https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1619260#M25735 <P>Hi,</P><P>When creating a NPrinting connection to a QlikSense App, you provide the proxy id, app id and also the identity. We're currently using the NPrinting service account (who has rootadmin rights on the QlikSense server), but this means that every NPrinting developer can access the data of all QlikSense apps? (In Sense Hub, it's restricted by the security rules).&nbsp;</P><P>Is there a way to put security on this? Is it a best practice to always use the service account as identity? All ideas are welcome.</P><P>Thanks.<BR />Jan</P> Mon, 02 Sep 2019 12:23:05 GMT JanFloren 2019-09-02T12:23:05Z https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1619260#M25735 <P>Hi,</P><P>When creating a NPrinting connection to a QlikSense App, you provide the proxy id, app id and also the identity. We're currently using the NPrinting service account (who has rootadmin rights on the QlikSense server), but this means that every NPrinting developer can access the data of all QlikSense apps? (In Sense Hub, it's restricted by the security rules).&nbsp;</P><P>Is there a way to put security on this? Is it a best practice to always use the service account as identity? All ideas are welcome.</P><P>Thanks.<BR />Jan</P> Mon, 02 Sep 2019 12:23:05 GMT https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1619260#M25735 JanFloren 2019-09-02T12:23:05Z https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1619361#M25737 <P>Well,</P><P>here are requirements regarding user used for creating connection:&nbsp;</P><P><A href="https://help.qlik.com/en-US/nprinting/June2019/Content/NPrinting/GettingStarted/HowCreateConnections/Connect-to-QlikSense-apps.htm" target="_blank">https://help.qlik.com/en-US/nprinting/June2019/Content/NPrinting/GettingStarted/HowCreateConnections/Connect-to-QlikSense-apps.htm</A></P><P>now regarding developers in NPrinting... Instead of using default security roles for develeopers you can create app specific roles and assign them to people who meant to be developers so they can only work on data they are allowed to see. Again - all well described in official documentation here:</P><P><A href="https://help.qlik.com/en-US/nprinting/June2019/Content/NPrinting/DeployingQVNprinting/Managing-roles.htm" target="_blank">https://help.qlik.com/en-US/nprinting/June2019/Content/NPrinting/DeployingQVNprinting/Managing-roles.htm</A></P><P>regards</P><P>Lech</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 02 Sep 2019 22:03:35 GMT https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1619361#M25737 Lech_Miszkiewicz 2019-09-02T22:03:35Z https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1619564#M25745 <P>Thanks for your input. The only downside of the roles aspect is that when people got removed from AD groups, this also needs to be updated... the security is no longer centralized.</P><P>Kind regards,</P><P>Jan</P> Tue, 03 Sep 2019 12:23:39 GMT https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1619564#M25745 JanFloren 2019-09-03T12:23:39Z https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1620353#M25776 <P>That is not true - roles can be managed via AD <SPAN>memberOf attribute</SPAN></P><P>details are obviously in official documentation:</P><P><A href="https://help.qlik.com/en-US/nprinting/June2019/Content/NPrinting/DeployingQVNprinting/Import-Users-Filters.htm#Import" target="_blank" rel="noopener">https://help.qlik.com/en-US/nprinting/June2019/Content/NPrinting/DeployingQVNprinting/Import-Users-Filters.htm#Import</A></P><P>&nbsp;</P><P>hope this helps <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Thu, 05 Sep 2019 03:38:09 GMT https://community.qlik.com/t5/Qlik-NPrinting/NPrinting-Creating-Connection-Full-Access/m-p/1620353#M25776 Lech_Miszkiewicz 2019-09-05T03:38:09Z