiding Object Count Statistics ===<br />
To help optimize the model for performance, it's possible to hide the object count statistics information in dropdown menus. To do this:<br />
# Select the project where the model is located.<br />
# Open the '''Models''' tab.<br />
# Select the model and select '''Properties'''.<br />
# Switch to the '''Details''' tab.<br />
# Remove the selection from '''Show Object Count Statistics'''.<br />
The Show Object Count Statistics setting can be overridden in [[Chart_On-screen_Settings#Configuration|Chart On-screen Settings]].<br />
<br />
=== Change Snowflake Warehouse for Model===<br />
The Snowflake warehouse can be specified for a specific model. When defined, all queries for that model originating from dashboards use the specified warehouse instead of the (default) warehouse from the [[PA_Configuration_database_table#SnowflakeConnectionString|Snowflake connection string]]. You can use smaller warehouse for smaller models, and a larger warehouse for large models, to optimize costs and achieve similar performance for different sizes of models. When leaving the model's warehouse setting empty, the default warehouse in the Snowflake connection string will be used.<br />
<br />
A good practice is to use a smaller Snowflake warehouse as the default warehouse, and specify a larger warehouse for specific models that need it due to performance. Note that different warehouses should not be used unnecessarily because a common warehouse used by multiple models serves as a shared resource for all the usage which may be more cost effective than using different warehouses.<br />
<br />
Note that the Snowflake user used by QPR ProcessAnalyzer to access Snowflake needs to have permissions to use the specified warehouse. If there are no permissions or the specified warehouse doesn't exist in the Snowflake account, there will be an error message: "No active warehouse selected in the current session. Select an active warehouse with the 'use warehouse' command."<br />
<br />
Model's warehouse can be changed as follows:<br />
# Select the project where the model is located.<br />
# Open the '''Models''' tab.<br />
# Select the desired model and press the '''Properties''' button.<br />
# The model properties dialog opens. In the '''Overview''' tab, specify the name of the Snowflake warehouse to the '''Snowflake Warehouse''' field.<br />
# Press the '''Save''' button to close the dialog.<br />
<br />
=== Loading, Dropping and Reloading Model (in-memory only) ===<br />
This functionality is only available for in-memory models.<br />
# Select the project where the model is located.<br />
# Open the '''Models''' tab.<br />
# Select the model and select one of the following options:<br />
#*'''Load''' to start loading the model into memory. This option is available when the model is ''offline''.<br />
#*'''Drop''' to drop the model from the memory (for example to free memory resources). This option is available when the model is ''online'' or ''loading''.<br />
#*'''Reload''' to reload the model into the memory (i.e. drop and immediately start loading). Reloading is needed in order to get the latest data into the model after new data is imported to datatables. This option is available when the model is ''online'' or ''loading''.<br />
<br />
=== Creating Model ===<br />
# On the left side projects hierarchy, select the project where you want to create the model.<br />
# Open the '''Models''' tab.<br />
# Click the '''New''' button and click '''Model'''. Define a name for the model and click '''Create'''. Note that model names must be unique within a project.<br />
<br />
Note that each model in the same project needs to have a unique name.<br />
<br />
=== Deleting Model ===<br />
When a model is deleted, it's not permanently removed, and can be recovered from the [[#Recycle_Bin|bin]]. Note that possible datatables used by the deleted models, are not deleted. Note also that the currently selected model cannot be deleted.<br />
<br />
Steps to delete models:<br />
# Select the project where the model(s) to be deleted are located.<br />
# Open the '''Models''' tab.<br />
# Select one or several models to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
=== Renaming Model ===<br />
# Select the project where the model to be renamed is located.<br />
# Open the '''Models''' tab.<br />
# Select the model to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the model name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Model ===<br />
Models can be moved by dragging them with a mouse from the right side list to the target project in the left side hierarchy. Alternatively, models to be moved can be selected, from the context menu select '''Move to''' and then select the target project.<br />
<br />
=== Duplicating Model ===<br />
Steps to duplicate a model:<br />
# Select the project where the model to be duplicated is located.<br />
# Open the '''Models''' tab.<br />
# Select the model to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the model is created.<br />
Notes:<br />
<br />
* When a model is duplicated, datatables used by the model, are not duplicated. Thus, the duplicate model will refer to the same datatables as the original model. Datatables can be duplicated separately if desired.<br />
* The model may contain [[Filtering_in_QPR_ProcessAnalyzer|filters]] which are duplicated with the model. Only those filters that the user making the duplicate can see, are duplicated.<br />
<br />
=== Importing Model ===<br />
Models can be imported in .pacm and .xes formats. Importing a file creates a new model, so it's not possible to import data to an existing model.<br />
<br />
Steps to import model:<br />
# From the left side projects hierarchy select the project where you want to import the model.<br />
# Open the '''Models''' tab.<br />
# Click the '''New''' button, and select '''Import Model'''.<br />
# Select a .pacm or .xes file to be imported.<br />
<br />
=== Exporting Model ===<br />
Models can be exported to a .pacm file (QPR ProcessAnalyzer compressed model file) to easily move models between QPR ProcessAnalyzer environments. The file contains all the eventlog data and also all model related settings. Steps to export:<br />
# Navigate to the project where the model to be exported is located.<br />
# Open the '''Models''' tab and select the model.<br />
# Click the '''Export''' button. The exported file can be downloaded.<br />
<br />
=== Validating Model ===<br />
Models can be validated to check they are technically valid. If a model is invalid, depending on the issue, it either cannot be used, or alternatively, it can be used but should not be used because calculation results may be incorrect. For Snowflake models, the model validation requires to run queries in Snowflake.<br />
<br />
To validate a model:<br />
# Select the project where the model to be validated is located.<br />
# Open the '''Models''' tab.<br />
# Select the model to be validated.<br />
# Click the '''Validate''' button.<br />
# Validation results are shown. If the model is invalid, a reason description for the invalidity is shown.<br />
<br />
== Datatables ==<br />
'''Datatables''' can store any kind of tabular data in QPR ProcessAnalyzer. Datatables containing events and cases data can be selected as the events and cases datasource for a model. Datatables can also be used in the scripts. Datatables can be created, moved and deleted in the '''Datatables''' tab, which shows all datatables in the selected project.<br />
<br />
Datatables can be stored in Snowflake or SQL Server. For Snowflake datatables, the calculation is also performed in the Snowflake (in a virtual warehouse). Datatables storing data in SQL Server can be used as the in-memory models (loaded into QPR ProcessAnalyzer server memory). Snowflake datatables can be distinguished in the Workspace by the snowflake icon (left of the datatable name). If both SQL Server and Snowflake connections are available, the datasource needs to be selected when creating a datatable.<br />
<br />
Datatable names need to be unique within a project. Datatables stored to SQL Server have the following limitations: Maximum number of columns in a datatable is '''300''', and maximum string length that can be stored into a datatable cell is '''4000''' characters.<br />
<br />
=== Opening Datatable ===<br />
Datatable contents can be viewed as follows:<br />
# On the left side projects hierarchy, select the project where the datatable to be opened is located.<br />
# Open the '''Datatables''' tab.<br />
# Double-click the datatable in the list, or select the datatable with a single click and click the '''Open''' button.<br />
# If you want to change the shown information, click the '''Settings''' button and edit the settings.<br />
# The dialog can be closed by clicking '''Close''' button.<br />
<br />
Following settings are available:<br />
* Visible columns can be removed and changed in the '''Columns''' tab.<br />
* Number of shows row can be changed.<br />
* Sorting of the data can be changed.<br />
* Dimensioning can be taken into use which will show the '''Measures''' tab (for more information, see the [[QPR_ProcessAnalyzer_Chart#Introduction|chart]].<br />
* Datatable can be exported as an .xlsx or .csv file.<br />
<br />
=== Changing Datatable Properties ===<br />
Datatable properties can be viewed and edited in the [[Datatable_Properties_Dialog|Datatable properties dialog]] that can be opened by selecting a datatable and clicking '''Properties'''.<br />
<br />
=== Creating Datatable ===<br />
# On the left side projects hierarchy, select the project where you want to create a datatable.<br />
# Open the '''Datatables''' tab.<br />
# Click the '''New''' button and click '''Datatable'''.<br />
# Define '''Name''' for the datatable. Note that datatable names must be unique within the project.<br />
# Define the '''Datasource''' for the datatable as either '''Snowflake''' (for storing and processing data in Snowflake) or '''Local''' (for storing data in SQL Server and processing in-memory). If either the [[Snowflake Connection Configuration|Snowflake]] or [[PA_Configuration_database_table#SqlServerConnectionString|SQL Server storage]] is not available, this selection is not available and the datatable will be created to the location that is available. If neither are available, datatables cannot be created.<br />
# Click '''Create'''.<br />
<br />
Note that each datatable in the same project needs to have a unique name.<br />
<br />
=== Importing Data to Datatable from CSV File ===<br />
# On the left side projects hierarchy, select the project where the target datatable is located.<br />
# Open the '''Datatables''' tab, and select the datatable where to import data.<br />
# Click the '''Import''' button, and select the CSV file to be imported.<br />
# Check the suggested data type and conversion settings for the columns, and adjust them if needed. You can import data to the existing datatable columns, new datatable columns, or ignore individual CSV file columns in the import (see: [[Importing_Data_to_Datatable_from_CSV_File|CSV file import]]).<br />
# Click '''Start import'''.<br />
<br />
=== Refreshing Datatable from Datasource ===<br />
When a database table behind a datatable is changed, the datatable needs to be refreshed from the datasource (such as Snowflake) to get the data current status to QPR ProcessAnalyzer. Typically the refresh is done after ETL run to load new data has completed. The refresh is the same operation is [[Datatable_in_Expression_Language#Datatable_Functions|Synchronize]] in the expression language.<br />
<br />
Refresh can be done as follows in the UI:<br />
# Select the project where the datatable(s) to be refreshed are located.<br />
# Open the '''Datatables''' tab.<br />
# Select one or several datatables to be refreshed.<br />
# Click the '''Refresh from datasource''' button.<br />
<br />
=== Deleting Datatable ===<br />
# Select the project where the datatable(s) to be deleted are located.<br />
# Open the '''Datatables''' tab.<br />
# Select one or several datatables to be deleted.<br />
# Click the '''Delete datatable''' button and click '''Delete''' to the confirmation message.<br />
<br />
=== Deleting Datatable Rows ===<br />
When a datatable rows are deleted, the datatable itself is preserved including its columns (column names and data types). Datatable rows can be deleted, e.g., when importing the data again from a CSV file.<br />
<br />
Datatable rows can be deleted as follows:<br />
# Select the project where the datatable(s) where to delete rows are located.<br />
# Open the '''Datatables''' tab.<br />
# Select one or several datatables to be deleted.<br />
# Click the '''Delete all rows''' button and click '''Delete''' to the confirmation message.<br />
<br />
=== Renaming Datatable ===<br />
# Select the project where the datatable to be renamed is located.<br />
# Open the '''Datatables''' tab.<br />
# Select the datatable to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the datatable name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Datatable ===<br />
Datatables can be moved by dragging them with a mouse from the right side list to the target project in the left side hierarchy. Alternatively, datatables to be moved can be selected, from the context menu select '''Move to''' and then select the target project.<br />
<br />
=== Duplicating Datatable ===<br />
Datatable duplication (copying) creates a full copy of the datatable where also the data contents is duplicated. If the datatable contains lot of data, duplicating the data might take some time. Copying the data from the original datatable to the new datatable is performed in the background, so the user doesn't need to wait for it. Note that during the data copying, the workspace might temporarily show that the new datatable has less rows than the original.<br />
<br />
When duplicating a Snowflake datatable that uses a [[Datatable_Properties_Dialog#Data_location|custom table]], the duplicate datatable will refer to the same table in Snowflake (and not create a new table).<br />
<br />
# Select the project where the datatable to be duplicated is located.<br />
# Open the '''Datatables''' tab.<br />
# Select the datatable to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the datatable is created.<br />
<br />
== Data Schema ==<br />
See [[Data Schema Dialog]].<br />
<br />
== Bin ==<br />
Deleted projects and models go to the '''Bin''', where they can be either deleted forever or restored back into use. Purpose of the bin is that accidentally deleted items can still be restored. Note that currently dashboards, datatables and scripts don't go to the bin, but they are deleted forever right away. Note also that when a project is deleted (moved to the bin), also models in the project appear in the bin.<br />
<br />
The system administrators can see the bin and delete forever and restore projects and models.<br />
<br />
=== Emptying Bin ===<br />
# Click '''Bin''' in the left side projects hierarchy.<br />
# Click the '''Empty bin''' button on top right.<br />
# Click '''Delete forever''' for the confirmation dialog.<br />
<br />
=== Deleting Items Forever ===<br />
# Click '''Bin''' in the left side projects hierarchy.<br />
# Select items in the bin that you want to delete forever.<br />
# Click the '''Delete forever''' button.<br />
# Click '''Delete forever''' for the confirmation dialog.<br />
<br />
=== Restoring Items ===<br />
# Click '''Bin''' in the left side projects hierarchy.<br />
# Select items in the bin that you want to restore.<br />
# Click the '''Restore''' button.<br />
<br />
Selected items are restored to their original locations.<br />
<br />
[[Category: QPR ProcessAnalyzer]]</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Managing_Scripts&diff=28084Managing Scripts2026-04-09T18:51:02Z<p>TeeHiet: TK-63184</p>
<hr />
<div>In QPR ProcessAnalyzer, scripts can be used for ETL tasks and to automate routines. Scripts are managed in the [[QPR_ProcessAnalyzer_Project_Workspace|Project Workspace]].<br />
<br />
=== Running vs. Calling Scripts ===<br />
''Running'' a script means starting executing a stored script, which can be done in the UI or using the ScriptLauncher. A script can also ''call'' other scripts during the run. The differences between the running and calling are:<br />
* Script can run only once at a time, whereas there are no limitations on how many times a script can be called at the same time<br />
* Script log is written to the running script. No script log is written to the called script.<br />
* Script status shows whether the script is being run or not. The status does not change, when a script is called from other script.<br />
<br />
When a script is running, it's not possible to start another run of the same script, so the first run needs to end to start new. Scripts can call other scripts and a called scripts can run multiple times simultaneously. In the stack of called scripts, the script log is generated to the top level script. Also the top level script shows that it's running and the called scripts do not.<br />
<br />
=== Scripts List ===<br />
When selecting a project and opening the '''Scripts''' tab, all scripts in the project can be seen. Scripts list shows following information:<br />
* '''Name''': Name of the script.<br />
* '''Status''': Status of the script, which is one of following: ''Ready'', ''Running'' or ''Stopping''. For more information about script statuses, see below.<br />
* '''Last run duration''': Duration of the last ended run of the script (the last run result can be any).<br />
* '''Last run date''': Date and time when the last run ended. If you need to know the last run start time, subtract the ''Last run duration'' from this time.<br />
* '''Last run result''': Result of the last run of the script. Either of following: ''Completed'', ''Failed'' or ''Aborted''. For more information about last run results, see below.<br />
* '''Id''': Script id that uniquely identifies the script in the system.<br />
<br />
Scrips are in either of following statuses:<br />
* '''Ready''': Script is currently not running, and can be started.<br />
* '''Running''': Script is currently running, and the script can be stopped. When a script is running, another run of the same script cannot be started.<br />
* '''Stopping''': Script is currently being stopped. When a script is in this status, the script cannot be started nor stopped, so you need to wait for the script to stop. There may be a delay in stopping a script, depending on the operation currently performed by the script.<br />
<br />
The last script run result can be either of the following:<br />
* '''Completed''': The last run ended successfully, i.e. without any errors or exceptions. Note that despite of the technically successful run, the script might still not work as intended.<br />
* '''Failed''': The last run ended to an error or exception. To see more information about the reason of the failure, see the [[#Viewing_Script_Log|last run log]].<br />
* '''Aborted''': The last run was stopped by a user, so the script did not run till the end.<br />
<br />
=== Script Properties ===<br />
To open Script Properties, '''right-click''' the script on the Scripts tab in the Workspace and select '''Properties'''.<br><br />
The Script Properties lists the following information on the '''General''' tab:<br />
* '''Script ID''': A unique ID in the system.<br />
* '''Language''': The script's language, either "SQL" or "Expression".<br />
* '''Status''': As above in Scripts List.<br />
* '''Last run start''': Date and time when the last run started.<br />
* '''Last run end''': As "Last run date" above in Scripts List.<br />
* '''Last run duration''': As above in Scripts List.<br />
* '''Last run result''': As above in Scripts List.<br />
* '''Last modified''': Date and time when the script was last modified.<br />
* '''Last modified by''': User who last modified the script.<br />
* '''Created''': Date and time when the script was created.<br />
* '''Created by''': User who created the script.<br />
<br />
The Script Properties has the following information on the '''MCP''' tab:<br />
* '''MCP tool''': A checkbox to select whether the script can be used as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP]] tool. Only System Administrators can modify this setting. Note that once a script has been defined as an MCP tool, only System Administrators are able to modify the script itself.<br />
<br />
The Script Properties has the following information on the '''Description''' tab:<br />
* A textbox to edit the description of the script.<br />
<br />
=== Editing Script ===<br />
Open the scripts editor as follows:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Edit'''. Alternatively, you can hover the script and click the ''Edit'' button in the end of the row.<br />
<br />
If the script has been defined as an MCP tool, only System Administrators are able to edit the script.<br />
<br />
The script editor can show multiple scripts in the tabs, allowing to easily switch between the scrips. The editor remembers all scripts that have been opened during the session.<br />
<br />
In the script editor, you can:<br />
* Run the script by clicking the '''Run''' button.<br />
* Stop a running script by clicking the '''Stop''' button.<br />
* Save a script having unsaved changes by clicking the '''Save''' button.<br />
* To run a script having unsaved changes, click the '''Save and Run''' button. Note that the script needs to be saved to run it.<br />
* To go back to the list of scripts, click the '''Go back''' button. If there are unsaved changes in any of the opened scripts, you need to either save or cancel the changes.<br />
* To close a script, click the ''Close'' button for the tab showing the script. If there are unsaved changes, you need to either save or cancel changes.<br />
<br />
=== Starting Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Run'''. Alternatively, you can hover the script and click the ''Run'' button in the end of the row.<br />
<br />
Note that when running a script in the UI, the script must not contain commands where ''ExecuteInClientSide'' is enabled, because that is only supported when running scripts using [[QPR_ProcessAnalyzer_ScriptLauncher|QPR ScriptLauncher]].<br />
<br />
=== Stopping Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and from the right-click context menu select '''Stop'''. Alternatively, you can hover the script and click the ''Stop'' button in the end of the row.<br />
<br />
Note that it may take a while for a script to actually stop, depending on what kind of operation the script is executing when it's stopped.<br />
<br />
=== Viewing Script Log ===<br />
It's possible to see the script log of the last run, and monitor the currently running script progress. Logs for older runs are not available in the UI, nut they are stored by the system.<br />
<br />
To see the logs:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select either '''View last run log''' or '''View current run log'''. (The script needs to be running to open the current run log.)<br />
# If keeping the current run log open, the latest log entries are updated automatically every two seconds.<br />
<br />
More information about [[QPR_ProcessAnalyzer_Logs#Script_Log|Script Log]].<br />
<br />
=== Creating Script ===<br />
# On the left side projects hierarchy, select the project where you want to create a script.<br />
# Open the '''Scripts''' tab.<br />
# Click the '''New''' button and click '''Script'''. Define a name for the script and the scripting '''Language''' (either '''Expression''' or '''SQL'''), and then click '''Create'''. Note that script names must be unique within a project.<br />
<br />
Note that the scripting language cannot be changed after the script has been created, so a new script needs to be created to change the language.<br />
<br />
Note that each script in the same project needs to have a unique name.<br />
<br />
=== Deleting Script ===<br />
# Select the project where the script(s) to be deleted are located.<br />
# Open the '''Scripts''' tab.<br />
# Select one or several scripts to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
Note that if the script is being run, it cannot be deleted.<br />
<br />
=== Renaming Script ===<br />
# Select the project where the script to be renamed is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the script name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Script ===<br />
Scripts can be moved by dragging them with the left mouse button from the right side list to the target project in the left side hierarchy. Alternatively, you can first select the scripts, then from the right-click context menu select '''Move to''' and finally select the target project.<br />
<br />
=== Duplicating Script ===<br />
# Select the project where the script to be duplicated is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the script is created.<br />
<br />
=== Viewing Script Run Results ===<br />
Script runs can be [[Managing_Scripts#Running_Script|started]] and [[Managing_Scripts#Stopping_Script|stopped]] in the UI. Note that when running scripts using the UI, return values or results of the script cannot be viewed. If you want to use scripts that return data, there are following options:<br />
* Script can write data to the script log<br />
* Script can write data to a datatable<br />
* Script can be called from a dashboard and use the dashboard to present the returned data (see more below).</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Managing_Scripts&diff=28083Managing Scripts2026-04-09T18:50:06Z<p>TeeHiet: TK-63184</p>
<hr />
<div>In QPR ProcessAnalyzer, scripts can be used for ETL tasks and to automate routines. Scripts are managed in the [[QPR_ProcessAnalyzer_Project_Workspace|Project Workspace]].<br />
<br />
=== Running vs. Calling Scripts ===<br />
''Running'' a script means starting executing a stored script, which can be done in the UI or using the ScriptLauncher. A script can also ''call'' other scripts during the run. The differences between the running and calling are:<br />
* Script can run only once at a time, whereas there are no limitations on how many times a script can be called at the same time<br />
