topic Re: JWT Auth in Qlik Cloud in Integration, Extension & APIs

JWT Auth in Qlik Cloud

Jason_ca — Fri, 22 Oct 2021 20:13:52 GMT

We are trying to get Qlik Cloud to work using JWT auth, we followed all steps in this article Create Signed Tokens for JWT Authorization | Qlik Developer Portal, and also configured the web integration for the test origin, but couldn't get it to work. We are using following test code, and always get 401 error, not sure what is wrong or missing. I wonder if anyone who did this before can shed some light, thanks.

Re: JWT Auth in Qlik Cloud

Vinay_B — Fri, 22 Oct 2021 21:02:28 GMT

Hi @Jason_ca

By default, JWT authentication is not enabled on the license. It has to be approved by the Product management team.

Does your license has JWT enabled? If not reach out to your Qlik account manager or Customer support who can help you with enabling the JWT on your license.

I hope this helps!

Re: JWT Auth in Qlik Cloud

Jason_ca — Fri, 22 Oct 2021 21:16:41 GMT

Thank you @Vinay_B , I will follow up with our Qlik account manager and let you know the result.

Thanks again for your quick response!

Jason

Re: JWT Auth in Qlik Cloud

Damien_V — Mon, 25 Oct 2021 06:15:20 GMT

Hello,

And even if that was enabled, it's not enough to send the JWT token to any endpoint in Qlik Sense SaaS, there is a specific endpoint used to initiate the JWT authentication session (https://**********.us.qlikcloud.com/login/jwt-session)

So the code would have to look like something like this:

return fetch("https://**********.us.qlikcloud.com/login/jwt-session", { method: 'POST', mode: 'cors', credentials: 'include', headers: { 'qlik-web-integration-id': '##########', 'Authorization': 'Bearer eyJhbGciOiJSUxQ7Ntgare5QTKqENgcY78dgWUYIN54QwRuspk37tVOcdR2vv3KjAZQ6###########' },

Re: JWT Auth in Qlik Cloud

Jason_ca — Tue, 26 Oct 2021 13:54:16 GMT

Thank you Damien, but now I'm getting a 404 error.

Re: JWT Auth in Qlik Cloud

Jason_ca — Tue, 26 Oct 2021 13:57:48 GMT

We confirmed with Qlik account manager, the JWT is already enabled, but still we could not get this to work.

Re: JWT Auth in Qlik Cloud

Damien_V — Tue, 26 Oct 2021 14:04:59 GMT

In your screenshot, it's showing you're doing a GET request to /login/jwt-session instead of a POST, that's why it returns 404.

The javascript code should be something like this:

Re: JWT Auth in Qlik Cloud

Jason_ca — Tue, 26 Oct 2021 14:08:44 GMT

I changed the end point url to 'https://******.us.qlikcloud.com/api/v1/login/jwt-session', seems it exists but now I'm getting a blocked error by CORS policy:

Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'.

Is there a setting I missed when set up the Web integration?

Thanks.

Re: JWT Auth in Qlik Cloud

Damien_V — Tue, 26 Oct 2021 14:27:46 GMT

Indeed, that looks like the web integration might not have been set up correctly. Here's mine:

Re: JWT Auth in Qlik Cloud

Jason_ca — Tue, 26 Oct 2021 14:35:44 GMT

Thank you Damien, I changed the method to POST with end point URL (https://**********.us.qlikcloud.com/login/jwt-session)), and it worked like magic, thank you very much for your help!

Re: JWT Auth in Qlik Cloud

david_hg96 — Wed, 30 Aug 2023 23:08:36 GMT

Hi!

What can I do if cannot see the JTW option in "Identity Provider" config? I am Tenant Admin. As this article suggest: https://qlik.dev/authenticate/jwt/create-signed-tokens-for-jwt-authorization

Regards.

DHG