This is the 3rb blog for the QlikBotNode. The first one was on how to install and run the bot with Telelgram, Qlik Sense Bot with Node.js and Enigma.js and the second one was on how to connect with skype, QlikBotNode for Microsoft Skype


So far I had all of the connections done over the anonymous proxy. There were a lot of people that ask me about security and how to authenticate users. There are a lot of ways like header auth, autoticketing, jwt etc In this blog I will explain how to authenticate with the Qlik Sense Enterprise Certificates.


The concept is taken from Enigma.js's page enigma.js/examples/authentication/sense-using-certificates at master · qlik-oss/enigma.js · GitHub.

  • Take the certificates from your server and add them under


  • Get the Certs from your Qlik Sense Enterprise Server and place them under app/server/certs/yourserver/
  • Add in your /app/server/Config.json auth: true and userDirectory: "QLIKBOTNODE"
"qvf": {
   "helpdesk": {
   "host": "",
   "appId": "",
      "auth" : true,
      "userDirectory": "QLIKBOTNODE"


  • Change the /app/server/models/utilities/Enigma.js class to this
async connect() {
   try {
      // Default for anonymous connection
      let connectionSchema = {
         url: (this._input.appId) ? `wss://${}/app/${this._input.appId}` : `wss://${}/app/engineData`,
         createSocket: url => new WebSocket(url, {
            rejectUnauthorized: false
      // Proceed with Authenticating a user
      if (this._input.auth && this._input.userDirectory && this._input.userId) {
         const certificatesPath = `../../certs/${}/`;
         const readCert = filename => fs.readFileSync(path.resolve(__dirname, certificatesPath, filename));
         connectionSchema = {
            url: `wss://${}:4747/app/${this._input.appId}`,
            createSocket: url => new WebSocket(url, {
               rejectUnauthorized: false,
               ca: [readCert('root.pem')],
               key: readCert('client_key.pem'),
               cert: readCert('client.pem'),
               headers: {
                  'X-Qlik-User': `UserDirectory=${encodeURIComponent(this._input.userDirectory)}; UserId=${encodeURIComponent(this._input.userId)}`,
      this.session = await enigma.create(connectionSchema); = await;
      if (this._input.appId) { = await;
      }"Loaded!", { model: `models/utilities/Enigma::connect()` });
      return true;
   catch (error) {`error: ${error}`, { model: `models/utilities/Enigma::connect()` });
      return error;


  • In your route just pass the config with the auth
let input = qvf;
if (qvf.auth) input.userId =;
shared.engine = await new site.Enigma(input);


In the QMC you should see

2018-02-06 09_55_07-Users - QMC.png

That's it!

Latest code: GitHub - qlik-bots/QlikBotNode: QlikBotNode is a server build in Node.js, Express.js, Enigma.js and MySql that connects …