* Script log is written to the running script. No script log is written to the called script.<br />
* Script status shows whether the script is being run or not. The status does not change, when a script is called from other script.<br />
<br />
When a script is running, it's not possible to start another run of the same script, so the first run needs to end to start new. Scripts can call other scripts and a called scripts can run multiple times simultaneously. In the stack of called scripts, the script log is generated to the top level script. Also the top level script shows that it's running and the called scripts do not.<br />
<br />
=== Scripts List ===<br />
When selecting a project and opening the '''Scripts''' tab, all scripts in the project can be seen. Scripts list shows following information:<br />
* '''Name''': Name of the script.<br />
* '''Status''': Status of the script, which is one of following: ''Ready'', ''Running'' or ''Stopping''. For more information about script statuses, see below.<br />
* '''Last run duration''': Duration of the last ended run of the script (the last run result can be any).<br />
* '''Last run date''': Date and time when the last run ended. If you need to know the last run start time, subtract the ''Last run duration'' from this time.<br />
* '''Last run result''': Result of the last run of the script. Either of following: ''Completed'', ''Failed'' or ''Aborted''. For more information about last run results, see below.<br />
* '''Id''': Script id that uniquely identifies the script in the system.<br />
<br />
Scrips are in either of following statuses:<br />
* '''Ready''': Script is currently not running, and can be started.<br />
* '''Running''': Script is currently running, and the script can be stopped. When a script is running, another run of the same script cannot be started.<br />
* '''Stopping''': Script is currently being stopped. When a script is in this status, the script cannot be started nor stopped, so you need to wait for the script to stop. There may be a delay in stopping a script, depending on the operation currently performed by the script.<br />
<br />
The last script run result can be either of the following:<br />
* '''Completed''': The last run ended successfully, i.e. without any errors or exceptions. Note that despite of the technically successful run, the script might still not work as intended.<br />
* '''Failed''': The last run ended to an error or exception. To see more information about the reason of the failure, see the [[#Viewing_Script_Log|last run log]].<br />
* '''Aborted''': The last run was stopped by a user, so the script did not run till the end.<br />
<br />
=== Script Properties ===<br />
To open Script Properties, '''right-click''' the script on the Scripts tab in the Workspace and select '''Properties'''.<br><br />
The Script Properties lists the following information on the '''General''' tab:<br />
* '''Script ID''': A unique ID in the system.<br />
* '''Language''': The script's language, either "SQL" or "Expression".<br />
* '''Status''': As above in Scripts List.<br />
* '''Last run start''': Date and time when the last run started.<br />
* '''Last run end''': As "Last run date" above in Scripts List.<br />
* '''Last run duration''': As above in Scripts List.<br />
* '''Last run result''': As above in Scripts List.<br />
* '''Last modified''': Date and time when the script was last modified.<br />
* '''Last modified by''': User who last modified the script.<br />
* '''Created''': Date and time when the script was created.<br />
* '''Created by''': User who created the script.<br />
<br />
The Script Properties has the following information on the '''MCP''' tab:<br />
* '''MCP tool''': A checkbox to select whether the script can be used as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP]] tool. Only System Administrators can modify this setting. Note that once a script has been defined as an MCP tool, only System Administrators are able to modify the script itself.<br />
<br />
The Script Properties has the following information on the '''Description''' tab:<br />
* A textbox to edit the description of the script.<br />
<br />
=== Editing Script ===<br />
Open the scripts editor as follows:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Edit'''. Alternatively, you can hover the script and click the ''Edit'' button in the end of the row.<br />
<br />
The script editor can show multiple scripts in the tabs, allowing to easily switch between the scrips. The editor remembers all scripts that have been opened during the session.<br />
<br />
In the script editor, you can:<br />
* Run the script by clicking the '''Run''' button.<br />
* Stop a running script by clicking the '''Stop''' button.<br />
* Save a script having unsaved changes by clicking the '''Save''' button.<br />
* To run a script having unsaved changes, click the '''Save and Run''' button. Note that the script needs to be saved to run it.<br />
* To go back to the list of scripts, click the '''Go back''' button. If there are unsaved changes in any of the opened scripts, you need to either save or cancel the changes.<br />
* To close a script, click the ''Close'' button for the tab showing the script. If there are unsaved changes, you need to either save or cancel changes.<br />
<br />
=== Starting Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Run'''. Alternatively, you can hover the script and click the ''Run'' button in the end of the row.<br />
<br />
Note that when running a script in the UI, the script must not contain commands where ''ExecuteInClientSide'' is enabled, because that is only supported when running scripts using [[QPR_ProcessAnalyzer_ScriptLauncher|QPR ScriptLauncher]].<br />
<br />
=== Stopping Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and from the right-click context menu select '''Stop'''. Alternatively, you can hover the script and click the ''Stop'' button in the end of the row.<br />
<br />
Note that it may take a while for a script to actually stop, depending on what kind of operation the script is executing when it's stopped.<br />
<br />
=== Viewing Script Log ===<br />
It's possible to see the script log of the last run, and monitor the currently running script progress. Logs for older runs are not available in the UI, nut they are stored by the system.<br />
<br />
To see the logs:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select either '''View last run log''' or '''View current run log'''. (The script needs to be running to open the current run log.)<br />
# If keeping the current run log open, the latest log entries are updated automatically every two seconds.<br />
<br />
More information about [[QPR_ProcessAnalyzer_Logs#Script_Log|Script Log]].<br />
<br />
=== Creating Script ===<br />
# On the left side projects hierarchy, select the project where you want to create a script.<br />
# Open the '''Scripts''' tab.<br />
# Click the '''New''' button and click '''Script'''. Define a name for the script and the scripting '''Language''' (either '''Expression''' or '''SQL'''), and then click '''Create'''. Note that script names must be unique within a project.<br />
<br />
Note that the scripting language cannot be changed after the script has been created, so a new script needs to be created to change the language.<br />
<br />
Note that each script in the same project needs to have a unique name.<br />
<br />
=== Deleting Script ===<br />
# Select the project where the script(s) to be deleted are located.<br />
# Open the '''Scripts''' tab.<br />
# Select one or several scripts to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
Note that if the script is being run, it cannot be deleted.<br />
<br />
=== Renaming Script ===<br />
# Select the project where the script to be renamed is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the script name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Script ===<br />
Scripts can be moved by dragging them with the left mouse button from the right side list to the target project in the left side hierarchy. Alternatively, you can first select the scripts, then from the right-click context menu select '''Move to''' and finally select the target project.<br />
<br />
=== Duplicating Script ===<br />
# Select the project where the script to be duplicated is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the script is created.<br />
<br />
=== Viewing Script Run Results ===<br />
Script runs can be [[Managing_Scripts#Running_Script|started]] and [[Managing_Scripts#Stopping_Script|stopped]] in the UI. Note that when running scripts using the UI, return values or results of the script cannot be viewed. If you want to use scripts that return data, there are following options:<br />
* Script can write data to the script log<br />
* Script can write data to a datatable<br />
* Script can be called from a dashboard and use the dashboard to present the returned data (see more below).</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=PA_Configuration_database_table&diff=28076PA Configuration database table2026-04-09T12:27:56Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer database has a configuration table '''PA_Configuration''' containing settings listed in the tables below. You need '''SQL Server Management Studio''' to edit the settings in the configuration table. QPR ProcessAnalyzer Server needs to be restarted (e.g. IIS application pool recycled) for the changes to take effect.<br />
<br />
For boolean values, ''true'' and ''1'' are valid values for yes, and ''false'' and ''0'' are valid for no.<br />
<br />
== General Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultDataSource<br />
||<br />
||Datasource where datatables data is stored when datatables are created by a script when the datasource is not explicitly specified in the script. Options are '''Snowflake''' and '''SqlServer'''. Value ''snowflake'' can be used when the ''SnowflakeConnectionString'' setting is defined, and value ''sqlserver'' can be used when the setting ''SqlServerConnectionString'' is configured. The setting can be changed without affecting the existing datatables, as the setting only affect new datatables. When this setting is empty, datatables are created in the metadata database.<br />
|-<br />
||SnowflakeConnectionString<br />
||<br />
||ODBC connection string for the Snowflake account. This setting is needed to make analytics calculations in the Snowflake. More information how to configure the [[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]]. The Snowflake ODBC driver also needs to be installed in the machine running the QPR ProcessAnalyzer Server. When this setting has been configured, users can create Snowflake stored datatables and models using Snowflake calculation.<br />
<br />
When running QPR ProcessAnalyzer in the Snowpark Container Services, leave the SnowflakeConnectionString empty because then the connection string is created automatically using the method provided by the Snowpark Container Services.<br />
|-<br />
||SqlServerConnectionString<br />
||<br />
||Connection string for the SQL Server database containing the datatables data. It's recommended to use a separate database, but it's also possible to connect to the same database as the configuration data. If this setting is not configured, local datatables cannot be created (SQL Server stored). Existing datatables located in the configuration datatabase still work even if this setting has not be configured. Note that the connection uses ADO.Net (not ODBC), so the connection string is similar to the configuration database ([[Server_settings_in_appsettings.json|appsettings.json]] file).<br />
|-<br />
||DefaultColorPalette<br />
||<br />
||Charts color palette used globally in the environment. Defined as a json array of strings encoded with RGB hex (with or without alpha). Note that when a color palette in a chart has been changed, the chart starts using a chart-specific color palette, and the global color palette doesn't affect those charts. <br />
<br />
Example: ["#1F77B4", "#FF7F0E", "#2CA02C", "#D62728", "#9467BD", "#8C564B", "#E377C2", "#7F7F7F", "#BCBD22", "#17BECF"]<br />
|-<br />
||OpenAIAPIKey<br />
||<br />
||API key for the OpenAI API (https://platform.openai.com/docs/api-reference). It needs to be configured to use the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function.<br />
|-<br />
||OpenAIDefaultModelName<br />
||gpt-4o<br />
||OpenAI large language model (LLM) to use for the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function. If not defined, '''gpt-4o''' will be used. Note that only LLM's that support the function calling feature, are suitable for the AI Assistant. More information about OpenAI models: https://platform.openai.com/docs/models.<br />
|-<br />
||DefaultCortexAgentsModelName<br />
||llama3.1-70b<br />
||Specifies the default language model when using Snowflake Cortex Agents (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). If not defined, '''llama3.1-70b''' is used.<br />
|-<br />
||<span id="QueryTimeout">QueryTimeout</span><br />
||300<br />
||Timeout (in seconds) for requests made to /api/expression/query and /api/expression endpoints. When the timeout is exceeded, the query is stopped and a timeout error is returned. Purpose of the timeout is to protect the system against potentially too long running or even never-ending queries which might otherwise jam the system.<br />
|-<br />
||SessionIdleTimeout<br />
||3600<br />
||Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time.<br />
|-<br />
||SessionMaximumDuration<br />
||86400<br />
||Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.<br />
|-<br />
|DatabaseId<br />
|<br />
||Unique identifier for the QPR ProcessAnalyzer environment. Any characters between a-z, A-Z, 0-9 and _ (underscore) can be used in the DatabaseId. If the DatabaseId is missing or set to null, the system will generate a new GUID during startup and use it as the DatabaseId. The DatabaseId can also be an empty string. If using several QPR ProcessAnalyzer environments, make sure each use a different DatabaseId. The DatabaseId is used as part of the table names in Snowflake and SQL Server (in the datatables database). Thus if the DatabaseId is changed, all tables in Snowflake and SQL Server named with qprpa_dt_<DatabaseId>_<DatatableId> need to be renamed.<br />
|-<br />
||<span id="CacheOnlyPrimaryKeysForFilters">CacheOnlyPrimaryKeysForFilters</span><br />
||false<br />
||Defines whether to include all columns in the Snowflake event cache filter tables (''false''), or only the primary key columns (''true''). When ''false'', cache table creation is slower, but the analysis calculation is faster because the original event table is not used anymore. When ''false'', also the cache tables require more storage space in Snowflake.<br />
|}<br />
<br />
== Localization Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultUiLanguage<br />
||en_US<br />
||Language code for the UI language that new user accounts get by default. Thus, a created user account has this language until the user changes her/his language. Also the login page is translated using this language when QPR ProcessAnalyzer is used for the first time in that web browser (when user has changed the language, it's remembered by the browser). This setting must be one of the supported language codes (xx_XX):<br />
* English: '''en_US'''<br />
* Finnish: '''fi_FI'''<br />
* French: '''fr_FR'''<br />
* German: '''de_DE'''<br />
* Polish: '''pl_PL'''<br />
* Portuguese: '''pt_BR'''<br />
* Spanish: '''es_ES'''<br />
* Swedish: '''sv_SE'''<br />
* Ukrainian: '''uk_UK'''<br />
|-<br />
||DefaultDateFormat<br />
||MM/dd/yyyy<br />
||Default date format that new user accounts get by default. The date format does not contain the time part (e.g. hours, minutes and seconds). Defined using the .Net date format (https://docs.microsoft.com/en-us/dotnet/standard/base-types/custom-date-and-time-format-strings).<br />
|-<br />
||DefaultFirstDayOfWeek<br />
||0<br />
||Default first day of the week that new user accounts get by default. '''0''' is Sunday and '''1''' is Monday. This information is used by the UI when showing e.g. calendars.<br />
|-<br />
||DefaultUse12HourClock<br />
||false<br />
||Defines whether the 12-hour clock is used by default (instead of the 24-hour clock) for the new user accounts when showing time information in the UI. Defined as '''true''' or '''false'''. More information about the 12-hour clock: https://en.wikipedia.org/wiki/12-hour_clock.<br />
|-<br />
|}<br />
<br />
== ETL Scripts Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||AllowExternalDatasources<br />
||true<br />
||Can be used to disallow all connections to external datasources in the expression language and SQL scripts to improve security. Disallowed operations include ODBC, OLE DB, SQL Server (Ado.Net), SAP, Salesforce, and call web service. Note that this setting does not prevent the Snowflake processing. Regardless of this setting, QPR ScriptLauncher can be used to extract data from source systems.<br />
|-<br />
||SandboxDatabaseConnectionString<br />
||<br />
||Connection string to scripting sandbox database (ETL). If not defined, SQL-based ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the [[Server_settings_in_appsettings.json|QPR ProcessAnalyzer database connection string]]. More information: [[Setting up Scripting Sandbox]].<br />
|-<br />
||AllowNonTemporaryETLTargetTable<br />
||false<br />
||Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##). More information about temporary tables: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-table-transact-sql?view=sql-server-ver15#temporary-tables.<br />
|-<br />
||DatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to datatables.<br />
|-<br />
|SandboxDatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to sandbox tables in the SQL scripts.<br />
|-<br />
||<span style="color:lightgrey;">DatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.<br />
|-<br />
||<span style="color:lightgrey;">SandboxDatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for sandbox SqlBulkCopy operations.<br />
|}<br />
<br />
== In-memory Calculation Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||NumberOfParallelModelReaders<br />
||4<br />
||Models and datatable contents can be loaded with multiple simultaneous connections to the database to speed up the loading. This setting determines how many parallel loaders/readers at maximum (loaders are loading at the same time). For smaller models there are less parallel loaders than the defined limit: If there are less than 100000 rows in the table, there is only one loader. If there are less than 200000 rows in the table, there are only two loaders, and so on. <br />
<br />
The more there are parallel loaders, the more processor load and network bandwidth is consumed, and other operations in QPR ProcessAnalyzer might slow down. Note also that the performance optimum is achieved with a certain number of parallel loaders which differs between environment. Thus to achieve the best performance, data loading should be tested with different number of parallel loaders. Increasing number of parallel loaders beyond the optimum decreases the performance.<br />
<br />
|-<br />
||StartupModelLoadingMaxParallelism<br />
||2<br />
||Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the [[Automatic_Model_Loading_on_Server_Startup|Automatic Loading on Server Startup]]. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, '''2''' is used as a default value.<br />
<br />
Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server. <br />
<br />
This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.<br />
|}<br />
<br />
== SAML 2.0 Federated Authentication Settings ==<br />
Note that the SAMLMetadataUrl and ServiceProviderLocation are mandatory for the federated authentication to work. Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SAMLMetadataUrl<br />
||<br />
Metadata URL of the identity provider (IdP). Check that the metadata url can actually be opened using a web browser and is publicly available. The metadata is an XML document starting with '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''. This setting is mandatory for the SAML authentication to work.<br />
|-<br />
||ServiceProviderLocation<br />
||<br />
Specifies the QPR ProcessAnalyzer server location (the root path which contains e.g. the ''ui'' folder). It's used by the url to redirect back to QPR ProcessAnalyzer after a successful authentication from the identity provider. The setting is defined in the following form: '''https://<hostname>/qprpa''', for example '''<nowiki>https://customer.onqpr.com/qprpa</nowiki>'''. Note that the actual redirect back url is '''https://<hostname>/qprpa/api/Saml2/Acs''' (/api/Saml2/Acs is automatically included to the url). This setting is mandatory for the SAML authentication to work. Note that if this reply url is configured the identity provider, it must match with the ServiceProviderLocation setting.<br />
|-<br />
||SAMLUserIdAttribute<br />
||<br />
Name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not defined, the '''saml:Assertion''' > '''saml:Subject''' > '''saml:NameID''' attribute in the assertion is used. If this setting is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the saml:NameID element is different than the usual SAML attributes that are defined by the saml:Attribute elements. For example, if an email address is used as a user id, the value of the setting could be for example ''<nowiki>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</nowiki>''.<br />
|-<br />
||SAMLGroupsAttribute<br />
||Attribute name in SAML assertion that is mapped to user groups in QPR ProcessAnalyzer. The user group names are case sensitive. When a user logs in, the user is added to and removed from groups based on the information in the SAML assertion. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped.<br />
<br />
In the SAML assertion, attributes are in the saml:Assertion > saml:AttributeStatement > saml:Attribute elements (the Name attribute in the saml:Attribute element is used for matching).<br />
|-<br />
||SAMLEncryptionCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to encrypt SAML assertions. The public key of the certificate is published in the service provider metadata, where the identity provider can read it and encrypt SAML assertions. QPR ProcessAnalyzer as the service provider uses the corresponding private key of the certificate to decrypt SAML assertions. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. This setting is needed only when using the SAML assertions encryption. Even though this setting is defined, the SAML assertions are not required to be encrypted. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|-<br />
||SAMLSigningCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to sign SAML authentication requests sent from QPR ProcessAnalyzer to the identity provider. The public key of the certificate is published in the service provider metadata, where the identity provider can read it, to verify the authenticity of the SAML requests. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. If this setting is not defined, the internal hard-coded signing certificate is used. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|}<br />
<br />
== OAuth 2.0 Authentication Settings ==<br />
Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||ExternalOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for server that is used to authenticate the user signing in to ProcessAnalyzer. If not set, external OAuth server will not be used for authentication. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''Authority''' (string): OAuth authority URL for authentication. E.g., https://accounts.google.com/<br />
* '''Audience''' (string): Mandatory. OAuth audience/client ID for validating OAuth tokens.<br />
* '''AuthorizeUrlOverride''' (string): Override URL for the OAuth authorization endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''TokenUrlOverride''' (string): Override URL for the OAuth token endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''UserInfoUrlOverride''' (string): Override URL to fetch user information from the OAuth provider. If empty or not defined, the default URL from the authority's discovery document is used. Should not be used if OpendID Connect is to be used as access token validation is skipped.<br />
* '''ClientSecret''' (string): OAuth client secret for confidential client authentication. If configured, this value is sent as the client_secret parameter when exchanging authorization codes for tokens.<br />
* '''Issuer''' (string): OAuth issuer for validating OAuth tokens. If empty, the authority URL's issuer is used.<br />
* '''UserNameClaim''' (string): Name of the claim whose value is to be used as the name of the authenticated user. The default value is "preferred_username".<br />
* '''UserGroupsClaim''' (string): Name of the claim whose value is to be used as the names of the user groups the authenticated user belongs to. When a user logs in, the user is added to and removed from groups based on the information in the UserGroupsClaim. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped. The default value is empty, i.e. groups are not synchronized.<br><br />
Example configuration:<br><br />
<pre><br />
{<br />
"Authority": "https://accounts.google.com/",<br />
"AuthorizeUrlOverride": "https://accounts.google.com/o/oauth2/v2/auth",<br />
"TokenUrlOverride": "https://oauth2.googleapis.com/token",<br />
"UserInfoUrlOverride": "https://www.googleapis.com/oauth2/v3/userinfo",<br />
"Audience": "...",<br />
"ClientSecret": "...",<br />
"UserNameClaim": "name"<br />
}<br />
</pre><br />
|}<br />
<br />
== SMTP Server Settings ==<br />
SMTP server settings are needed for QPR ProcessAnalyzer to send email messages. Email sending is used by the [[Email_Notifications|notifications]] and the [[Generic_Functions_in_QPR_ProcessAnalyzer#SendEmail|SendEmail]] function in the expression language.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SmtpServer<br />
||DNS name, host name or IP address of the SMTP server. Mandatory setting for the email sending to work.<br />
|-<br />
||SmtpPort<br />
||TCP port number of the SMTP server. If not defined, port 25 is used by default.<br />
|-<br />
||SmtpAuthenticationUsername<br />
