topic Re: HTTP GET call to /qps/user endpoint does not deliver session cookie in Integration, Extension & APIs

HTTP GET call to /qps/user endpoint does not deliver session cookie

frankpacker — Sat, 16 Nov 2024 17:19:19 GMT

Hi All,

I have a mashup that receives a Qlik ticket as a parameter in its URL. The ticket is issued via a server-side login form, and that portion of the process works fine.

The problem is that when the ticket is consumed by the mashup app by making an HTTP GET call to {server}/{virtual proxy}/qps/user?QlikTicket={received ticket} the session cookie is not delivered, and this action appears to kill the logged-in session on the Qlik server.

The expected response is received from making the GET request - the logged in user, directory etc is returned, but no cookie is set and immediately repeating the call with the same ticket returns the {session: "inactive"} response.

If I set the mashup to load a resource from the Qlik server with the ticket appended, the cookie is delivered and that works ok, but I need to be able do it via the HTTP GET call, not in HTML

The GET approach that I'm using is based on this post: https://community.qlik.com/t5/Qlik-Design-Blog/Authentication-with-the-Capability-APIs/ba-p/1470210

I'm using Qlik Sense Enterprise November 2020 SR7

Code that's executed when the parameter is present in the URL for http call (Angular):

this.http.get<any>("https://{server}/{virual proxy}/qps/user?QlikTicket="+ticket).subscribe(data => { if(data.userId) { this.isLoggedin.next(true); //informs the rest of the app that the session is live } })

Does anyone have any advice as to why the session cookie is not delivered, and the session on the Qlik server is completely destroyed?

Re: HTTP GET call to /qps/user endpoint does not deliver session cookie

NadiaB — Mon, 05 Apr 2021 20:36:39 GMT

Hi @frankpacker

Have you seen the following documentation already?

https://help.qlik.com/en-US/sense-developer/February2021/Subsystems/Platform/Content/Sense_PlatformOverview/Integration/expose-qlik-sense.htm

When using a web browser, the web browser sends a ticket to the proxy. The proxy then returns a cookie to the browser and this cookie is included in the communication with the Qlik associative engine.

When using a custom client, the client must set the cookie and provide it to the proxy.

Kind Regards.

Re: HTTP GET call to /qps/user endpoint does not deliver session cookie

andregas — Wed, 07 Apr 2021 12:48:11 GMT

Hi @frankpacker ,

I suggest you to verify the ticket using it in a browser calling the complete URL. Remember that ticket could be consumed only one time, so you should comment the QPS call in your script.

Another point to attention, I'm not an expert with JS, but it has a synchronous execution model. Maybe the JS engine execute the QPS call previously to have the ticket and variable ticket is empty at the get time.