||User name for authenticating to the SMTP server. If not defined, no authentication is used to connect to the SMTP server.<br />
|-<br />
||SmtpFromAddress<br />
||Email address where email messages sent by QPR ProcessAnalyzer appear to be coming from. This doesn't need to be a real email address, although the address used may affect email spam filters. The setting configured here is the default email address to use in following cases:<br />
* ''From address'' is not set for the email notifications<br />
* ''From'' parameter is not defined for the expression language ''SendEmail'' function<br />
* ''EmailFrom'' parameter is not defined for the SQL Scripting SendEmail operation<br />
|-<br />
||SmtpAuthenticationPassword<br />
||Password for authenticating to the SMTP server.<br />
|-<br />
||SmtpEnableSSL<br />
||Use value '''True''' or '''False''' depending whether TLS connection to the SMTP server is used or not. If not defined, ''False'' is the default value.<br />
|}<br />
<br />
== MCP Server Settings ==<br />
MCP server settings are needed for QPR ProcessAnalyzer to act as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP server]].<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||McpServerConfiguration<br />
||Used to configure the MCP server built-in to ProcessAnalyzer server. If not set, MCP server functionality is disabled and MCP clients can't access to this server using MCP. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''McpApiKey''' (string): If defined and not empty, defines the API key that can be used to connect to QPR ProcessAnalyzer MCP server without any other authentication. Default value is empty.<br><br />
Example value when using API Key authentication:<br />
<pre><br />
{ "McpApiKey": "xnTqr@Hd87JcuCmQZbjUHfwD@" }<br />
</pre><br />
Example value when using OAuth 2.0 authentication:<br />
<pre><br />
{ "McpApiKey": null }<br />
</pre><br />
Note that when using OAuth 2.0 authentication the BuiltInOAuthServerConfiguration (see below) needs to be defined with an AcceptedAudiences value other than the default.<br />
|-<br />
||BuiltInOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for OAuth server built-in to ProcessAnalyzer server. If not set, built-in OAuth server functionality is disabled and clients can't connect to this server using OAuth. If set, contains a string representation of a JSON object that supports the following properties: <br />
* '''Issuer''' (string): OAuth issuer, which identifies a trusted authorization server that authenticates users and issues OAuth 2.0 access tokens and JSON Web Tokens (JWTs). If not defined or empty, default value is used, which is of format: <QPR ProcessAnalyzer server's base URL>/builtin-oauth. For example: https://example.com/builtin-oauth. The default value is empty.<br />
* '''AcceptedAudiences''' (array of strings): Array of strings that define all the accepted audiences this QPR ProcessAnalyzer server is serving. When authorizing user using OAuth, these values are matched with the audience-parameter (a.k.a. client id) of the authorization. Only requests with a value that matches a value in this array are accepted. If null, audience-parameters are not validated at all. Instead, all authorization requests will pass the audience validation check. This also enables [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. The default value is an empty array.<br />
* '''SigningKey''' (string): Signing key for the built-in OAuth identity provider. If empty, generates a non-deterministic key based on the physical system where QPR ProcessAnalyzer is running. NOTE: Once QPR ProcessAnalyzer server is restarted, these non-deterministic keys no longer work. If defined, string must contain the key either in PEM ([https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsa.importfrompem?view=net-10.0 RFC 7468 PEM-encoded key]) or JSON ([https://datatracker.ietf.org/doc/html/rfc7517 RFC 7517]) format. The default value is empty.<br />
* '''TokenLifetimeSeconds''' (integer): Token lifetime in seconds for the built-in OAuth identity provider. After access token created by built-in gets older than this lifetime, it becomes unusable and a new token has to be created. The default value is 3600.<br />
* '''DisableExternalOAuthForwarding''' (boolean): Can be used to disable forwarding OAuth requests to any configured external OAuth authorization server or SAML identity provider. If set, a QPR ProcessAnalyzer's own login view functionality is always used when authorizing a user. The default value is false.<br />
Example configuration:<br><br />
<pre><br />
{<br />
"Issuer": "",<br />
"AcceptedAudiences": ["qpr-processanalyzer"],<br />
"SigningKey": "",<br />
"TokenLifetime": 3600<br />
}<br />
</pre><br />
|}<br />
<br />
== Readonly Information ==<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
|<span style="color:lightgrey;">DatabaseVersion</span><br />
||Database schema version. It will be updated automatically when the newer version of QPR ProcessAnalyzer Server connects to the database and performs migration for the database schema.<br />
|-<br />
||<span style="color:lightgrey;">InitializationScriptDatabaseVersion</span><br />
||Database version that was when the database was initialized when the software was installed. Do not change this setting.<br />
|-<br />
||<span style="color:lightgrey;">MinimumDatabaseVersion</span><br />
||Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.<br />
|}</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=PA_Configuration_database_table&diff=28075PA Configuration database table2026-04-09T12:24:10Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer database has a configuration table '''PA_Configuration''' containing settings listed in the tables below. You need '''SQL Server Management Studio''' to edit the settings in the configuration table. QPR ProcessAnalyzer Server needs to be restarted (e.g. IIS application pool recycled) for the changes to take effect.<br />
<br />
For boolean values, ''true'' and ''1'' are valid values for yes, and ''false'' and ''0'' are valid for no.<br />
<br />
== General Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultDataSource<br />
||<br />
||Datasource where datatables data is stored when datatables are created by a script when the datasource is not explicitly specified in the script. Options are '''Snowflake''' and '''SqlServer'''. Value ''snowflake'' can be used when the ''SnowflakeConnectionString'' setting is defined, and value ''sqlserver'' can be used when the setting ''SqlServerConnectionString'' is configured. The setting can be changed without affecting the existing datatables, as the setting only affect new datatables. When this setting is empty, datatables are created in the metadata database.<br />
|-<br />
||SnowflakeConnectionString<br />
||<br />
||ODBC connection string for the Snowflake account. This setting is needed to make analytics calculations in the Snowflake. More information how to configure the [[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]]. The Snowflake ODBC driver also needs to be installed in the machine running the QPR ProcessAnalyzer Server. When this setting has been configured, users can create Snowflake stored datatables and models using Snowflake calculation.<br />
<br />
When running QPR ProcessAnalyzer in the Snowpark Container Services, leave the SnowflakeConnectionString empty because then the connection string is created automatically using the method provided by the Snowpark Container Services.<br />
|-<br />
||SqlServerConnectionString<br />
||<br />
||Connection string for the SQL Server database containing the datatables data. It's recommended to use a separate database, but it's also possible to connect to the same database as the configuration data. If this setting is not configured, local datatables cannot be created (SQL Server stored). Existing datatables located in the configuration datatabase still work even if this setting has not be configured. Note that the connection uses ADO.Net (not ODBC), so the connection string is similar to the configuration database ([[Server_settings_in_appsettings.json|appsettings.json]] file).<br />
|-<br />
||DefaultColorPalette<br />
||<br />
||Charts color palette used globally in the environment. Defined as a json array of strings encoded with RGB hex (with or without alpha). Note that when a color palette in a chart has been changed, the chart starts using a chart-specific color palette, and the global color palette doesn't affect those charts. <br />
<br />
Example: ["#1F77B4", "#FF7F0E", "#2CA02C", "#D62728", "#9467BD", "#8C564B", "#E377C2", "#7F7F7F", "#BCBD22", "#17BECF"]<br />
|-<br />
||OpenAIAPIKey<br />
||<br />
||API key for the OpenAI API (https://platform.openai.com/docs/api-reference). It needs to be configured to use the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function.<br />
|-<br />
||OpenAIDefaultModelName<br />
||gpt-4o<br />
||OpenAI large language model (LLM) to use for the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function. If not defined, '''gpt-4o''' will be used. Note that only LLM's that support the function calling feature, are suitable for the AI Assistant. More information about OpenAI models: https://platform.openai.com/docs/models.<br />
|-<br />
||DefaultCortexAgentsModelName<br />
||llama3.1-70b<br />
||Specifies the default language model when using Snowflake Cortex Agents (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). If not defined, '''llama3.1-70b''' is used.<br />
|-<br />
||<span id="QueryTimeout">QueryTimeout</span><br />
||300<br />
||Timeout (in seconds) for requests made to /api/expression/query and /api/expression endpoints. When the timeout is exceeded, the query is stopped and a timeout error is returned. Purpose of the timeout is to protect the system against potentially too long running or even never-ending queries which might otherwise jam the system.<br />
|-<br />
||SessionIdleTimeout<br />
||3600<br />
||Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time.<br />
|-<br />
||SessionMaximumDuration<br />
||86400<br />
||Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.<br />
|-<br />
|DatabaseId<br />
|<br />
||Unique identifier for the QPR ProcessAnalyzer environment. Any characters between a-z, A-Z, 0-9 and _ (underscore) can be used in the DatabaseId. If the DatabaseId is missing or set to null, the system will generate a new GUID during startup and use it as the DatabaseId. The DatabaseId can also be an empty string. If using several QPR ProcessAnalyzer environments, make sure each use a different DatabaseId. The DatabaseId is used as part of the table names in Snowflake and SQL Server (in the datatables database). Thus if the DatabaseId is changed, all tables in Snowflake and SQL Server named with qprpa_dt_<DatabaseId>_<DatatableId> need to be renamed.<br />
|-<br />
||<span id="CacheOnlyPrimaryKeysForFilters">CacheOnlyPrimaryKeysForFilters</span><br />
||false<br />
||Defines whether to include all columns in the Snowflake event cache filter tables (''false''), or only the primary key columns (''true''). When ''false'', cache table creation is slower, but the analysis calculation is faster because the original event table is not used anymore. When ''false'', also the cache tables require more storage space in Snowflake.<br />
|}<br />
<br />
== Localization Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultUiLanguage<br />
||en_US<br />
||Language code for the UI language that new user accounts get by default. Thus, a created user account has this language until the user changes her/his language. Also the login page is translated using this language when QPR ProcessAnalyzer is used for the first time in that web browser (when user has changed the language, it's remembered by the browser). This setting must be one of the supported language codes (xx_XX):<br />
* English: '''en_US'''<br />
* Finnish: '''fi_FI'''<br />
* French: '''fr_FR'''<br />
* German: '''de_DE'''<br />
* Polish: '''pl_PL'''<br />
* Portuguese: '''pt_BR'''<br />
* Spanish: '''es_ES'''<br />
* Swedish: '''sv_SE'''<br />
* Ukrainian: '''uk_UK'''<br />
|-<br />
||DefaultDateFormat<br />
||MM/dd/yyyy<br />
||Default date format that new user accounts get by default. The date format does not contain the time part (e.g. hours, minutes and seconds). Defined using the .Net date format (https://docs.microsoft.com/en-us/dotnet/standard/base-types/custom-date-and-time-format-strings).<br />
|-<br />
||DefaultFirstDayOfWeek<br />
||0<br />
||Default first day of the week that new user accounts get by default. '''0''' is Sunday and '''1''' is Monday. This information is used by the UI when showing e.g. calendars.<br />
|-<br />
||DefaultUse12HourClock<br />
||false<br />
||Defines whether the 12-hour clock is used by default (instead of the 24-hour clock) for the new user accounts when showing time information in the UI. Defined as '''true''' or '''false'''. More information about the 12-hour clock: https://en.wikipedia.org/wiki/12-hour_clock.<br />
|-<br />
|}<br />
<br />
== ETL Scripts Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||AllowExternalDatasources<br />
||true<br />
||Can be used to disallow all connections to external datasources in the expression language and SQL scripts to improve security. Disallowed operations include ODBC, OLE DB, SQL Server (Ado.Net), SAP, Salesforce, and call web service. Note that this setting does not prevent the Snowflake processing. Regardless of this setting, QPR ScriptLauncher can be used to extract data from source systems.<br />
|-<br />
||SandboxDatabaseConnectionString<br />
||<br />
||Connection string to scripting sandbox database (ETL). If not defined, SQL-based ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the [[Server_settings_in_appsettings.json|QPR ProcessAnalyzer database connection string]]. More information: [[Setting up Scripting Sandbox]].<br />
|-<br />
||AllowNonTemporaryETLTargetTable<br />
||false<br />
||Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##). More information about temporary tables: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-table-transact-sql?view=sql-server-ver15#temporary-tables.<br />
|-<br />
||DatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to datatables.<br />
|-<br />
|SandboxDatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to sandbox tables in the SQL scripts.<br />
|-<br />
||<span style="color:lightgrey;">DatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.<br />
|-<br />
||<span style="color:lightgrey;">SandboxDatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for sandbox SqlBulkCopy operations.<br />
|}<br />
<br />
== In-memory Calculation Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||NumberOfParallelModelReaders<br />
||4<br />
||Models and datatable contents can be loaded with multiple simultaneous connections to the database to speed up the loading. This setting determines how many parallel loaders/readers at maximum (loaders are loading at the same time). For smaller models there are less parallel loaders than the defined limit: If there are less than 100000 rows in the table, there is only one loader. If there are less than 200000 rows in the table, there are only two loaders, and so on. <br />
<br />
The more there are parallel loaders, the more processor load and network bandwidth is consumed, and other operations in QPR ProcessAnalyzer might slow down. Note also that the performance optimum is achieved with a certain number of parallel loaders which differs between environment. Thus to achieve the best performance, data loading should be tested with different number of parallel loaders. Increasing number of parallel loaders beyond the optimum decreases the performance.<br />
<br />
|-<br />
||StartupModelLoadingMaxParallelism<br />
||2<br />
||Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the [[Automatic_Model_Loading_on_Server_Startup|Automatic Loading on Server Startup]]. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, '''2''' is used as a default value.<br />
<br />
Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server. <br />
<br />
This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.<br />
|}<br />
<br />
== SAML 2.0 Federated Authentication Settings ==<br />
Note that the SAMLMetadataUrl and ServiceProviderLocation are mandatory for the federated authentication to work. Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SAMLMetadataUrl<br />
||<br />
Metadata URL of the identity provider (IdP). Check that the metadata url can actually be opened using a web browser and is publicly available. The metadata is an XML document starting with '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''. This setting is mandatory for the SAML authentication to work.<br />
|-<br />
||ServiceProviderLocation<br />
||<br />
Specifies the QPR ProcessAnalyzer server location (the root path which contains e.g. the ''ui'' folder). It's used by the url to redirect back to QPR ProcessAnalyzer after a successful authentication from the identity provider. The setting is defined in the following form: '''https://<hostname>/qprpa''', for example '''<nowiki>https://customer.onqpr.com/qprpa</nowiki>'''. Note that the actual redirect back url is '''https://<hostname>/qprpa/api/Saml2/Acs''' (/api/Saml2/Acs is automatically included to the url). This setting is mandatory for the SAML authentication to work. Note that if this reply url is configured the identity provider, it must match with the ServiceProviderLocation setting.<br />
|-<br />
||SAMLUserIdAttribute<br />
||<br />
Name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not defined, the '''saml:Assertion''' > '''saml:Subject''' > '''saml:NameID''' attribute in the assertion is used. If this setting is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the saml:NameID element is different than the usual SAML attributes that are defined by the saml:Attribute elements. For example, if an email address is used as a user id, the value of the setting could be for example ''<nowiki>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</nowiki>''.<br />
|-<br />
||SAMLGroupsAttribute<br />
||Attribute name in SAML assertion that is mapped to user groups in QPR ProcessAnalyzer. The user group names are case sensitive. When a user logs in, the user is added to and removed from groups based on the information in the SAML assertion. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped.<br />
<br />
In the SAML assertion, attributes are in the saml:Assertion > saml:AttributeStatement > saml:Attribute elements (the Name attribute in the saml:Attribute element is used for matching).<br />
|-<br />
||SAMLEncryptionCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to encrypt SAML assertions. The public key of the certificate is published in the service provider metadata, where the identity provider can read it and encrypt SAML assertions. QPR ProcessAnalyzer as the service provider uses the corresponding private key of the certificate to decrypt SAML assertions. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. This setting is needed only when using the SAML assertions encryption. Even though this setting is defined, the SAML assertions are not required to be encrypted. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|-<br />
||SAMLSigningCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to sign SAML authentication requests sent from QPR ProcessAnalyzer to the identity provider. The public key of the certificate is published in the service provider metadata, where the identity provider can read it, to verify the authenticity of the SAML requests. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. If this setting is not defined, the internal hard-coded signing certificate is used. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|}<br />
<br />
== OAuth 2.0 Authentication Settings ==<br />
Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||ExternalOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for server that is used to authenticate the user signing in to ProcessAnalyzer. If not set, external OAuth server will not be used for authentication. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''Authority''' (string): OAuth authority URL for authentication. E.g., https://accounts.google.com/<br />
* '''Audience''' (string): Mandatory. OAuth audience/client ID for validating OAuth tokens.<br />
* '''AuthorizeUrlOverride''' (string): Override URL for the OAuth authorization endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''TokenUrlOverride''' (string): Override URL for the OAuth token endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''UserInfoUrlOverride''' (string): Override URL to fetch user information from the OAuth provider. If empty or not defined, the default URL from the authority's discovery document is used. Should not be used if OpendID Connect is to be used as access token validation is skipped.<br />
* '''ClientSecret''' (string): OAuth client secret for confidential client authentication. If configured, this value is sent as the client_secret parameter when exchanging authorization codes for tokens.<br />
* '''Issuer''' (string): OAuth issuer for validating OAuth tokens. If empty, the authority URL's issuer is used.<br />
* '''UserNameClaim''' (string): Name of the claim whose value is to be used as the name of the authenticated user. The default value is "preferred_username".<br />
* '''UserGroupsClaim''' (string): Name of the claim whose value is to be used as the names of the user groups the authenticated user belongs to. When a user logs in, the user is added to and removed from groups based on the information in the UserGroupsClaim. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped. The default value is empty, i.e. groups are not synchronized.<br><br />
Example configuration:<br><br />
<pre><br />
{<br />
"Authority": "https://accounts.google.com/",<br />
"AuthorizeUrlOverride": "https://accounts.google.com/o/oauth2/v2/auth",<br />
"TokenUrlOverride": "https://oauth2.googleapis.com/token",<br />
"UserInfoUrlOverride": "https://www.googleapis.com/oauth2/v3/userinfo",<br />
"Audience": "...",<br />
"ClientSecret": "...",<br />
"UserNameClaim": "name"<br />
}<br />
</pre><br />
|}<br />
<br />
== SMTP Server Settings ==<br />
SMTP server settings are needed for QPR ProcessAnalyzer to send email messages. Email sending is used by the [[Email_Notifications|notifications]] and the [[Generic_Functions_in_QPR_ProcessAnalyzer#SendEmail|SendEmail]] function in the expression language.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SmtpServer<br />
||DNS name, host name or IP address of the SMTP server. Mandatory setting for the email sending to work.<br />
|-<br />
||SmtpPort<br />
||TCP port number of the SMTP server. If not defined, port 25 is used by default.<br />
|-<br />
||SmtpAuthenticationUsername<br />
||User name for authenticating to the SMTP server. If not defined, no authentication is used to connect to the SMTP server.<br />
|-<br />
||SmtpFromAddress<br />
||Email address where email messages sent by QPR ProcessAnalyzer appear to be coming from. This doesn't need to be a real email address, although the address used may affect email spam filters. The setting configured here is the default email address to use in following cases:<br />
* ''From address'' is not set for the email notifications<br />
* ''From'' parameter is not defined for the expression language ''SendEmail'' function<br />
* ''EmailFrom'' parameter is not defined for the SQL Scripting SendEmail operation<br />
|-<br />
||SmtpAuthenticationPassword<br />
||Password for authenticating to the SMTP server.<br />
|-<br />
||SmtpEnableSSL<br />
||Use value '''True''' or '''False''' depending whether TLS connection to the SMTP server is used or not. If not defined, ''False'' is the default value.<br />
|}<br />
<br />
== MCP Server Settings ==<br />
MCP server settings are needed for QPR ProcessAnalyzer to act as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP server]].<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||McpServerConfiguration<br />
||Used to configure the MCP server built-in to ProcessAnalyzer server. If not set, MCP server functionality is disabled and MCP clients can't access to this server using MCP. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''McpApiKey''' (string): If defined and not empty, defines the API key that can be used to connect to QPR ProcessAnalyzer MCP server without any other authentication. Default value is empty.<br><br />
Example value when using API Key authentication:<br />
<pre><br />
{ "McpApiKey": "xnTqr@Hd87JcuCmQZbjUHfwD@" }<br />
</pre><br />
|-<br />
||BuiltInOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for OAuth server built-in to ProcessAnalyzer server. If not set, built-in OAuth server functionality is disabled and clients can't connect to this server using OAuth. If set, contains a string representation of a JSON object that supports the following properties: <br />
* '''Issuer''' (string): OAuth issuer, which identifies a trusted authorization server that authenticates users and issues OAuth 2.0 access tokens and JSON Web Tokens (JWTs). If not defined or empty, default value is used, which is of format: <QPR ProcessAnalyzer server's base URL>/builtin-oauth. For example: https://example.com/builtin-oauth. The default value is empty.<br />
* '''AcceptedAudiences''' (array of strings): Array of strings that define all the accepted audiences this QPR ProcessAnalyzer server is serving. When authorizing user using OAuth, these values are matched with the audience-parameter (a.k.a. client id) of the authorization. Only requests with a value that matches a value in this array are accepted. If null, audience-parameters are not validated at all. Instead, all authorization requests will pass the audience validation check. This also enables [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. The default value is an empty array.<br />
* '''SigningKey''' (string): Signing key for the built-in OAuth identity provider. If empty, generates a non-deterministic key based on the physical system where QPR ProcessAnalyzer is running. NOTE: Once QPR ProcessAnalyzer server is restarted, these non-deterministic keys no longer work. If defined, string must contain the key either in PEM ([https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsa.importfrompem?view=net-10.0 RFC 7468 PEM-encoded key]) or JSON ([https://datatracker.ietf.org/doc/html/rfc7517 RFC 7517]) format. The default value is empty.<br />
* '''TokenLifetimeSeconds''' (integer): Token lifetime in seconds for the built-in OAuth identity provider. After access token created by built-in gets older than this lifetime, it becomes unusable and a new token has to be created. The default value is 3600.<br />
* '''DisableExternalOAuthForwarding''' (boolean): Can be used to disable forwarding OAuth requests to any configured external OAuth authorization server or SAML identity provider. If set, a QPR ProcessAnalyzer's own login view functionality is always used when authorizing a user. The default value is false.<br />
Example configuration:<br><br />
<pre><br />
{<br />
"Issuer": "",<br />
"AcceptedAudiences": ["qpr-processanalyzer"],<br />
"SigningKey": "",<br />
"TokenLifetime": 3600<br />
}<br />
</pre><br />
|}<br />
<br />
== Readonly Information ==<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
|<span style="color:lightgrey;">DatabaseVersion</span><br />
||Database schema version. It will be updated automatically when the newer version of QPR ProcessAnalyzer Server connects to the database and performs migration for the database schema.<br />
|-<br />
||<span style="color:lightgrey;">InitializationScriptDatabaseVersion</span><br />
||Database version that was when the database was initialized when the software was installed. Do not change this setting.<br />
|-<br />
||<span style="color:lightgrey;">MinimumDatabaseVersion</span><br />
||Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.<br />
|}</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=PA_Configuration_database_table&diff=28074PA Configuration database table2026-04-09T12:20:59Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer database has a configuration table '''PA_Configuration''' containing settings listed in the tables below. You need '''SQL Server Management Studio''' to edit the settings in the configuration table. QPR ProcessAnalyzer Server needs to be restarted (e.g. IIS application pool recycled) for the changes to take effect.<br />
<br />
For boolean values, ''true'' and ''1'' are valid values for yes, and ''false'' and ''0'' are valid for no.<br />
<br />
== General Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultDataSource<br />
||<br />
||Datasource where datatables data is stored when datatables are created by a script when the datasource is not explicitly specified in the script. Options are '''Snowflake''' and '''SqlServer'''. Value ''snowflake'' can be used when the ''SnowflakeConnectionString'' setting is defined, and value ''sqlserver'' can be used when the setting ''SqlServerConnectionString'' is configured. The setting can be changed without affecting the existing datatables, as the setting only affect new datatables. When this setting is empty, datatables are created in the metadata database.<br />
|-<br />
||SnowflakeConnectionString<br />
||<br />
||ODBC connection string for the Snowflake account. This setting is needed to make analytics calculations in the Snowflake. More information how to configure the [[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]]. The Snowflake ODBC driver also needs to be installed in the machine running the QPR ProcessAnalyzer Server. When this setting has been configured, users can create Snowflake stored datatables and models using Snowflake calculation.<br />
<br />
When running QPR ProcessAnalyzer in the Snowpark Container Services, leave the SnowflakeConnectionString empty because then the connection string is created automatically using the method provided by the Snowpark Container Services.<br />
|-<br />
||SqlServerConnectionString<br />
||<br />
||Connection string for the SQL Server database containing the datatables data. It's recommended to use a separate database, but it's also possible to connect to the same database as the configuration data. If this setting is not configured, local datatables cannot be created (SQL Server stored). Existing datatables located in the configuration datatabase still work even if this setting has not be configured. Note that the connection uses ADO.Net (not ODBC), so the connection string is similar to the configuration database ([[Server_settings_in_appsettings.json|appsettings.json]] file).<br />
|-<br />
||DefaultColorPalette<br />
||<br />
||Charts color palette used globally in the environment. Defined as a json array of strings encoded with RGB hex (with or without alpha). Note that when a color palette in a chart has been changed, the chart starts using a chart-specific color palette, and the global color palette doesn't affect those charts. <br />
<br />
Example: ["#1F77B4", "#FF7F0E", "#2CA02C", "#D62728", "#9467BD", "#8C564B", "#E377C2", "#7F7F7F", "#BCBD22", "#17BECF"]<br />
|-<br />
||OpenAIAPIKey<br />
||<br />
||API key for the OpenAI API (https://platform.openai.com/docs/api-reference). It needs to be configured to use the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function.<br />
|-<br />
||OpenAIDefaultModelName<br />
||gpt-4o<br />
||OpenAI large language model (LLM) to use for the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function. If not defined, '''gpt-4o''' will be used. Note that only LLM's that support the function calling feature, are suitable for the AI Assistant. More information about OpenAI models: https://platform.openai.com/docs/models.<br />
|-<br />
||DefaultCortexAgentsModelName<br />
||llama3.1-70b<br />
||Specifies the default language model when using Snowflake Cortex Agents (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). If not defined, '''llama3.1-70b''' is used.<br />
|-<br />
||<span id="QueryTimeout">QueryTimeout</span><br />
||300<br />
||Timeout (in seconds) for requests made to /api/expression/query and /api/expression endpoints. When the timeout is exceeded, the query is stopped and a timeout error is returned. Purpose of the timeout is to protect the system against potentially too long running or even never-ending queries which might otherwise jam the system.<br />
|-<br />
||SessionIdleTimeout<br />
||3600<br />
||Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time.<br />
|-<br />
||SessionMaximumDuration<br />
||86400<br />
||Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.<br />
|-<br />
|DatabaseId<br />
|<br />
||Unique identifier for the QPR ProcessAnalyzer environment. Any characters between a-z, A-Z, 0-9 and _ (underscore) can be used in the DatabaseId. If the DatabaseId is missing or set to null, the system will generate a new GUID during startup and use it as the DatabaseId. The DatabaseId can also be an empty string. If using several QPR ProcessAnalyzer environments, make sure each use a different DatabaseId. The DatabaseId is used as part of the table names in Snowflake and SQL Server (in the datatables database). Thus if the DatabaseId is changed, all tables in Snowflake and SQL Server named with qprpa_dt_<DatabaseId>_<DatatableId> need to be renamed.<br />
|-<br />
||<span id="CacheOnlyPrimaryKeysForFilters">CacheOnlyPrimaryKeysForFilters</span><br />
||false<br />
||Defines whether to include all columns in the Snowflake event cache filter tables (''false''), or only the primary key columns (''true''). When ''false'', cache table creation is slower, but the analysis calculation is faster because the original event table is not used anymore. When ''false'', also the cache tables require more storage space in Snowflake.<br />
|}<br />
<br />
== Localization Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultUiLanguage<br />
||en_US<br />
||Language code for the UI language that new user accounts get by default. Thus, a created user account has this language until the user changes her/his language. Also the login page is translated using this language when QPR ProcessAnalyzer is used for the first time in that web browser (when user has changed the language, it's remembered by the browser). This setting must be one of the supported language codes (xx_XX):<br />
* English: '''en_US'''<br />
* Finnish: '''fi_FI'''<br />
* French: '''fr_FR'''<br />
* German: '''de_DE'''<br />
* Polish: '''pl_PL'''<br />
* Portuguese: '''pt_BR'''<br />
* Spanish: '''es_ES'''<br />
* Swedish: '''sv_SE'''<br />
* Ukrainian: '''uk_UK'''<br />
|-<br />
||DefaultDateFormat<br />
||MM/dd/yyyy<br />
||Default date format that new user accounts get by default. The date format does not contain the time part (e.g. hours, minutes and seconds). Defined using the .Net date format (https://docs.microsoft.com/en-us/dotnet/standard/base-types/custom-date-and-time-format-strings).<br />
|-<br />
||DefaultFirstDayOfWeek<br />
||0<br />
||Default first day of the week that new user accounts get by default. '''0''' is Sunday and '''1''' is Monday. This information is used by the UI when showing e.g. calendars.<br />
|-<br />
||DefaultUse12HourClock<br />
||false<br />
||Defines whether the 12-hour clock is used by default (instead of the 24-hour clock) for the new user accounts when showing time information in the UI. Defined as '''true''' or '''false'''. More information about the 12-hour clock: https://en.wikipedia.org/wiki/12-hour_clock.<br />
|-<br />
|}<br />
<br />
== ETL Scripts Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||AllowExternalDatasources<br />
||true<br />
||Can be used to disallow all connections to external datasources in the expression language and SQL scripts to improve security. Disallowed operations include ODBC, OLE DB, SQL Server (Ado.Net), SAP, Salesforce, and call web service. Note that this setting does not prevent the Snowflake processing. Regardless of this setting, QPR ScriptLauncher can be used to extract data from source systems.<br />
|-<br />
||SandboxDatabaseConnectionString<br />
||<br />
||Connection string to scripting sandbox database (ETL). If not defined, SQL-based ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the [[Server_settings_in_appsettings.json|QPR ProcessAnalyzer database connection string]]. More information: [[Setting up Scripting Sandbox]].<br />
|-<br />
||AllowNonTemporaryETLTargetTable<br />
||false<br />
||Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##). More information about temporary tables: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-table-transact-sql?view=sql-server-ver15#temporary-tables.<br />
|-<br />
||DatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to datatables.<br />
|-<br />
|SandboxDatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to sandbox tables in the SQL scripts.<br />
|-<br />
||<span style="color:lightgrey;">DatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.<br />
|-<br />
||<span style="color:lightgrey;">SandboxDatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for sandbox SqlBulkCopy operations.<br />
|}<br />
<br />
== In-memory Calculation Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||NumberOfParallelModelReaders<br />
||4<br />
||Models and datatable contents can be loaded with multiple simultaneous connections to the database to speed up the loading. This setting determines how many parallel loaders/readers at maximum (loaders are loading at the same time). For smaller models there are less parallel loaders than the defined limit: If there are less than 100000 rows in the table, there is only one loader. If there are less than 200000 rows in the table, there are only two loaders, and so on. <br />
<br />
The more there are parallel loaders, the more processor load and network bandwidth is consumed, and other operations in QPR ProcessAnalyzer might slow down. Note also that the performance optimum is achieved with a certain number of parallel loaders which differs between environment. Thus to achieve the best performance, data loading should be tested with different number of parallel loaders. Increasing number of parallel loaders beyond the optimum decreases the performance.<br />
<br />
|-<br />
||StartupModelLoadingMaxParallelism<br />
||2<br />
||Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the [[Automatic_Model_Loading_on_Server_Startup|Automatic Loading on Server Startup]]. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, '''2''' is used as a default value.<br />
<br />
Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server. <br />
<br />
This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.<br />
|}<br />
<br />
== SAML 2.0 Federated Authentication Settings ==<br />
Note that the SAMLMetadataUrl and ServiceProviderLocation are mandatory for the federated authentication to work. Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SAMLMetadataUrl<br />
||<br />
Metadata URL of the identity provider (IdP). Check that the metadata url can actually be opened using a web browser and is publicly available. The metadata is an XML document starting with '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''. This setting is mandatory for the SAML authentication to work.<br />
|-<br />
||ServiceProviderLocation<br />
||<br />
Specifies the QPR ProcessAnalyzer server location (the root path which contains e.g. the ''ui'' folder). It's used by the url to redirect back to QPR ProcessAnalyzer after a successful authentication from the identity provider. The setting is defined in the following form: '''https://<hostname>/qprpa''', for example '''<nowiki>https://customer.onqpr.com/qprpa</nowiki>'''. Note that the actual redirect back url is '''https://<hostname>/qprpa/api/Saml2/Acs''' (/api/Saml2/Acs is automatically included to the url). This setting is mandatory for the SAML authentication to work. Note that if this reply url is configured the identity provider, it must match with the ServiceProviderLocation setting.<br />
|-<br />
||SAMLUserIdAttribute<br />
||<br />
Name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not defined, the '''saml:Assertion''' > '''saml:Subject''' > '''saml:NameID''' attribute in the assertion is used. If this setting is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the saml:NameID element is different than the usual SAML attributes that are defined by the saml:Attribute elements. For example, if an email address is used as a user id, the value of the setting could be for example ''<nowiki>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</nowiki>''.<br />
|-<br />
||SAMLGroupsAttribute<br />
||Attribute name in SAML assertion that is mapped to user groups in QPR ProcessAnalyzer. The user group names are case sensitive. When a user logs in, the user is added to and removed from groups based on the information in the SAML assertion. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped.<br />
<br />
In the SAML assertion, attributes are in the saml:Assertion > saml:AttributeStatement > saml:Attribute elements (the Name attribute in the saml:Attribute element is used for matching).<br />
|-<br />
||SAMLEncryptionCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to encrypt SAML assertions. The public key of the certificate is published in the service provider metadata, where the identity provider can read it and encrypt SAML assertions. QPR ProcessAnalyzer as the service provider uses the corresponding private key of the certificate to decrypt SAML assertions. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. This setting is needed only when using the SAML assertions encryption. Even though this setting is defined, the SAML assertions are not required to be encrypted. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|-<br />
||SAMLSigningCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to sign SAML authentication requests sent from QPR ProcessAnalyzer to the identity provider. The public key of the certificate is published in the service provider metadata, where the identity provider can read it, to verify the authenticity of the SAML requests. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. If this setting is not defined, the internal hard-coded signing certificate is used. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|}<br />
<br />
== OAuth 2.0 Authentication Settings ==<br />
Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||ExternalOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for server that is used to authenticate the user signing in to ProcessAnalyzer. If not set, external OAuth server will not be used for authentication. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''Authority''' (string): OAuth authority URL for authentication. E.g., https://accounts.google.com/<br />
* '''Audience''' (string): Mandatory. OAuth audience/client ID for validating OAuth tokens.<br />
* '''AuthorizeUrlOverride''' (string): Override URL for the OAuth authorization endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''TokenUrlOverride''' (string): Override URL for the OAuth token endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''UserInfoUrlOverride''' (string): Override URL to fetch user information from the OAuth provider. If empty or not defined, the default URL from the authority's discovery document is used. Should not be used if OpendID Connect is to be used as access token validation is skipped.<br />
* '''ClientSecret''' (string): OAuth client secret for confidential client authentication. If configured, this value is sent as the client_secret parameter when exchanging authorization codes for tokens.<br />
* '''Issuer''' (string): OAuth issuer for validating OAuth tokens. If empty, the authority URL's issuer is used.<br />
* '''UserNameClaim''' (string): Name of the claim whose value is to be used as the name of the authenticated user. The default value is "preferred_username".<br />
* '''UserGroupsClaim''' (string): Name of the claim whose value is to be used as the names of the user groups the authenticated user belongs to. When a user logs in, the user is added to and removed from groups based on the information in the UserGroupsClaim. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped. The default value is empty, i.e. groups are not synchronized.<br><br />
Example configuration:<br><br />
<pre><br />
{<br />
"Authority": "https://accounts.google.com/",<br />
"AuthorizeUrlOverride": "https://accounts.google.com/o/oauth2/v2/auth",<br />
"TokenUrlOverride": "https://oauth2.googleapis.com/token",<br />
"UserInfoUrlOverride": "https://www.googleapis.com/oauth2/v3/userinfo",<br />
"Audience": "...",<br />
"ClientSecret": "...",<br />
"UserNameClaim": "name"<br />
}<br />
</pre><br />
|}<br />
<br />
== SMTP Server Settings ==<br />
SMTP server settings are needed for QPR ProcessAnalyzer to send email messages. Email sending is used by the [[Email_Notifications|notifications]] and the [[Generic_Functions_in_QPR_ProcessAnalyzer#SendEmail|SendEmail]] function in the expression language.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SmtpServer<br />
||DNS name, host name or IP address of the SMTP server. Mandatory setting for the email sending to work.<br />
|-<br />
||SmtpPort<br />
||TCP port number of the SMTP server. If not defined, port 25 is used by default.<br />
|-<br />
||SmtpAuthenticationUsername<br />
||User name for authenticating to the SMTP server. If not defined, no authentication is used to connect to the SMTP server.<br />
|-<br />
||SmtpFromAddress<br />
||Email address where email messages sent by QPR ProcessAnalyzer appear to be coming from. This doesn't need to be a real email address, although the address used may affect email spam filters. The setting configured here is the default email address to use in following cases:<br />
* ''From address'' is not set for the email notifications<br />
* ''From'' parameter is not defined for the expression language ''SendEmail'' function<br />
* ''EmailFrom'' parameter is not defined for the SQL Scripting SendEmail operation<br />
|-<br />
||SmtpAuthenticationPassword<br />
||Password for authenticating to the SMTP server.<br />
|-<br />
||SmtpEnableSSL<br />
||Use value '''True''' or '''False''' depending whether TLS connection to the SMTP server is used or not. If not defined, ''False'' is the default value.<br />
|}<br />
<br />
== MCP Server Settings ==<br />
MCP server settings are needed for QPR ProcessAnalyzer to act as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP server]].<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||McpServerConfiguration<br />
||Used to configure the MCP server built-in to ProcessAnalyzer server. If not set, MCP server functionality is disabled and MCP clients can't access to this server using MCP. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''McpApiKey''' (string): If defined and not empty, defines the API key that can be used to connect to QPR ProcessAnalyzer MCP server without any other authentication. Default value is empty.<br />
|-<br />
||BuiltInOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for OAuth server built-in to ProcessAnalyzer server. If not set, built-in OAuth server functionality is disabled and clients can't connect to this server using OAuth. If set, contains a string representation of a JSON object that supports the following properties: <br />
* '''Issuer''' (string): OAuth issuer, which identifies a trusted authorization server that authenticates users and issues OAuth 2.0 access tokens and JSON Web Tokens (JWTs). If not defined or empty, default value is used, which is of format: <QPR ProcessAnalyzer server's base URL>/builtin-oauth. For example: https://example.com/builtin-oauth. The default value is empty.<br />
* '''AcceptedAudiences''' (array of strings): Array of strings that define all the accepted audiences this QPR ProcessAnalyzer server is serving. When authorizing user using OAuth, these values are matched with the audience-parameter (a.k.a. client id) of the authorization. Only requests with a value that matches a value in this array are accepted. If null, audience-parameters are not validated at all. Instead, all authorization requests will pass the audience validation check. This also enables [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. The default value is an empty array.<br />
* '''SigningKey''' (string): Signing key for the built-in OAuth identity provider. If empty, generates a non-deterministic key based on the physical system where QPR ProcessAnalyzer is running. NOTE: Once QPR ProcessAnalyzer server is restarted, these non-deterministic keys no longer work. If defined, string must contain the key either in PEM ([https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsa.importfrompem?view=net-10.0 RFC 7468 PEM-encoded key]) or JSON ([https://datatracker.ietf.org/doc/html/rfc7517 RFC 7517]) format. The default value is empty.<br />
* '''TokenLifetimeSeconds''' (integer): Token lifetime in seconds for the built-in OAuth identity provider. After access token created by built-in gets older than this lifetime, it becomes unusable and a new token has to be created. The default value is 3600.<br />
* '''DisableExternalOAuthForwarding''' (boolean): Can be used to disable forwarding OAuth requests to any configured external OAuth authorization server or SAML identity provider. If set, a QPR ProcessAnalyzer's own login view functionality is always used when authorizing a user. The default value is false.<br />
Example configuration:<br><br />
<pre><br />
{<br />
"Issuer": "",<br />
"AcceptedAudiences": ["qpr-processanalyzer"],<br />
"SigningKey": "",<br />
"TokenLifetime": 3600<br />
}<br />
</pre><br />
|}<br />
<br />
== Readonly Information ==<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
|<span style="color:lightgrey;">DatabaseVersion</span><br />
||Database schema version. It will be updated automatically when the newer version of QPR ProcessAnalyzer Server connects to the database and performs migration for the database schema.<br />
|-<br />
||<span style="color:lightgrey;">InitializationScriptDatabaseVersion</span><br />
||Database version that was when the database was initialized when the software was installed. Do not change this setting.<br />
|-<br />
||<span style="color:lightgrey;">MinimumDatabaseVersion</span><br />
||Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.<br />
|}</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=PA_Configuration_database_table&diff=28070PA Configuration database table2026-04-09T11:55:53Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer database has a configuration table '''PA_Configuration''' containing settings listed in the tables below. You need '''SQL Server Management Studio''' to edit the settings in the configuration table. QPR ProcessAnalyzer Server needs to be restarted (e.g. IIS application pool recycled) for the changes to take effect.<br />
<br />
For boolean values, ''true'' and ''1'' are valid values for yes, and ''false'' and ''0'' are valid for no.<br />
<br />
== General Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultDataSource<br />
||<br />
||Datasource where datatables data is stored when datatables are created by a script when the datasource is not explicitly specified in the script. Options are '''Snowflake''' and '''SqlServer'''. Value ''snowflake'' can be used when the ''SnowflakeConnectionString'' setting is defined, and value ''sqlserver'' can be used when the setting ''SqlServerConnectionString'' is configured. The setting can be changed without affecting the existing datatables, as the setting only affect new datatables. When this setting is empty, datatables are created in the metadata database.<br />
|-<br />
||SnowflakeConnectionString<br />
||<br />
||ODBC connection string for the Snowflake account. This setting is needed to make analytics calculations in the Snowflake. More information how to configure the [[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]]. The Snowflake ODBC driver also needs to be installed in the machine running the QPR ProcessAnalyzer Server. When this setting has been configured, users can create Snowflake stored datatables and models using Snowflake calculation.<br />
<br />
When running QPR ProcessAnalyzer in the Snowpark Container Services, leave the SnowflakeConnectionString empty because then the connection string is created automatically using the method provided by the Snowpark Container Services.<br />
|-<br />
||SqlServerConnectionString<br />
||<br />
||Connection string for the SQL Server database containing the datatables data. It's recommended to use a separate database, but it's also possible to connect to the same database as the configuration data. If this setting is not configured, local datatables cannot be created (SQL Server stored). Existing datatables located in the configuration datatabase still work even if this setting has not be configured. Note that the connection uses ADO.Net (not ODBC), so the connection string is similar to the configuration database ([[Server_settings_in_appsettings.json|appsettings.json]] file).<br />
|-<br />
||DefaultColorPalette<br />
||<br />
||Charts color palette used globally in the environment. Defined as a json array of strings encoded with RGB hex (with or without alpha). Note that when a color palette in a chart has been changed, the chart starts using a chart-specific color palette, and the global color palette doesn't affect those charts. <br />
<br />
Example: ["#1F77B4", "#FF7F0E", "#2CA02C", "#D62728", "#9467BD", "#8C564B", "#E377C2", "#7F7F7F", "#BCBD22", "#17BECF"]<br />
|-<br />
||OpenAIAPIKey<br />
||<br />
||API key for the OpenAI API (https://platform.openai.com/docs/api-reference). It needs to be configured to use the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function.<br />
|-<br />
||OpenAIDefaultModelName<br />
||gpt-4o<br />
||OpenAI large language model (LLM) to use for the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function. If not defined, '''gpt-4o''' will be used. Note that only LLM's that support the function calling feature, are suitable for the AI Assistant. More information about OpenAI models: https://platform.openai.com/docs/models.<br />
|-<br />
||DefaultCortexAgentsModelName<br />
||llama3.1-70b<br />
||Specifies the default language model when using Snowflake Cortex Agents (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). If not defined, '''llama3.1-70b''' is used.<br />
|-<br />
||<span id="QueryTimeout">QueryTimeout</span><br />
||300<br />
||Timeout (in seconds) for requests made to /api/expression/query and /api/expression endpoints. When the timeout is exceeded, the query is stopped and a timeout error is returned. Purpose of the timeout is to protect the system against potentially too long running or even never-ending queries which might otherwise jam the system.<br />
|-<br />
||SessionIdleTimeout<br />
||3600<br />
||Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time.<br />
|-<br />
||SessionMaximumDuration<br />
||86400<br />
||Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.<br />
|-<br />
|DatabaseId<br />
|<br />
||Unique identifier for the QPR ProcessAnalyzer environment. Any characters between a-z, A-Z, 0-9 and _ (underscore) can be used in the DatabaseId. If the DatabaseId is missing or set to null, the system will generate a new GUID during startup and use it as the DatabaseId. The DatabaseId can also be an empty string. If using several QPR ProcessAnalyzer environments, make sure each use a different DatabaseId. The DatabaseId is used as part of the table names in Snowflake and SQL Server (in the datatables database). Thus if the DatabaseId is changed, all tables in Snowflake and SQL Server named with qprpa_dt_<DatabaseId>_<DatatableId> need to be renamed.<br />
|-<br />
||<span id="CacheOnlyPrimaryKeysForFilters">CacheOnlyPrimaryKeysForFilters</span><br />
||false<br />
||Defines whether to include all columns in the Snowflake event cache filter tables (''false''), or only the primary key columns (''true''). When ''false'', cache table creation is slower, but the analysis calculation is faster because the original event table is not used anymore. When ''false'', also the cache tables require more storage space in Snowflake.<br />
|}<br />
<br />
== Localization Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultUiLanguage<br />
||en_US<br />
||Language code for the UI language that new user accounts get by default. Thus, a created user account has this language until the user changes her/his language. Also the login page is translated using this language when QPR ProcessAnalyzer is used for the first time in that web browser (when user has changed the language, it's remembered by the browser). This setting must be one of the supported language codes (xx_XX):<br />
* English: '''en_US'''<br />
* Finnish: '''fi_FI'''<br />
* French: '''fr_FR'''<br />
* German: '''de_DE'''<br />
* Polish: '''pl_PL'''<br />
* Portuguese: '''pt_BR'''<br />
* Spanish: '''es_ES'''<br />
* Swedish: '''sv_SE'''<br />
* Ukrainian: '''uk_UK'''<br />
|-<br />
||DefaultDateFormat<br />
||MM/dd/yyyy<br />
||Default date format that new user accounts get by default. The date format does not contain the time part (e.g. hours, minutes and seconds). Defined using the .Net date format (https://docs.microsoft.com/en-us/dotnet/standard/base-types/custom-date-and-time-format-strings).<br />
|-<br />
||DefaultFirstDayOfWeek<br />
||0<br />
||Default first day of the week that new user accounts get by default. '''0''' is Sunday and '''1''' is Monday. This information is used by the UI when showing e.g. calendars.<br />
|-<br />
||DefaultUse12HourClock<br />
||false<br />
||Defines whether the 12-hour clock is used by default (instead of the 24-hour clock) for the new user accounts when showing time information in the UI. Defined as '''true''' or '''false'''. More information about the 12-hour clock: https://en.wikipedia.org/wiki/12-hour_clock.<br />
|-<br />
|}<br />
<br />
== ETL Scripts Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||AllowExternalDatasources<br />
||true<br />
||Can be used to disallow all connections to external datasources in the expression language and SQL scripts to improve security. Disallowed operations include ODBC, OLE DB, SQL Server (Ado.Net), SAP, Salesforce, and call web service. Note that this setting does not prevent the Snowflake processing. Regardless of this setting, QPR ScriptLauncher can be used to extract data from source systems.<br />
|-<br />
||SandboxDatabaseConnectionString<br />
||<br />
||Connection string to scripting sandbox database (ETL). If not defined, SQL-based ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the [[Server_settings_in_appsettings.json|QPR ProcessAnalyzer database connection string]]. More information: [[Setting up Scripting Sandbox]].<br />
|-<br />
||AllowNonTemporaryETLTargetTable<br />
||false<br />
||Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##). More information about temporary tables: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-table-transact-sql?view=sql-server-ver15#temporary-tables.<br />
|-<br />
||DatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to datatables.<br />
|-<br />
|SandboxDatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to sandbox tables in the SQL scripts.<br />
|-<br />
||<span style="color:lightgrey;">DatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.<br />
|-<br />
||<span style="color:lightgrey;">SandboxDatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for sandbox SqlBulkCopy operations.<br />
|}<br />
<br />
== In-memory Calculation Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||NumberOfParallelModelReaders<br />
||4<br />
||Models and datatable contents can be loaded with multiple simultaneous connections to the database to speed up the loading. This setting determines how many parallel loaders/readers at maximum (loaders are loading at the same time). For smaller models there are less parallel loaders than the defined limit: If there are less than 100000 rows in the table, there is only one loader. If there are less than 200000 rows in the table, there are only two loaders, and so on. <br />
<br />
The more there are parallel loaders, the more processor load and network bandwidth is consumed, and other operations in QPR ProcessAnalyzer might slow down. Note also that the performance optimum is achieved with a certain number of parallel loaders which differs between environment. Thus to achieve the best performance, data loading should be tested with different number of parallel loaders. Increasing number of parallel loaders beyond the optimum decreases the performance.<br />
<br />
|-<br />
||StartupModelLoadingMaxParallelism<br />
||2<br />
||Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the [[Automatic_Model_Loading_on_Server_Startup|Automatic Loading on Server Startup]]. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, '''2''' is used as a default value.<br />
<br />
Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server. <br />
<br />
This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.<br />
|}<br />
<br />
== SAML 2.0 Federated Authentication Settings ==<br />
Note that the SAMLMetadataUrl and ServiceProviderLocation are mandatory for the federated authentication to work. Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SAMLMetadataUrl<br />
||<br />
Metadata URL of the identity provider (IdP). Check that the metadata url can actually be opened using a web browser and is publicly available. The metadata is an XML document starting with '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''. This setting is mandatory for the SAML authentication to work.<br />
|-<br />
||ServiceProviderLocation<br />
||<br />
Specifies the QPR ProcessAnalyzer server location (the root path which contains e.g. the ''ui'' folder). It's used by the url to redirect back to QPR ProcessAnalyzer after a successful authentication from the identity provider. The setting is defined in the following form: '''https://<hostname>/qprpa''', for example '''<nowiki>https://customer.onqpr.com/qprpa</nowiki>'''. Note that the actual redirect back url is '''https://<hostname>/qprpa/api/Saml2/Acs''' (/api/Saml2/Acs is automatically included to the url). This setting is mandatory for the SAML authentication to work. Note that if this reply url is configured the identity provider, it must match with the ServiceProviderLocation setting.<br />
|-<br />
||SAMLUserIdAttribute<br />
||<br />
Name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not defined, the '''saml:Assertion''' > '''saml:Subject''' > '''saml:NameID''' attribute in the assertion is used. If this setting is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the saml:NameID element is different than the usual SAML attributes that are defined by the saml:Attribute elements. For example, if an email address is used as a user id, the value of the setting could be for example ''<nowiki>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</nowiki>''.<br />
|-<br />
||SAMLGroupsAttribute<br />
||Attribute name in SAML assertion that is mapped to user groups in QPR ProcessAnalyzer. The user group names are case sensitive. When a user logs in, the user is added to and removed from groups based on the information in the SAML assertion. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped.<br />
<br />
In the SAML assertion, attributes are in the saml:Assertion > saml:AttributeStatement > saml:Attribute elements (the Name attribute in the saml:Attribute element is used for matching).<br />
|-<br />
||SAMLEncryptionCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to encrypt SAML assertions. The public key of the certificate is published in the service provider metadata, where the identity provider can read it and encrypt SAML assertions. QPR ProcessAnalyzer as the service provider uses the corresponding private key of the certificate to decrypt SAML assertions. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. This setting is needed only when using the SAML assertions encryption. Even though this setting is defined, the SAML assertions are not required to be encrypted. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|-<br />
||SAMLSigningCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to sign SAML authentication requests sent from QPR ProcessAnalyzer to the identity provider. The public key of the certificate is published in the service provider metadata, where the identity provider can read it, to verify the authenticity of the SAML requests. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. If this setting is not defined, the internal hard-coded signing certificate is used. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|}<br />
<br />
== OAuth 2.0 Authentication Settings ==<br />
Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||ExternalOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for server that is used to authenticate the user signing in to ProcessAnalyzer. If not set, external OAuth server will not be used for authentication. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''Authority''' (string): OAuth authority URL for authentication. E.g., https://accounts.google.com/<br />
* '''Audience''' (string): Mandatory. OAuth audience/client ID for validating OAuth tokens.<br />
* '''AuthorizeUrlOverride''' (string): Override URL for the OAuth authorization endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''TokenUrlOverride''' (string): Override URL for the OAuth token endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''UserInfoUrlOverride''' (string): Override URL to fetch user information from the OAuth provider. If empty or not defined, the default URL from the authority's discovery document is used. Should not be used if OpendID Connect is to be used as access token validation is skipped.<br />
* '''ClientSecret''' (string): OAuth client secret for confidential client authentication. If configured, this value is sent as the client_secret parameter when exchanging authorization codes for tokens.<br />
* '''Issuer''' (string): OAuth issuer for validating OAuth tokens. If empty, the authority URL's issuer is used.<br />
* '''UserNameClaim''' (string): Name of the claim whose value is to be used as the name of the authenticated user. The default value is "preferred_username".<br />
* '''UserGroupsClaim''' (string): Name of the claim whose value is to be used as the names of the user groups the authenticated user belongs to. When a user logs in, the user is added to and removed from groups based on the information in the UserGroupsClaim. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped. The default value is empty, i.e. groups are not synchronized.<br />
|}<br />
<br />
== SMTP Server Settings ==<br />
SMTP server settings are needed for QPR ProcessAnalyzer to send email messages. Email sending is used by the [[Email_Notifications|notifications]] and the [[Generic_Functions_in_QPR_ProcessAnalyzer#SendEmail|SendEmail]] function in the expression language.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SmtpServer<br />
||DNS name, host name or IP address of the SMTP server. Mandatory setting for the email sending to work.<br />
|-<br />
||SmtpPort<br />
||TCP port number of the SMTP server. If not defined, port 25 is used by default.<br />
|-<br />
||SmtpAuthenticationUsername<br />
||User name for authenticating to the SMTP server. If not defined, no authentication is used to connect to the SMTP server.<br />
|-<br />
||SmtpFromAddress<br />
||Email address where email messages sent by QPR ProcessAnalyzer appear to be coming from. This doesn't need to be a real email address, although the address used may affect email spam filters. The setting configured here is the default email address to use in following cases:<br />
* ''From address'' is not set for the email notifications<br />
* ''From'' parameter is not defined for the expression language ''SendEmail'' function<br />
* ''EmailFrom'' parameter is not defined for the SQL Scripting SendEmail operation<br />
|-<br />
||SmtpAuthenticationPassword<br />
||Password for authenticating to the SMTP server.<br />
|-<br />
||SmtpEnableSSL<br />
||Use value '''True''' or '''False''' depending whether TLS connection to the SMTP server is used or not. If not defined, ''False'' is the default value.<br />
|}<br />
<br />
== MCP Server Settings ==<br />
MCP server settings are needed for QPR ProcessAnalyzer to act as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP server]].<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||McpServerConfiguration<br />
||Used to configure the MCP server built-in to ProcessAnalyzer server. If not set, MCP server functionality is disabled and MCP clients can't access to this server using MCP. If set, contains a string representation of a JSON object that supports the following properties:<br />
* McpApiKey: If defined and not empty, defines the API key that can be used to connect to QPR ProcessAnalyzer MCP server without any other authentication. Default value is empty.<br />
|-<br />
||BuiltInOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for OAuth server built-in to ProcessAnalyzer server. If not set, built-in OAuth server functionality is disabled and clients can't connect to this server using OAuth. If set, contains a string representation of a JSON object that supports the following properties: <br />
* '''Issuer''' (string): OAuth issuer, which identifies a trusted authorization server that authenticates users and issues OAuth 2.0 access tokens and JSON Web Tokens (JWTs). If not defined or empty, default value is used, which is of format: <QPR ProcessAnalyzer server's base URL>/builtin-oauth. For example: https://example.com/builtin-oauth. The default value is empty.<br />
* '''AcceptedAudiences''' (array of strings): Array of strings that define all the accepted audiences this QPR ProcessAnalyzer server is serving. When authorizing user using OAuth, these values are matched with the audience-parameter (a.k.a. client id) of the authorization. Only requests with a value that matches a value in this array are accepted. If null, audience-parameters are not validated at all. Instead, all authorization requests will pass the audience validation check. This also enables [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. The default value is an empty array.<br />
* '''SigningKey''' (string): Signing key for the built-in OAuth identity provider. If empty, generates a non-deterministic key based on the physical system where QPR ProcessAnalyzer is running. NOTE: Once QPR ProcessAnalyzer server is restarted, these non-deterministic keys no longer work. If defined, string must contain the key either in PEM ([https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsa.importfrompem?view=net-10.0 RFC 7468 PEM-encoded key]) or JSON ([https://datatracker.ietf.org/doc/html/rfc7517 RFC 7517]) format. The default value is empty.<br />
* '''TokenLifetimeSeconds''' (integer): Token lifetime in seconds for the built-in OAuth identity provider. After access token created by built-in gets older than this lifetime, it becomes unusable and a new token has to be created. The default value is 3600.<br />
* '''DisableExternalOAuthForwarding''' (boolean): Can be used to disable forwarding OAuth requests to any configured external OAuth authorization server or SAML identity provider. If set, a QPR ProcessAnalyzer's own login view functionality is always used when authorizing a user. The default value is false.<br />
Example configuration:<br><br />
<pre><br />
{<br />
"Issuer": "",<br />
"AcceptedAudiences": ["qpr-processanalyzer"],<br />
"SigningKey": "",<br />
"TokenLifetime": 3600<br />
}<br />
</pre><br />
|}<br />
<br />
== Readonly Information ==<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
|<span style="color:lightgrey;">DatabaseVersion</span><br />
||Database schema version. It will be updated automatically when the newer version of QPR ProcessAnalyzer Server connects to the database and performs migration for the database schema.<br />
|-<br />
||<span style="color:lightgrey;">InitializationScriptDatabaseVersion</span><br />
||Database version that was when the database was initialized when the software was installed. Do not change this setting.<br />
|-<br />
||<span style="color:lightgrey;">MinimumDatabaseVersion</span><br />
||Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.<br />
|}</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Managing_Scripts&diff=28069Managing Scripts2026-04-09T11:49:51Z<p>TeeHiet: TK-63184</p>
<hr />
<div>In QPR ProcessAnalyzer, scripts can be used for ETL tasks and to automate routines. Scripts are managed in the [[QPR_ProcessAnalyzer_Project_Workspace|Project Workspace]].<br />
<br />
=== Running vs. Calling Scripts ===<br />
''Running'' a script means starting executing a stored script, which can be done in the UI or using the ScriptLauncher. A script can also ''call'' other scripts during the run. The differences between the running and calling are:<br />
* Script can run only once at a time, whereas there are no limitations on how many times a script can be called at the same time<br />
* Script log is written to the running script. No script log is written to the called script.<br />
* Script status shows whether the script is being run or not. The status does not change, when a script is called from other script.<br />
<br />
When a script is running, it's not possible to start another run of the same script, so the first run needs to end to start new. Scripts can call other scripts and a called scripts can run multiple times simultaneously. In the stack of called scripts, the script log is generated to the top level script. Also the top level script shows that it's running and the called scripts do not.<br />
<br />
=== Scripts List ===<br />
When selecting a project and opening the '''Scripts''' tab, all scripts in the project can be seen. Scripts list shows following information:<br />
* '''Name''': Name of the script.<br />
* '''Status''': Status of the script, which is one of following: ''Ready'', ''Running'' or ''Stopping''. For more information about script statuses, see below.<br />
* '''Last run duration''': Duration of the last ended run of the script (the last run result can be any).<br />
* '''Last run date''': Date and time when the last run ended. If you need to know the last run start time, subtract the ''Last run duration'' from this time.<br />
* '''Last run result''': Result of the last run of the script. Either of following: ''Completed'', ''Failed'' or ''Aborted''. For more information about last run results, see below.<br />
* '''Id''': Script id that uniquely identifies the script in the system.<br />
<br />
Scrips are in either of following statuses:<br />
* '''Ready''': Script is currently not running, and can be started.<br />
* '''Running''': Script is currently running, and the script can be stopped. When a script is running, another run of the same script cannot be started.<br />
* '''Stopping''': Script is currently being stopped. When a script is in this status, the script cannot be started nor stopped, so you need to wait for the script to stop. There may be a delay in stopping a script, depending on the operation currently performed by the script.<br />
<br />
The last script run result can be either of the following:<br />
* '''Completed''': The last run ended successfully, i.e. without any errors or exceptions. Note that despite of the technically successful run, the script might still not work as intended.<br />
* '''Failed''': The last run ended to an error or exception. To see more information about the reason of the failure, see the [[#Viewing_Script_Log|last run log]].<br />
* '''Aborted''': The last run was stopped by a user, so the script did not run till the end.<br />
<br />
=== Script Properties ===<br />
To open Script Properties, '''right-click''' the script on the Scripts tab in the Workspace and select '''Properties'''.<br><br />
The Script Properties lists the following information on the '''General''' tab:<br />
* '''Script ID''': A unique ID in the system.<br />
* '''Language''': The script's language, either "SQL" or "Expression".<br />
* '''Status''': As above in Scripts List.<br />
* '''Last run start''': Date and time when the last run started.<br />
* '''Last run end''': As "Last run date" above in Scripts List.<br />
* '''Last run duration''': As above in Scripts List.<br />
* '''Last run result''': As above in Scripts List.<br />
* '''Last modified''': Date and time when the script was last modified.<br />
* '''Last modified by''': User who last modified the script.<br />
* '''Created''': Date and time when the script was created.<br />
* '''Created by''': User who created the script.<br />
<br />
The Script Properties has the following information on the '''MCP''' tab:<br />
* '''MCP tool''': A checkbox to select whether the script can be used as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP]] tool.<br />
<br />
The Script Properties has the following information on the '''Description''' tab:<br />
* A textbox to edit the description of the script.<br />
<br />
=== Editing Script ===<br />
Open the scripts editor as follows:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Edit'''. Alternatively, you can hover the script and click the ''Edit'' button in the end of the row.<br />
<br />
The script editor can show multiple scripts in the tabs, allowing to easily switch between the scrips. The editor remembers all scripts that have been opened during the session.<br />
<br />
In the script editor, you can:<br />
* Run the script by clicking the '''Run''' button.<br />
* Stop a running script by clicking the '''Stop''' button.<br />
* Save a script having unsaved changes by clicking the '''Save''' button.<br />
* To run a script having unsaved changes, click the '''Save and Run''' button. Note that the script needs to be saved to run it.<br />
* To go back to the list of scripts, click the '''Go back''' button. If there are unsaved changes in any of the opened scripts, you need to either save or cancel the changes.<br />
* To close a script, click the ''Close'' button for the tab showing the script. If there are unsaved changes, you need to either save or cancel changes.<br />
<br />
=== Starting Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Run'''. Alternatively, you can hover the script and click the ''Run'' button in the end of the row.<br />
<br />
Note that when running a script in the UI, the script must not contain commands where ''ExecuteInClientSide'' is enabled, because that is only supported when running scripts using [[QPR_ProcessAnalyzer_ScriptLauncher|QPR ScriptLauncher]].<br />
<br />
=== Stopping Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and from the right-click context menu select '''Stop'''. Alternatively, you can hover the script and click the ''Stop'' button in the end of the row.<br />
<br />
Note that it may take a while for a script to actually stop, depending on what kind of operation the script is executing when it's stopped.<br />
<br />
=== Viewing Script Log ===<br />
It's possible to see the script log of the last run, and monitor the currently running script progress. Logs for older runs are not available in the UI, nut they are stored by the system.<br />
<br />
To see the logs:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select either '''View last run log''' or '''View current run log'''. (The script needs to be running to open the current run log.)<br />
# If keeping the current run log open, the latest log entries are updated automatically every two seconds.<br />
<br />
More information about [[QPR_ProcessAnalyzer_Logs#Script_Log|Script Log]].<br />
<br />
=== Creating Script ===<br />
# On the left side projects hierarchy, select the project where you want to create a script.<br />
# Open the '''Scripts''' tab.<br />
# Click the '''New''' button and click '''Script'''. Define a name for the script and the scripting '''Language''' (either '''Expression''' or '''SQL'''), and then click '''Create'''. Note that script names must be unique within a project.<br />
<br />
Note that the scripting language cannot be changed after the script has been created, so a new script needs to be created to change the language.<br />
<br />
Note that each script in the same project needs to have a unique name.<br />
<br />
=== Deleting Script ===<br />
# Select the project where the script(s) to be deleted are located.<br />
# Open the '''Scripts''' tab.<br />
# Select one or several scripts to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
Note that if the script is being run, it cannot be deleted.<br />
<br />
=== Renaming Script ===<br />
# Select the project where the script to be renamed is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the script name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Script ===<br />
Scripts can be moved by dragging them with the left mouse button from the right side list to the target project in the left side hierarchy. Alternatively, you can first select the scripts, then from the right-click context menu select '''Move to''' and finally select the target project.<br />
<br />
=== Duplicating Script ===<br />
# Select the project where the script to be duplicated is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the script is created.<br />
<br />
=== Viewing Script Run Results ===<br />
Script runs can be [[Managing_Scripts#Running_Script|started]] and [[Managing_Scripts#Stopping_Script|stopped]] in the UI. Note that when running scripts using the UI, return values or results of the script cannot be viewed. If you want to use scripts that return data, there are following options:<br />
* Script can write data to the script log<br />
* Script can write data to a datatable<br />
* Script can be called from a dashboard and use the dashboard to present the returned data (see more below).</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Managing_Scripts&diff=28068Managing Scripts2026-04-09T11:49:29Z<p>TeeHiet: TK-63184</p>
<hr />
<div>In QPR ProcessAnalyzer, scripts can be used for ETL tasks and to automate routines. Scripts are managed in the [[QPR_ProcessAnalyzer_Project_Workspace|Project Workspace]].<br />
<br />
=== Running vs. Calling Scripts ===<br />
''Running'' a script means starting executing a stored script, which can be done in the UI or using the ScriptLauncher. A script can also ''call'' other scripts during the run. The differences between the running and calling are:<br />
* Script can run only once at a time, whereas there are no limitations on how many times a script can be called at the same time<br />
* Script log is written to the running script. No script log is written to the called script.<br />
* Script status shows whether the script is being run or not. The status does not change, when a script is called from other script.<br />
<br />
When a script is running, it's not possible to start another run of the same script, so the first run needs to end to start new. Scripts can call other scripts and a called scripts can run multiple times simultaneously. In the stack of called scripts, the script log is generated to the top level script. Also the top level script shows that it's running and the called scripts do not.<br />
<br />
=== Scripts List ===<br />
When selecting a project and opening the '''Scripts''' tab, all scripts in the project can be seen. Scripts list shows following information:<br />
* '''Name''': Name of the script.<br />
* '''Status''': Status of the script, which is one of following: ''Ready'', ''Running'' or ''Stopping''. For more information about script statuses, see below.<br />
* '''Last run duration''': Duration of the last ended run of the script (the last run result can be any).<br />
* '''Last run date''': Date and time when the last run ended. If you need to know the last run start time, subtract the ''Last run duration'' from this time.<br />
* '''Last run result''': Result of the last run of the script. Either of following: ''Completed'', ''Failed'' or ''Aborted''. For more information about last run results, see below.<br />
* '''Id''': Script id that uniquely identifies the script in the system.<br />
<br />
Scrips are in either of following statuses:<br />
* '''Ready''': Script is currently not running, and can be started.<br />
* '''Running''': Script is currently running, and the script can be stopped. When a script is running, another run of the same script cannot be started.<br />
* '''Stopping''': Script is currently being stopped. When a script is in this status, the script cannot be started nor stopped, so you need to wait for the script to stop. There may be a delay in stopping a script, depending on the operation currently performed by the script.<br />
<br />
The last script run result can be either of the following:<br />
* '''Completed''': The last run ended successfully, i.e. without any errors or exceptions. Note that despite of the technically successful run, the script might still not work as intended.<br />
* '''Failed''': The last run ended to an error or exception. To see more information about the reason of the failure, see the [[#Viewing_Script_Log|last run log]].<br />
* '''Aborted''': The last run was stopped by a user, so the script did not run till the end.<br />
<br />
=== Script Properties ===<br />
To open Script Properties, '''right-click''' the script on the Scripts tab in the Workspace and select '''Properties'''.<br><br />
The Script Properties lists the following information on the '''General'' tab:<br />
* '''Script ID''': A unique ID in the system.<br />
* '''Language''': The script's language, either "SQL" or "Expression".<br />
* '''Status''': As above in Scripts List.<br />
* '''Last run start''': Date and time when the last run started.<br />
* '''Last run end''': As "Last run date" above in Scripts List.<br />
* '''Last run duration''': As above in Scripts List.<br />
* '''Last run result''': As above in Scripts List.<br />
* '''Last modified''': Date and time when the script was last modified.<br />
* '''Last modified by''': User who last modified the script.<br />
* '''Created''': Date and time when the script was created.<br />
* '''Created by''': User who created the script.<br />
<br />
The Script Properties has the following information on the '''MCP'' tab:<br />
* '''MCP tool''': A checkbox to select whether the script can be used as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP]] tool.<br />
<br />
The Script Properties has the following information on the '''Description'' tab:<br />
* A textbox to edit the description of the script.<br />
<br />
=== Editing Script ===<br />
Open the scripts editor as follows:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Edit'''. Alternatively, you can hover the script and click the ''Edit'' button in the end of the row.<br />
<br />
The script editor can show multiple scripts in the tabs, allowing to easily switch between the scrips. The editor remembers all scripts that have been opened during the session.<br />
<br />
In the script editor, you can:<br />
* Run the script by clicking the '''Run''' button.<br />
* Stop a running script by clicking the '''Stop''' button.<br />
* Save a script having unsaved changes by clicking the '''Save''' button.<br />
* To run a script having unsaved changes, click the '''Save and Run''' button. Note that the script needs to be saved to run it.<br />
* To go back to the list of scripts, click the '''Go back''' button. If there are unsaved changes in any of the opened scripts, you need to either save or cancel the changes.<br />
* To close a script, click the ''Close'' button for the tab showing the script. If there are unsaved changes, you need to either save or cancel changes.<br />
<br />
=== Starting Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Run'''. Alternatively, you can hover the script and click the ''Run'' button in the end of the row.<br />
<br />
Note that when running a script in the UI, the script must not contain commands where ''ExecuteInClientSide'' is enabled, because that is only supported when running scripts using [[QPR_ProcessAnalyzer_ScriptLauncher|QPR ScriptLauncher]].<br />
<br />
=== Stopping Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and from the right-click context menu select '''Stop'''. Alternatively, you can hover the script and click the ''Stop'' button in the end of the row.<br />
<br />
Note that it may take a while for a script to actually stop, depending on what kind of operation the script is executing when it's stopped.<br />
<br />
=== Viewing Script Log ===<br />
It's possible to see the script log of the last run, and monitor the currently running script progress. Logs for older runs are not available in the UI, nut they are stored by the system.<br />
<br />
To see the logs:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select either '''View last run log''' or '''View current run log'''. (The script needs to be running to open the current run log.)<br />
# If keeping the current run log open, the latest log entries are updated automatically every two seconds.<br />
<br />
More information about [[QPR_ProcessAnalyzer_Logs#Script_Log|Script Log]].<br />
<br />
=== Creating Script ===<br />
# On the left side projects hierarchy, select the project where you want to create a script.<br />
# Open the '''Scripts''' tab.<br />
# Click the '''New''' button and click '''Script'''. Define a name for the script and the scripting '''Language''' (either '''Expression''' or '''SQL'''), and then click '''Create'''. Note that script names must be unique within a project.<br />
<br />
Note that the scripting language cannot be changed after the script has been created, so a new script needs to be created to change the language.<br />
<br />
Note that each script in the same project needs to have a unique name.<br />
<br />
=== Deleting Script ===<br />
# Select the project where the script(s) to be deleted are located.<br />
# Open the '''Scripts''' tab.<br />
# Select one or several scripts to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
Note that if the script is being run, it cannot be deleted.<br />
<br />
=== Renaming Script ===<br />
# Select the project where the script to be renamed is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the script name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Script ===<br />
Scripts can be moved by dragging them with the left mouse button from the right side list to the target project in the left side hierarchy. Alternatively, you can first select the scripts, then from the right-click context menu select '''Move to''' and finally select the target project.<br />
<br />
=== Duplicating Script ===<br />
# Select the project where the script to be duplicated is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the script is created.<br />
<br />
=== Viewing Script Run Results ===<br />
Script runs can be [[Managing_Scripts#Running_Script|started]] and [[Managing_Scripts#Stopping_Script|stopped]] in the UI. Note that when running scripts using the UI, return values or results of the script cannot be viewed. If you want to use scripts that return data, there are following options:<br />
* Script can write data to the script log<br />
* Script can write data to a datatable<br />
* Script can be called from a dashboard and use the dashboard to present the returned data (see more below).</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28067QPR ProcessAnalyzer as MCP Server2026-04-09T11:18:46Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://your-pa-server/qprpa/api/mcp) and select streamable-http as the transport type.<br><br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br><br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre><br />
<br />
[[Category: QPR ProcessAnalyzer]]<br />
[[Category: MCP]]</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28066QPR ProcessAnalyzer as MCP Server2026-04-09T11:17:54Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://your-pa-server/qprpa/api/mcp) and select streamable-http as the transport type.<br><br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br><br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28065QPR ProcessAnalyzer as MCP Server2026-04-09T11:17:20Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://your-pa-server/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28064QPR ProcessAnalyzer as MCP Server2026-04-09T11:15:10Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the '''MCP''' tab and select the '''MCP tool''' checkbox.<br />
# Switch to the '''Description''' tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://localhost:5000/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28063QPR ProcessAnalyzer as MCP Server2026-04-09T11:14:14Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the MCP tab and select the '''MCP Tool''' checkbox.<br />
# Switch to the Description tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://localhost:5000/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28062QPR ProcessAnalyzer as MCP Server2026-04-09T11:13:36Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the '''X-Mcp-Api-Key''' header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the MCP tab and select the '''MCP Tool''' checkbox.<br />
# Switch to the Description tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://localhost:5000/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28061QPR ProcessAnalyzer as MCP Server2026-04-09T11:12:13Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level '''web.config'''. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the MCP tab and select the '''MCP Tool''' checkbox.<br />
# Switch to the Description tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://localhost:5000/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28060QPR ProcessAnalyzer as MCP Server2026-04-09T11:11:11Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as '''null'''.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level web.config. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the MCP tab and select the '''MCP Tool''' checkbox.<br />
# Switch to the Description tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://localhost:5000/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28059QPR ProcessAnalyzer as MCP Server2026-04-09T11:10:23Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
The supported methods to authenticate MCP clients are OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as null.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level web.config. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the MCP tab and select the '''MCP Tool''' checkbox.<br />
# Switch to the Description tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://localhost:5000/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=QPR_ProcessAnalyzer_as_MCP_Server&diff=28058QPR ProcessAnalyzer as MCP Server2026-04-09T11:08:26Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer can act as a Model Context Protocol (MCP) server, allowing external tools and applications to interact with its analysis capabilities through script-based tools.<br />
<br />
== Overview of MCP Server Functionality ==<br />
The Model Context Protocol (MCP) is a standard for communication between modeling tools. By acting as an MCP server, QPR ProcessAnalyzer exposes its functionalities, which are implemented as [[Managing_Scripts|scripts]], to any MCP-compliant client. This enables a wide range of integrations and automation possibilities.<br />
<br />
Key features:<br />
* Script-based Tools: Any QPR ProcessAnalyzer script can be exposed as an MCP tool.<br />
* Flexible Authentication: Supports both API Key and OAuth 2.0 for secure access.<br />
* Standardized Communication: Uses the MCP standard for interoperability with clients like MCP Inspector and Visual Studio Code.<br />
<br />
== Configuring the MCP Server ==<br />
To enable and configure the MCP server functionality in QPR ProcessAnalyzer, a system administrator needs to adjust the McpServerConfiguration setting in the [[PA_Configuration_database_table|PA Configuration Database Table]].<br />
<br />
== Authentication Methods ==<br />
You can choose between two methods to authenticate MCP clients: OAuth 2.0 or API Keys. It's also possible to use both.<br />
<br />
=== OAuth 2.0 Authentication ===<br />
This method provides per-user authentication, allowing each MCP request to be authenticated against a specific QPR ProcessAnalyzer user. This is the recommended authentication method for MCP. To use OAuth 2.0 Authentication:<br />
* Set the '''McpApiKey''' value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table as null.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
==== Setting up IIS to support OpenId Connect Discovery ====<br />
When QPR ProcessAnalyzer is hosted in IIS, some clients (for example [https://modelcontextprotocol.io/docs/tools/inspector MCP Inspector]) may expect [https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig OpenID Connect discovery metadata] to be available from the standard endpoint:<br><br />
/.well-known/openid-configuration<br><br />
<br><br />
To make this work, add an IIS rewrite rule and a CORS header at the IIS root-level web.config. Adding rewrite rules to IIS requires [https://www.iis.net/downloads/microsoft/url-rewrite URL Rewrite] to be installed on the system.<br />
<br />
: 1. Open the root-level IIS web.config.<br />
: 2. Add the following configuration under <system.webServer>:<br />
<pre><br />
<?xml version="1.0" encoding="UTF-8"?><br />
<configuration><br />
<system.webServer><br />
<rewrite><br />
<rules><br />
<rule name="Redirect OIDC Discovery - openid-configuration" stopProcessing="true"><br />
<match url="^\.well-known/openid-configuration$" /><br />
<action type="Redirect"<br />
url="<QPR ProcessAnalyzer Path>/builtin-oauth/.well-known/openid-configuration"<br />
redirectType="Permanent" /><br />
</rule><br />
</rules><br />
</rewrite><br />
<br />
<httpProtocol><br />
<customHeaders><br />
<add name="Access-Control-Allow-Origin" value="<Allowed CORS origins>" /><br />
</customHeaders><br />
</httpProtocol><br />
</system.webServer><br />
</configuration><br />
</pre><br />
: 3. Replace placeholders:<br />
:* <QPR ProcessAnalyzer Path>: IIS virtual path to the installed QPR ProcessAnalyzer application, for example qprpa.<br />
:* <Allowed CORS origins>: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS CORS origin] origin(s) allowed to call discovery. Use specific origin(s) in production.<br />
<br />
You may also need to add the URL of the client accessing the MCP server to the CorsOrigins setting in the server's [[Server_settings_in_appsettings.json|appsettings.json]].<br />
<br />
After configuration, the following URL should return OpenID provider metadata:<br><br />
https://<your-host>/.well-known/openid-configuration<br />
<br><br />
If the endpoint does not work, verify that the rewrite rule is in the IIS root-level web.config and that the target path resolves to .../builtin-oauth/.well-known/openid-configuration.<br />
<br />
=== API Key Authentication ===<br />
This method uses a static, pre-shared key for all MCP requests. To use API key authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
<br />
=== Oauth 2.0 and API Key Authentication ===<br />
This method combines both per-user authentication and static API key authentication. To use both OAuth 2.0 and API key Authentication:<br />
* Set the McpApiKey value in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table. The MCP client using API key authentication must then include this key in the X-Mcp-Api-Key header of each request.<br />
* Create a user named "MCP Client" in QPR ProcessAnalyzer. All the MCP server operations are performed in the context of "MCP Client" user, i.e. the user can't see or modify anything the "MCP Client" user can't see or modify in any other way.<br />
* Set the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] value in the PA_Configuration database table with at least an '''AcceptedAudiences''' value other than the default.<br />
<br />
== Implementing MCP Tools with Scripts ==<br />
Any QPR ProcessAnalyzer script can be turned into an MCP tool. This is controlled in the [[Managing_Scripts#Script_Properties|Script Properties]].<br><br />
<br><br />
To enable a script as an MCP Tool:<br />
# Log in to QPR ProcessAnalyzer as a System Administrator.<br />
# For the script to be used as an MCP tool, give it a name. This name is then used as the MCP tool name. It is important to ensure that every script intended for MCP use has a non-empty, valid name, as clients may fail to discover tools with invalid names.<br />
# Open the properties of the script.<br />
# Switch to the MCP tab and select the '''MCP Tool''' checkbox.<br />
# Switch to the Description tab and provide a description. The description is added to the context of the client.<br />
<br />
== Connecting as an MCP Client ==<br />
MCP clients can connect to the QPR ProcessAnalyzer server to discover and execute the available tools. The endpoint and connection details are:<br />
* '''URL''': The primary MCP endpoint is located at /api/mcp relative to the QPR ProcessAnalyzer server URL (e.g., https://your-pa-server.com/qprpa/api/mcp).<br />
* '''Type''': http.<br />
* '''Headers''': Clients must include the following headers in their requests:<br />
** '''X-Mcp-Api-Key''': Used when authenticating with API key. The API key that is defined in the [[PA_Configuration_database_table#MCP_Server_Settings|McpServerConfiguration]] setting in the PA_Configuration database table.<br />
** '''Client ID''': Used when authenticating with OAuth 2.0. If the AcceptedAudiences value in the [[PA_Configuration_database_table#MCP_Server_Settings|BuiltInOAuthServerConfiguration]] setting in the PA_Configuration database table is something else than null, the client ID has to match it. If the AcceptedAudiences value is null, the client ID must be created with [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)].<br />
<br />
=== Example: Using MCP Inspector ===<br />
MCP Inspector is a standard client that can be used to test the connection and interact with the MCP tools.<br />
<br />
Connect to Server: In MCP Inspector, provide the server's MCP endpoint URL (e.g., http://localhost:5000/qprpa/api/mcp) and select streamable-http as the transport type.<br />
Authenticate: Configure the necessary authentication header (e.g., X-Mcp-Api-Key).<br />
List and Call Tools: Once connected, you can list the available tools and call them. For example, to call a tool named GetCurrentTime, the client would send a JSON-RPC request like the one below:<br />
<pre><br />
{<br />
"method": "tools/call",<br />
"params": {<br />
"name": "GetCurrentTime",<br />
"arguments": {},<br />
"_meta": {<br />
"progressToken": 2<br />
}<br />
},<br />
"jsonrpc": "2.0",<br />
"id": 2<br />
}<br />
</pre></div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=Managing_Scripts&diff=28057Managing Scripts2026-04-09T09:55:38Z<p>TeeHiet: TK-63184</p>
<hr />
<div>In QPR ProcessAnalyzer, scripts can be used for ETL tasks and to automate routines. Scripts are managed in the [[QPR_ProcessAnalyzer_Project_Workspace|Project Workspace]].<br />
<br />
=== Running vs. Calling Scripts ===<br />
''Running'' a script means starting executing a stored script, which can be done in the UI or using the ScriptLauncher. A script can also ''call'' other scripts during the run. The differences between the running and calling are:<br />
* Script can run only once at a time, whereas there are no limitations on how many times a script can be called at the same time<br />
* Script log is written to the running script. No script log is written to the called script.<br />
* Script status shows whether the script is being run or not. The status does not change, when a script is called from other script.<br />
<br />
When a script is running, it's not possible to start another run of the same script, so the first run needs to end to start new. Scripts can call other scripts and a called scripts can run multiple times simultaneously. In the stack of called scripts, the script log is generated to the top level script. Also the top level script shows that it's running and the called scripts do not.<br />
<br />
=== Scripts List ===<br />
When selecting a project and opening the '''Scripts''' tab, all scripts in the project can be seen. Scripts list shows following information:<br />
* '''Name''': Name of the script.<br />
* '''Status''': Status of the script, which is one of following: ''Ready'', ''Running'' or ''Stopping''. For more information about script statuses, see below.<br />
* '''Last run duration''': Duration of the last ended run of the script (the last run result can be any).<br />
* '''Last run date''': Date and time when the last run ended. If you need to know the last run start time, subtract the ''Last run duration'' from this time.<br />
* '''Last run result''': Result of the last run of the script. Either of following: ''Completed'', ''Failed'' or ''Aborted''. For more information about last run results, see below.<br />
* '''Id''': Script id that uniquely identifies the script in the system.<br />
<br />
Scrips are in either of following statuses:<br />
* '''Ready''': Script is currently not running, and can be started.<br />
* '''Running''': Script is currently running, and the script can be stopped. When a script is running, another run of the same script cannot be started.<br />
* '''Stopping''': Script is currently being stopped. When a script is in this status, the script cannot be started nor stopped, so you need to wait for the script to stop. There may be a delay in stopping a script, depending on the operation currently performed by the script.<br />
<br />
The last script run result can be either of the following:<br />
* '''Completed''': The last run ended successfully, i.e. without any errors or exceptions. Note that despite of the technically successful run, the script might still not work as intended.<br />
* '''Failed''': The last run ended to an error or exception. To see more information about the reason of the failure, see the [[#Viewing_Script_Log|last run log]].<br />
* '''Aborted''': The last run was stopped by a user, so the script did not run till the end.<br />
<br />
=== Script Properties ===<br />
WIP<br />
<br />
=== Editing Script ===<br />
Open the scripts editor as follows:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Edit'''. Alternatively, you can hover the script and click the ''Edit'' button in the end of the row.<br />
<br />
The script editor can show multiple scripts in the tabs, allowing to easily switch between the scrips. The editor remembers all scripts that have been opened during the session.<br />
<br />
In the script editor, you can:<br />
* Run the script by clicking the '''Run''' button.<br />
* Stop a running script by clicking the '''Stop''' button.<br />
* Save a script having unsaved changes by clicking the '''Save''' button.<br />
* To run a script having unsaved changes, click the '''Save and Run''' button. Note that the script needs to be saved to run it.<br />
* To go back to the list of scripts, click the '''Go back''' button. If there are unsaved changes in any of the opened scripts, you need to either save or cancel the changes.<br />
* To close a script, click the ''Close'' button for the tab showing the script. If there are unsaved changes, you need to either save or cancel changes.<br />
<br />
=== Starting Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select '''Run'''. Alternatively, you can hover the script and click the ''Run'' button in the end of the row.<br />
<br />
Note that when running a script in the UI, the script must not contain commands where ''ExecuteInClientSide'' is enabled, because that is only supported when running scripts using [[QPR_ProcessAnalyzer_ScriptLauncher|QPR ScriptLauncher]].<br />
<br />
=== Stopping Script ===<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and from the right-click context menu select '''Stop'''. Alternatively, you can hover the script and click the ''Stop'' button in the end of the row.<br />
<br />
Note that it may take a while for a script to actually stop, depending on what kind of operation the script is executing when it's stopped.<br />
<br />
=== Viewing Script Log ===<br />
It's possible to see the script log of the last run, and monitor the currently running script progress. Logs for older runs are not available in the UI, nut they are stored by the system.<br />
<br />
To see the logs:<br />
# On the left side projects hierarchy, select the project where the script is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script and in the right-click context menu select either '''View last run log''' or '''View current run log'''. (The script needs to be running to open the current run log.)<br />
# If keeping the current run log open, the latest log entries are updated automatically every two seconds.<br />
<br />
More information about [[QPR_ProcessAnalyzer_Logs#Script_Log|Script Log]].<br />
<br />
=== Creating Script ===<br />
# On the left side projects hierarchy, select the project where you want to create a script.<br />
# Open the '''Scripts''' tab.<br />
# Click the '''New''' button and click '''Script'''. Define a name for the script and the scripting '''Language''' (either '''Expression''' or '''SQL'''), and then click '''Create'''. Note that script names must be unique within a project.<br />
<br />
Note that the scripting language cannot be changed after the script has been created, so a new script needs to be created to change the language.<br />
<br />
Note that each script in the same project needs to have a unique name.<br />
<br />
=== Deleting Script ===<br />
# Select the project where the script(s) to be deleted are located.<br />
# Open the '''Scripts''' tab.<br />
# Select one or several scripts to be deleted.<br />
# Click the '''Delete''' button and click '''Delete''' to the confirmation message.<br />
<br />
Note that if the script is being run, it cannot be deleted.<br />
<br />
=== Renaming Script ===<br />
# Select the project where the script to be renamed is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be renamed.<br />
# Click the '''Rename''' button.<br />
# Change the script name in the opening dialog and click '''OK'''.<br />
<br />
=== Moving Script ===<br />
Scripts can be moved by dragging them with the left mouse button from the right side list to the target project in the left side hierarchy. Alternatively, you can first select the scripts, then from the right-click context menu select '''Move to''' and finally select the target project.<br />
<br />
=== Duplicating Script ===<br />
# Select the project where the script to be duplicated is located.<br />
# Open the '''Scripts''' tab.<br />
# Select the script to be duplicated.<br />
# Click the '''Duplicate''' button. A duplicate of the script is created.<br />
<br />
=== Viewing Script Run Results ===<br />
Script runs can be [[Managing_Scripts#Running_Script|started]] and [[Managing_Scripts#Stopping_Script|stopped]] in the UI. Note that when running scripts using the UI, return values or results of the script cannot be viewed. If you want to use scripts that return data, there are following options:<br />
* Script can write data to the script log<br />
* Script can write data to a datatable<br />
* Script can be called from a dashboard and use the dashboard to present the returned data (see more below).</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=PA_Configuration_database_table&diff=28056PA Configuration database table2026-04-09T09:18:28Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer database has a configuration table '''PA_Configuration''' containing settings listed in the tables below. You need '''SQL Server Management Studio''' to edit the settings in the configuration table. QPR ProcessAnalyzer Server needs to be restarted (e.g. IIS application pool recycled) for the changes to take effect.<br />
<br />
For boolean values, ''true'' and ''1'' are valid values for yes, and ''false'' and ''0'' are valid for no.<br />
<br />
== General Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultDataSource<br />
||<br />
||Datasource where datatables data is stored when datatables are created by a script when the datasource is not explicitly specified in the script. Options are '''Snowflake''' and '''SqlServer'''. Value ''snowflake'' can be used when the ''SnowflakeConnectionString'' setting is defined, and value ''sqlserver'' can be used when the setting ''SqlServerConnectionString'' is configured. The setting can be changed without affecting the existing datatables, as the setting only affect new datatables. When this setting is empty, datatables are created in the metadata database.<br />
|-<br />
||SnowflakeConnectionString<br />
||<br />
||ODBC connection string for the Snowflake account. This setting is needed to make analytics calculations in the Snowflake. More information how to configure the [[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]]. The Snowflake ODBC driver also needs to be installed in the machine running the QPR ProcessAnalyzer Server. When this setting has been configured, users can create Snowflake stored datatables and models using Snowflake calculation.<br />
<br />
When running QPR ProcessAnalyzer in the Snowpark Container Services, leave the SnowflakeConnectionString empty because then the connection string is created automatically using the method provided by the Snowpark Container Services.<br />
|-<br />
||SqlServerConnectionString<br />
||<br />
||Connection string for the SQL Server database containing the datatables data. It's recommended to use a separate database, but it's also possible to connect to the same database as the configuration data. If this setting is not configured, local datatables cannot be created (SQL Server stored). Existing datatables located in the configuration datatabase still work even if this setting has not be configured. Note that the connection uses ADO.Net (not ODBC), so the connection string is similar to the configuration database ([[Server_settings_in_appsettings.json|appsettings.json]] file).<br />
|-<br />
||DefaultColorPalette<br />
||<br />
||Charts color palette used globally in the environment. Defined as a json array of strings encoded with RGB hex (with or without alpha). Note that when a color palette in a chart has been changed, the chart starts using a chart-specific color palette, and the global color palette doesn't affect those charts. <br />
<br />
Example: ["#1F77B4", "#FF7F0E", "#2CA02C", "#D62728", "#9467BD", "#8C564B", "#E377C2", "#7F7F7F", "#BCBD22", "#17BECF"]<br />
|-<br />
||OpenAIAPIKey<br />
||<br />
||API key for the OpenAI API (https://platform.openai.com/docs/api-reference). It needs to be configured to use the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function.<br />
|-<br />
||OpenAIDefaultModelName<br />
||gpt-4o<br />
||OpenAI large language model (LLM) to use for the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function. If not defined, '''gpt-4o''' will be used. Note that only LLM's that support the function calling feature, are suitable for the AI Assistant. More information about OpenAI models: https://platform.openai.com/docs/models.<br />
|-<br />
||DefaultCortexAgentsModelName<br />
||llama3.1-70b<br />
||Specifies the default language model when using Snowflake Cortex Agents (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). If not defined, '''llama3.1-70b''' is used.<br />
|-<br />
||<span id="QueryTimeout">QueryTimeout</span><br />
||300<br />
||Timeout (in seconds) for requests made to /api/expression/query and /api/expression endpoints. When the timeout is exceeded, the query is stopped and a timeout error is returned. Purpose of the timeout is to protect the system against potentially too long running or even never-ending queries which might otherwise jam the system.<br />
|-<br />
||SessionIdleTimeout<br />
||3600<br />
||Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time.<br />
|-<br />
||SessionMaximumDuration<br />
||86400<br />
||Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.<br />
|-<br />
|DatabaseId<br />
|<br />
||Unique identifier for the QPR ProcessAnalyzer environment. Any characters between a-z, A-Z, 0-9 and _ (underscore) can be used in the DatabaseId. If the DatabaseId is missing or set to null, the system will generate a new GUID during startup and use it as the DatabaseId. The DatabaseId can also be an empty string. If using several QPR ProcessAnalyzer environments, make sure each use a different DatabaseId. The DatabaseId is used as part of the table names in Snowflake and SQL Server (in the datatables database). Thus if the DatabaseId is changed, all tables in Snowflake and SQL Server named with qprpa_dt_<DatabaseId>_<DatatableId> need to be renamed.<br />
|-<br />
||<span id="CacheOnlyPrimaryKeysForFilters">CacheOnlyPrimaryKeysForFilters</span><br />
||false<br />
||Defines whether to include all columns in the Snowflake event cache filter tables (''false''), or only the primary key columns (''true''). When ''false'', cache table creation is slower, but the analysis calculation is faster because the original event table is not used anymore. When ''false'', also the cache tables require more storage space in Snowflake.<br />
|}<br />
<br />
== Localization Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultUiLanguage<br />
||en_US<br />
||Language code for the UI language that new user accounts get by default. Thus, a created user account has this language until the user changes her/his language. Also the login page is translated using this language when QPR ProcessAnalyzer is used for the first time in that web browser (when user has changed the language, it's remembered by the browser). This setting must be one of the supported language codes (xx_XX):<br />
* English: '''en_US'''<br />
* Finnish: '''fi_FI'''<br />
* French: '''fr_FR'''<br />
* German: '''de_DE'''<br />
* Polish: '''pl_PL'''<br />
* Portuguese: '''pt_BR'''<br />
* Spanish: '''es_ES'''<br />
* Swedish: '''sv_SE'''<br />
* Ukrainian: '''uk_UK'''<br />
|-<br />
||DefaultDateFormat<br />
||MM/dd/yyyy<br />
||Default date format that new user accounts get by default. The date format does not contain the time part (e.g. hours, minutes and seconds). Defined using the .Net date format (https://docs.microsoft.com/en-us/dotnet/standard/base-types/custom-date-and-time-format-strings).<br />
|-<br />
||DefaultFirstDayOfWeek<br />
||0<br />
||Default first day of the week that new user accounts get by default. '''0''' is Sunday and '''1''' is Monday. This information is used by the UI when showing e.g. calendars.<br />
|-<br />
||DefaultUse12HourClock<br />
||false<br />
||Defines whether the 12-hour clock is used by default (instead of the 24-hour clock) for the new user accounts when showing time information in the UI. Defined as '''true''' or '''false'''. More information about the 12-hour clock: https://en.wikipedia.org/wiki/12-hour_clock.<br />
|-<br />
|}<br />
<br />
== ETL Scripts Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||AllowExternalDatasources<br />
||true<br />
||Can be used to disallow all connections to external datasources in the expression language and SQL scripts to improve security. Disallowed operations include ODBC, OLE DB, SQL Server (Ado.Net), SAP, Salesforce, and call web service. Note that this setting does not prevent the Snowflake processing. Regardless of this setting, QPR ScriptLauncher can be used to extract data from source systems.<br />
|-<br />
||SandboxDatabaseConnectionString<br />
||<br />
||Connection string to scripting sandbox database (ETL). If not defined, SQL-based ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the [[Server_settings_in_appsettings.json|QPR ProcessAnalyzer database connection string]]. More information: [[Setting up Scripting Sandbox]].<br />
|-<br />
||AllowNonTemporaryETLTargetTable<br />
||false<br />
||Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##). More information about temporary tables: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-table-transact-sql?view=sql-server-ver15#temporary-tables.<br />
|-<br />
||DatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to datatables.<br />
|-<br />
|SandboxDatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to sandbox tables in the SQL scripts.<br />
|-<br />
||<span style="color:lightgrey;">DatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.<br />
|-<br />
||<span style="color:lightgrey;">SandboxDatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for sandbox SqlBulkCopy operations.<br />
|}<br />
<br />
== In-memory Calculation Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||NumberOfParallelModelReaders<br />
||4<br />
||Models and datatable contents can be loaded with multiple simultaneous connections to the database to speed up the loading. This setting determines how many parallel loaders/readers at maximum (loaders are loading at the same time). For smaller models there are less parallel loaders than the defined limit: If there are less than 100000 rows in the table, there is only one loader. If there are less than 200000 rows in the table, there are only two loaders, and so on. <br />
<br />
The more there are parallel loaders, the more processor load and network bandwidth is consumed, and other operations in QPR ProcessAnalyzer might slow down. Note also that the performance optimum is achieved with a certain number of parallel loaders which differs between environment. Thus to achieve the best performance, data loading should be tested with different number of parallel loaders. Increasing number of parallel loaders beyond the optimum decreases the performance.<br />
<br />
|-<br />
||StartupModelLoadingMaxParallelism<br />
||2<br />
||Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the [[Automatic_Model_Loading_on_Server_Startup|Automatic Loading on Server Startup]]. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, '''2''' is used as a default value.<br />
<br />
Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server. <br />
<br />
This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.<br />
|}<br />
<br />
== SAML 2.0 Federated Authentication Settings ==<br />
Note that the SAMLMetadataUrl and ServiceProviderLocation are mandatory for the federated authentication to work. Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SAMLMetadataUrl<br />
||<br />
Metadata URL of the identity provider (IdP). Check that the metadata url can actually be opened using a web browser and is publicly available. The metadata is an XML document starting with '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''. This setting is mandatory for the SAML authentication to work.<br />
|-<br />
||ServiceProviderLocation<br />
||<br />
Specifies the QPR ProcessAnalyzer server location (the root path which contains e.g. the ''ui'' folder). It's used by the url to redirect back to QPR ProcessAnalyzer after a successful authentication from the identity provider. The setting is defined in the following form: '''https://<hostname>/qprpa''', for example '''<nowiki>https://customer.onqpr.com/qprpa</nowiki>'''. Note that the actual redirect back url is '''https://<hostname>/qprpa/api/Saml2/Acs''' (/api/Saml2/Acs is automatically included to the url). This setting is mandatory for the SAML authentication to work. Note that if this reply url is configured the identity provider, it must match with the ServiceProviderLocation setting.<br />
|-<br />
||SAMLUserIdAttribute<br />
||<br />
Name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not defined, the '''saml:Assertion''' > '''saml:Subject''' > '''saml:NameID''' attribute in the assertion is used. If this setting is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the saml:NameID element is different than the usual SAML attributes that are defined by the saml:Attribute elements. For example, if an email address is used as a user id, the value of the setting could be for example ''<nowiki>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</nowiki>''.<br />
|-<br />
||SAMLGroupsAttribute<br />
||Attribute name in SAML assertion that is mapped to user groups in QPR ProcessAnalyzer. The user group names are case sensitive. When a user logs in, the user is added to and removed from groups based on the information in the SAML assertion. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped.<br />
<br />
In the SAML assertion, attributes are in the saml:Assertion > saml:AttributeStatement > saml:Attribute elements (the Name attribute in the saml:Attribute element is used for matching).<br />
|-<br />
||SAMLEncryptionCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to encrypt SAML assertions. The public key of the certificate is published in the service provider metadata, where the identity provider can read it and encrypt SAML assertions. QPR ProcessAnalyzer as the service provider uses the corresponding private key of the certificate to decrypt SAML assertions. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. This setting is needed only when using the SAML assertions encryption. Even though this setting is defined, the SAML assertions are not required to be encrypted. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|-<br />
||SAMLSigningCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to sign SAML authentication requests sent from QPR ProcessAnalyzer to the identity provider. The public key of the certificate is published in the service provider metadata, where the identity provider can read it, to verify the authenticity of the SAML requests. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. If this setting is not defined, the internal hard-coded signing certificate is used. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|}<br />
<br />
== OAuth 2.0 Authentication Settings ==<br />
Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||ExternalOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for server that is used to authenticate the user signing in to ProcessAnalyzer. If not set, external OAuth server will not be used for authentication. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''Authority''' (string): OAuth authority URL for authentication. E.g., https://accounts.google.com/<br />
* '''Audience''' (string): Mandatory. OAuth audience/client ID for validating OAuth tokens.<br />
* '''AuthorizeUrlOverride''' (string): Override URL for the OAuth authorization endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''TokenUrlOverride''' (string): Override URL for the OAuth token endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''UserInfoUrlOverride''' (string): Override URL to fetch user information from the OAuth provider. If empty or not defined, the default URL from the authority's discovery document is used. Should not be used if OpendID Connect is to be used as access token validation is skipped.<br />
* '''ClientSecret''' (string): OAuth client secret for confidential client authentication. If configured, this value is sent as the client_secret parameter when exchanging authorization codes for tokens.<br />
* '''Issuer''' (string): OAuth issuer for validating OAuth tokens. If empty, the authority URL's issuer is used.<br />
* '''UserNameClaim''' (string): Name of the claim whose value is to be used as the name of the authenticated user. The default value is "preferred_username".<br />
* '''UserGroupsClaim''' (string): Name of the claim whose value is to be used as the names of the user groups the authenticated user belongs to. The default value is "groups".<br />
|}<br />
<br />
== SMTP Server Settings ==<br />
SMTP server settings are needed for QPR ProcessAnalyzer to send email messages. Email sending is used by the [[Email_Notifications|notifications]] and the [[Generic_Functions_in_QPR_ProcessAnalyzer#SendEmail|SendEmail]] function in the expression language.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SmtpServer<br />
||DNS name, host name or IP address of the SMTP server. Mandatory setting for the email sending to work.<br />
|-<br />
||SmtpPort<br />
||TCP port number of the SMTP server. If not defined, port 25 is used by default.<br />
|-<br />
||SmtpAuthenticationUsername<br />
||User name for authenticating to the SMTP server. If not defined, no authentication is used to connect to the SMTP server.<br />
|-<br />
||SmtpFromAddress<br />
||Email address where email messages sent by QPR ProcessAnalyzer appear to be coming from. This doesn't need to be a real email address, although the address used may affect email spam filters. The setting configured here is the default email address to use in following cases:<br />
* ''From address'' is not set for the email notifications<br />
* ''From'' parameter is not defined for the expression language ''SendEmail'' function<br />
* ''EmailFrom'' parameter is not defined for the SQL Scripting SendEmail operation<br />
|-<br />
||SmtpAuthenticationPassword<br />
||Password for authenticating to the SMTP server.<br />
|-<br />
||SmtpEnableSSL<br />
||Use value '''True''' or '''False''' depending whether TLS connection to the SMTP server is used or not. If not defined, ''False'' is the default value.<br />
|}<br />
<br />
== MCP Server Settings ==<br />
MCP server settings are needed for QPR ProcessAnalyzer to act as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP server]].<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||McpServerConfiguration<br />
||Used to configure the MCP server built-in to ProcessAnalyzer server. If not set, MCP server functionality is disabled and MCP clients can't access to this server using MCP. If set, contains a string representation of a JSON object that supports the following properties:<br />
* McpApiKey: If defined and not empty, defines the API key that can be used to connect to QPR ProcessAnalyzer MCP server without any other authentication. Default value is empty.<br />
|-<br />
||BuiltInOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for OAuth server built-in to ProcessAnalyzer server. If not set, built-in OAuth server functionality is disabled and clients can't connect to this server using OAuth. If set, contains a string representation of a JSON object that supports the following properties: <br />
* '''Issuer''' (string): OAuth issuer, which identifies a trusted authorization server that authenticates users and issues OAuth 2.0 access tokens and JSON Web Tokens (JWTs). If not defined or empty, default value is used, which is of format: <QPR ProcessAnalyzer server's base URL>/builtin-oauth. For example: https://example.com/builtin-oauth. The default value is empty.<br />
* '''AcceptedAudiences''' (array of strings): Array of strings that define all the accepted audiences this QPR ProcessAnalyzer server is serving. When authorizing user using OAuth, these values are matched with the audience-parameter (a.k.a. client id) of the authorization. Only requests with a value that matches a value in this array are accepted. If null, audience-parameters are not validated at all. Instead, all authorization requests will pass the audience validation check. This also enables [https://datatracker.ietf.org/doc/html/rfc7591 Dynamic Client Registration Protocol (DCR)]. The default value is an empty array.<br />
* '''SigningKey''' (string): Signing key for the built-in OAuth identity provider. If empty, generates a non-deterministic key based on the physical system where QPR ProcessAnalyzer is running. NOTE: Once QPR ProcessAnalyzer server is restarted, these non-deterministic keys no longer work. If defined, string must contain the key either in PEM ([https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsa.importfrompem?view=net-10.0 RFC 7468 PEM-encoded key]) or JSON ([https://datatracker.ietf.org/doc/html/rfc7517 RFC 7517]) format. The default value is empty.<br />
* '''TokenLifetimeSeconds''' (integer): Token lifetime in seconds for the built-in OAuth identity provider. After access token created by built-in gets older than this lifetime, it becomes unusable and a new token has to be created. The default value is 3600.<br />
* '''DisableExternalOAuthForwarding''' (boolean): Can be used to disable forwarding OAuth requests to any configured external OAuth authorization server or SAML identity provider. If set, a QPR ProcessAnalyzer's own login view functionality is always used when authorizing a user. The default value is false.<br />
Example configuration:<br><br />
<pre><br />
{<br />
"Issuer": "",<br />
"AcceptedAudiences": ["qpr-processanalyzer"],<br />
"SigningKey": "",<br />
"TokenLifetime": 3600<br />
}<br />
</pre><br />
|}<br />
<br />
== Readonly Information ==<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
|<span style="color:lightgrey;">DatabaseVersion</span><br />
||Database schema version. It will be updated automatically when the newer version of QPR ProcessAnalyzer Server connects to the database and performs migration for the database schema.<br />
|-<br />
||<span style="color:lightgrey;">InitializationScriptDatabaseVersion</span><br />
||Database version that was when the database was initialized when the software was installed. Do not change this setting.<br />
|-<br />
||<span style="color:lightgrey;">MinimumDatabaseVersion</span><br />
||Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.<br />
|}</div>TeeHiethttps://wiki.onqpr.com/pa/index.php?title=PA_Configuration_database_table&diff=28055PA Configuration database table2026-04-09T09:11:09Z<p>TeeHiet: TK-63184</p>
<hr />
<div>QPR ProcessAnalyzer database has a configuration table '''PA_Configuration''' containing settings listed in the tables below. You need '''SQL Server Management Studio''' to edit the settings in the configuration table. QPR ProcessAnalyzer Server needs to be restarted (e.g. IIS application pool recycled) for the changes to take effect.<br />
<br />
For boolean values, ''true'' and ''1'' are valid values for yes, and ''false'' and ''0'' are valid for no.<br />
<br />
== General Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultDataSource<br />
||<br />
||Datasource where datatables data is stored when datatables are created by a script when the datasource is not explicitly specified in the script. Options are '''Snowflake''' and '''SqlServer'''. Value ''snowflake'' can be used when the ''SnowflakeConnectionString'' setting is defined, and value ''sqlserver'' can be used when the setting ''SqlServerConnectionString'' is configured. The setting can be changed without affecting the existing datatables, as the setting only affect new datatables. When this setting is empty, datatables are created in the metadata database.<br />
|-<br />
||SnowflakeConnectionString<br />
||<br />
||ODBC connection string for the Snowflake account. This setting is needed to make analytics calculations in the Snowflake. More information how to configure the [[Snowflake_Connection_Configuration#Set_Snowflake_ODBC_connection|Snowflake connection string]]. The Snowflake ODBC driver also needs to be installed in the machine running the QPR ProcessAnalyzer Server. When this setting has been configured, users can create Snowflake stored datatables and models using Snowflake calculation.<br />
<br />
When running QPR ProcessAnalyzer in the Snowpark Container Services, leave the SnowflakeConnectionString empty because then the connection string is created automatically using the method provided by the Snowpark Container Services.<br />
|-<br />
||SqlServerConnectionString<br />
||<br />
||Connection string for the SQL Server database containing the datatables data. It's recommended to use a separate database, but it's also possible to connect to the same database as the configuration data. If this setting is not configured, local datatables cannot be created (SQL Server stored). Existing datatables located in the configuration datatabase still work even if this setting has not be configured. Note that the connection uses ADO.Net (not ODBC), so the connection string is similar to the configuration database ([[Server_settings_in_appsettings.json|appsettings.json]] file).<br />
|-<br />
||DefaultColorPalette<br />
||<br />
||Charts color palette used globally in the environment. Defined as a json array of strings encoded with RGB hex (with or without alpha). Note that when a color palette in a chart has been changed, the chart starts using a chart-specific color palette, and the global color palette doesn't affect those charts. <br />
<br />
Example: ["#1F77B4", "#FF7F0E", "#2CA02C", "#D62728", "#9467BD", "#8C564B", "#E377C2", "#7F7F7F", "#BCBD22", "#17BECF"]<br />
|-<br />
||OpenAIAPIKey<br />
||<br />
||API key for the OpenAI API (https://platform.openai.com/docs/api-reference). It needs to be configured to use the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function.<br />
|-<br />
||OpenAIDefaultModelName<br />
||gpt-4o<br />
||OpenAI large language model (LLM) to use for the [[AI_Assistant_for_QPR_ProcessAnalyzer|AI Assistant]] and [[Generic_Functions_in_QPR_ProcessAnalyzer#OpenAIChatCompletion|OpenAIChatCompletion]] function. If not defined, '''gpt-4o''' will be used. Note that only LLM's that support the function calling feature, are suitable for the AI Assistant. More information about OpenAI models: https://platform.openai.com/docs/models.<br />
|-<br />
||DefaultCortexAgentsModelName<br />
||llama3.1-70b<br />
||Specifies the default language model when using Snowflake Cortex Agents (https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-rest-api). If not defined, '''llama3.1-70b''' is used.<br />
|-<br />
||<span id="QueryTimeout">QueryTimeout</span><br />
||300<br />
||Timeout (in seconds) for requests made to /api/expression/query and /api/expression endpoints. When the timeout is exceeded, the query is stopped and a timeout error is returned. Purpose of the timeout is to protect the system against potentially too long running or even never-ending queries which might otherwise jam the system.<br />
|-<br />
||SessionIdleTimeout<br />
||3600<br />
||Idle user session expiration timeout in seconds. User session expires if the session hasn't been used after this amount of time.<br />
|-<br />
||SessionMaximumDuration<br />
||86400<br />
||Maximum duration for a user session in seconds. Even if a session is used so that the SessionIdleTimeout is not reached, the session is expired after this amount of time.<br />
|-<br />
|DatabaseId<br />
|<br />
||Unique identifier for the QPR ProcessAnalyzer environment. Any characters between a-z, A-Z, 0-9 and _ (underscore) can be used in the DatabaseId. If the DatabaseId is missing or set to null, the system will generate a new GUID during startup and use it as the DatabaseId. The DatabaseId can also be an empty string. If using several QPR ProcessAnalyzer environments, make sure each use a different DatabaseId. The DatabaseId is used as part of the table names in Snowflake and SQL Server (in the datatables database). Thus if the DatabaseId is changed, all tables in Snowflake and SQL Server named with qprpa_dt_<DatabaseId>_<DatatableId> need to be renamed.<br />
|-<br />
||<span id="CacheOnlyPrimaryKeysForFilters">CacheOnlyPrimaryKeysForFilters</span><br />
||false<br />
||Defines whether to include all columns in the Snowflake event cache filter tables (''false''), or only the primary key columns (''true''). When ''false'', cache table creation is slower, but the analysis calculation is faster because the original event table is not used anymore. When ''false'', also the cache tables require more storage space in Snowflake.<br />
|}<br />
<br />
== Localization Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||DefaultUiLanguage<br />
||en_US<br />
||Language code for the UI language that new user accounts get by default. Thus, a created user account has this language until the user changes her/his language. Also the login page is translated using this language when QPR ProcessAnalyzer is used for the first time in that web browser (when user has changed the language, it's remembered by the browser). This setting must be one of the supported language codes (xx_XX):<br />
* English: '''en_US'''<br />
* Finnish: '''fi_FI'''<br />
* French: '''fr_FR'''<br />
* German: '''de_DE'''<br />
* Polish: '''pl_PL'''<br />
* Portuguese: '''pt_BR'''<br />
* Spanish: '''es_ES'''<br />
* Swedish: '''sv_SE'''<br />
* Ukrainian: '''uk_UK'''<br />
|-<br />
||DefaultDateFormat<br />
||MM/dd/yyyy<br />
||Default date format that new user accounts get by default. The date format does not contain the time part (e.g. hours, minutes and seconds). Defined using the .Net date format (https://docs.microsoft.com/en-us/dotnet/standard/base-types/custom-date-and-time-format-strings).<br />
|-<br />
||DefaultFirstDayOfWeek<br />
||0<br />
||Default first day of the week that new user accounts get by default. '''0''' is Sunday and '''1''' is Monday. This information is used by the UI when showing e.g. calendars.<br />
|-<br />
||DefaultUse12HourClock<br />
||false<br />
||Defines whether the 12-hour clock is used by default (instead of the 24-hour clock) for the new user accounts when showing time information in the UI. Defined as '''true''' or '''false'''. More information about the 12-hour clock: https://en.wikipedia.org/wiki/12-hour_clock.<br />
|-<br />
|}<br />
<br />
== ETL Scripts Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||AllowExternalDatasources<br />
||true<br />
||Can be used to disallow all connections to external datasources in the expression language and SQL scripts to improve security. Disallowed operations include ODBC, OLE DB, SQL Server (Ado.Net), SAP, Salesforce, and call web service. Note that this setting does not prevent the Snowflake processing. Regardless of this setting, QPR ScriptLauncher can be used to extract data from source systems.<br />
|-<br />
||SandboxDatabaseConnectionString<br />
||<br />
||Connection string to scripting sandbox database (ETL). If not defined, SQL-based ETL scripts cannot be run. Connection string for the scripting sandbox database is similar to the [[Server_settings_in_appsettings.json|QPR ProcessAnalyzer database connection string]]. More information: [[Setting up Scripting Sandbox]].<br />
|-<br />
||AllowNonTemporaryETLTargetTable<br />
||false<br />
||Defined whether ETL scripts are allowed to create global temporary database tables (tables starting with ##). More information about temporary tables: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-table-transact-sql?view=sql-server-ver15#temporary-tables.<br />
|-<br />
||DatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to datatables.<br />
|-<br />
|SandboxDatabaseBulkCopyTimeout<br />
||600<br />
||Timeout used for data import operations to sandbox tables in the SQL scripts.<br />
|-<br />
||<span style="color:lightgrey;">DatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for QPR ProcessAnalyzer database SqlBulkCopy operations.<br />
|-<br />
||<span style="color:lightgrey;">SandboxDatabaseBulkCopyBatchSize</span><br />
||5000<br />
||BulkCopyBatchSize given for sandbox SqlBulkCopy operations.<br />
|}<br />
<br />
== In-memory Calculation Settings ==<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Default&nbsp;value !!Description<br />
|-<br />
||NumberOfParallelModelReaders<br />
||4<br />
||Models and datatable contents can be loaded with multiple simultaneous connections to the database to speed up the loading. This setting determines how many parallel loaders/readers at maximum (loaders are loading at the same time). For smaller models there are less parallel loaders than the defined limit: If there are less than 100000 rows in the table, there is only one loader. If there are less than 200000 rows in the table, there are only two loaders, and so on. <br />
<br />
The more there are parallel loaders, the more processor load and network bandwidth is consumed, and other operations in QPR ProcessAnalyzer might slow down. Note also that the performance optimum is achieved with a certain number of parallel loaders which differs between environment. Thus to achieve the best performance, data loading should be tested with different number of parallel loaders. Increasing number of parallel loaders beyond the optimum decreases the performance.<br />
<br />
|-<br />
||StartupModelLoadingMaxParallelism<br />
||2<br />
||Maximum number of QPR ProcessAnalyzer models that are loaded into memory simultaneously by the [[Automatic_Model_Loading_on_Server_Startup|Automatic Loading on Server Startup]]. If there are more models to be loaded on the server startup than this setting, loading for the rest of the models is started one by one when previous model loadings are completed. If this setting is not defined, '''2''' is used as a default value.<br />
<br />
Loading more models at the same time will speed up the whole model loading process, but on the other hand, it causes more load on the system, which affects the system responsiveness for users. Model loading consists of (1) transferring data from the datasource to QPR ProcessAnalyzer and (2) loaded data preprocessing into a model. The former uses mainly network bandwidth (if datasource is in a different server) and the latter uses mainly processor capacity in the QPR ProcessAnalyzer server. <br />
<br />
This setting affects only the model loading during the server startup and it doesn't restrict models loadings initiated by users.<br />
|}<br />
<br />
== SAML 2.0 Federated Authentication Settings ==<br />
Note that the SAMLMetadataUrl and ServiceProviderLocation are mandatory for the federated authentication to work. Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SAMLMetadataUrl<br />
||<br />
Metadata URL of the identity provider (IdP). Check that the metadata url can actually be opened using a web browser and is publicly available. The metadata is an XML document starting with '''<?xml version="1.0" encoding="UTF-8"?>''' followed by an '''EntityDescriptor''' tag. The metadata URL might look '''<nowiki>https://your.federated.identity.provider.com/saml/metadata</nowiki>'''. This setting is mandatory for the SAML authentication to work.<br />
|-<br />
||ServiceProviderLocation<br />
||<br />
Specifies the QPR ProcessAnalyzer server location (the root path which contains e.g. the ''ui'' folder). It's used by the url to redirect back to QPR ProcessAnalyzer after a successful authentication from the identity provider. The setting is defined in the following form: '''https://<hostname>/qprpa''', for example '''<nowiki>https://customer.onqpr.com/qprpa</nowiki>'''. Note that the actual redirect back url is '''https://<hostname>/qprpa/api/Saml2/Acs''' (/api/Saml2/Acs is automatically included to the url). This setting is mandatory for the SAML authentication to work. Note that if this reply url is configured the identity provider, it must match with the ServiceProviderLocation setting.<br />
|-<br />
||SAMLUserIdAttribute<br />
||<br />
Name of the SAML attribute in the assertion that will be used as the user's login name. If this field is not defined, the '''saml:Assertion''' > '''saml:Subject''' > '''saml:NameID''' attribute in the assertion is used. If this setting is given, one of the '''saml:Assertion''' > '''saml:AttributeStatement''' > '''saml:Attribute''' elements in the assertion is used (the '''Name''' attribute in the '''saml:Attribute''' element is used for matching). Please note that the saml:NameID element is different than the usual SAML attributes that are defined by the saml:Attribute elements. For example, if an email address is used as a user id, the value of the setting could be for example ''<nowiki>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</nowiki>''.<br />
|-<br />
||SAMLGroupsAttribute<br />
||Attribute name in SAML assertion that is mapped to user groups in QPR ProcessAnalyzer. The user group names are case sensitive. When a user logs in, the user is added to and removed from groups based on the information in the SAML assertion. If this setting is not configured, users are not added to or removed from groups automatically. Note that the user needs to login for the groups to be synchronized. If a group doesn't exist in QPR ProcessAnalyzer, that group is skipped.<br />
<br />
In the SAML assertion, attributes are in the saml:Assertion > saml:AttributeStatement > saml:Attribute elements (the Name attribute in the saml:Attribute element is used for matching).<br />
|-<br />
||SAMLEncryptionCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to encrypt SAML assertions. The public key of the certificate is published in the service provider metadata, where the identity provider can read it and encrypt SAML assertions. QPR ProcessAnalyzer as the service provider uses the corresponding private key of the certificate to decrypt SAML assertions. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. This setting is needed only when using the SAML assertions encryption. Even though this setting is defined, the SAML assertions are not required to be encrypted. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|-<br />
||SAMLSigningCertificate<br />
||This setting defines a PFX formatted X.509 certificate (defined in RCF 1422) used to sign SAML authentication requests sent from QPR ProcessAnalyzer to the identity provider. The public key of the certificate is published in the service provider metadata, where the identity provider can read it, to verify the authenticity of the SAML requests. The setting needs to be a PFX formatted certificate file that is base64 encoded and it doesn't contain the BEGIN CERTIFICATE etc. header or footer lines. If this setting is not defined, the internal hard-coded signing certificate is used. More information how to create the certificate file (https://stackoverflow.com/questions/16480846/x-509-private-public-key) and convert it to base64 (https://stackoverflow.com/questions/46959822/base-64-encoded-form-of-the-pfx-file).<br />
|}<br />
<br />
== OAuth 2.0 Authentication Settings ==<br />
Having both ExternalOAuthServerConfiguration and SAML authentication configured at the same time is not supported.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||ExternalOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for server that is used to authenticate the user signing in to ProcessAnalyzer. If not set, external OAuth server will not be used for authentication. If set, contains a string representation of a JSON object that supports the following properties:<br />
* '''Authority''' (string): OAuth authority URL for authentication. E.g., https://accounts.google.com/<br />
* '''Audience''' (string): Mandatory. OAuth audience/client ID for validating OAuth tokens.<br />
* '''AuthorizeUrlOverride''' (string): Override URL for the OAuth authorization endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''TokenUrlOverride''' (string): Override URL for the OAuth token endpoint. If empty or not defined, the default URL from the authority's discovery document is used.<br />
* '''UserInfoUrlOverride''' (string): Override URL to fetch user information from the OAuth provider. If empty or not defined, the default URL from the authority's discovery document is used. Should not be used if OpendID Connect is to be used as access token validation is skipped.<br />
* '''ClientSecret''' (string): OAuth client secret for confidential client authentication. If configured, this value is sent as the client_secret parameter when exchanging authorization codes for tokens.<br />
* '''Issuer''' (string): OAuth issuer for validating OAuth tokens. If empty, the authority URL's issuer is used.<br />
* '''UserNameClaim''' (string): Name of the claim whose value is to be used as the name of the authenticated user. The default value is "preferred_username".<br />
* '''UserGroupsClaim''' (string): Name of the claim whose value is to be used as the names of the user groups the authenticated user belongs to. The default value is "groups".<br />
|}<br />
<br />
== SMTP Server Settings ==<br />
SMTP server settings are needed for QPR ProcessAnalyzer to send email messages. Email sending is used by the [[Email_Notifications|notifications]] and the [[Generic_Functions_in_QPR_ProcessAnalyzer#SendEmail|SendEmail]] function in the expression language.<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||SmtpServer<br />
||DNS name, host name or IP address of the SMTP server. Mandatory setting for the email sending to work.<br />
|-<br />
||SmtpPort<br />
||TCP port number of the SMTP server. If not defined, port 25 is used by default.<br />
|-<br />
||SmtpAuthenticationUsername<br />
||User name for authenticating to the SMTP server. If not defined, no authentication is used to connect to the SMTP server.<br />
|-<br />
||SmtpFromAddress<br />
||Email address where email messages sent by QPR ProcessAnalyzer appear to be coming from. This doesn't need to be a real email address, although the address used may affect email spam filters. The setting configured here is the default email address to use in following cases:<br />
* ''From address'' is not set for the email notifications<br />
* ''From'' parameter is not defined for the expression language ''SendEmail'' function<br />
* ''EmailFrom'' parameter is not defined for the SQL Scripting SendEmail operation<br />
|-<br />
||SmtpAuthenticationPassword<br />
||Password for authenticating to the SMTP server.<br />
|-<br />
||SmtpEnableSSL<br />
||Use value '''True''' or '''False''' depending whether TLS connection to the SMTP server is used or not. If not defined, ''False'' is the default value.<br />
|}<br />
<br />
== MCP Server Settings ==<br />
MCP server settings are needed for QPR ProcessAnalyzer to act as an [[QPR_ProcessAnalyzer_as_MCP_Server|MCP server]].<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
||McpServerConfiguration<br />
||Used to configure the MCP server built-in to ProcessAnalyzer server. If not set, MCP server functionality is disabled and MCP clients can't access to this server using MCP. If set, contains a string representation of a JSON object that supports the following properties:<br />
* McpApiKey: If defined and not empty, defines the API key that can be used to connect to QPR ProcessAnalyzer MCP server without any other authentication. Default value is empty.<br />
|-<br />
||BuiltInOAuthServerConfiguration<br />
||Used to configure OAuth 2.0 compatible OAuth server settings for OAuth server built-in to ProcessAnalyzer server. If not set, built-in OAuth server functionality is disabled and clients can't connect to this server using OAuth. If set, contains a string representation of a JSON object that supports the following properties: <br />
* '''Issuer''' (string): OAuth issuer, which identifies a trusted authorization server that authenticates users and issues OAuth 2.0 access tokens and JSON Web Tokens (JWTs). If not defined or empty, default value is used, which is of format: <QPR ProcessAnalyzer server's base URL>/builtin-oauth. For example: https://example.com/builtin-oauth. The default value is empty.<br />
* '''AcceptedAudiences''' (array of strings): Array of strings that define all the accepted audiences this QPR ProcessAnalyzer server is serving. When authorizing user using OAuth, these values are matched with the audience-parameter (a.k.a. client id) of the authorization. Only requests with a value that matches a value in this array are accepted. If null, audience-parameters are not validated at all. Instead, all authorization requests will pass the audience validation check. This also enables [Dynamic Client Registration Protocol (DCR)](https://datatracker.ietf.org/doc/html/rfc7591). The default value is an empty array.<br />
* '''SigningKey''' (string): Signing key for the built-in OAuth identity provider. If empty, generates a non-deterministic key based on the physical system where QPR ProcessAnalyzer is running. NOTE: Once QPR ProcessAnalyzer server is restarted, these non-deterministic keys no longer work. If defined, string must contain the key either in PEM ([RFC 7468 PEM-encoded key](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsa.importfrompem?view=net-10.0)) or JSON ([RFC 7517](https://datatracker.ietf.org/doc/html/rfc7517)) format. The default value is empty.<br />
* '''TokenLifetimeSeconds''' (integer): Token lifetime in seconds for the built-in OAuth identity provider. After access token created by built-in gets older than this lifetime, it becomes unusable and a new token has to be created. The default value is 3600.<br />
* '''DisableExternalOAuthForwarding''' (boolean): Can be used to disable forwarding OAuth requests to any configured external OAuth authorization server or SAML identity provider. If set, a QPR ProcessAnalyzer's own login view functionality is always used when authorizing a user. The default value is false.<br />
Example configuration:<br><br />
<pre><br />
{<br />
"Issuer": "",<br />
"AcceptedAudiences": ["qpr-processanalyzer"],<br />
"SigningKey": "",<br />
"TokenLifetime": 3600<br />
}<br />
</pre><br />
|}<br />
<br />
== Readonly Information ==<br />
<br />
{| class="wikitable" style="text-align: left"<br />
!Name !!Description<br />
|-<br />
|<span style="color:lightgrey;">DatabaseVersion</span><br />
||Database schema version. It will be updated automatically when the newer version of QPR ProcessAnalyzer Server connects to the database and performs migration for the database schema.<br />
|-<br />
||<span style="color:lightgrey;">InitializationScriptDatabaseVersion</span><br />
||Database version that was when the database was initialized when the software was installed. Do not change this setting.<br />
|-<br />
||<span style="color:lightgrey;">MinimumDatabaseVersion</span><br />
||Minimum allowed database version for QPR ProcessAnalyzer Server connecting to the database. This is a legacy setting and it should not be used.<br />
|}</div>TeeHiet