https://community.qlik.com/t5/Integration-Extension-APIs/QlikSense-qlikTicket-CORS-Issue/m-p/1265426#M6934 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>I am currently trying to create an external QlikSense mashup. The issue I am currently running into is a CORS issue when trying to send the qlikTicket over to the Qlik server.</P><P></P><P>Ideal Setup/Flow is currently like this:</P><P>1. User inputs login credentials into angular frontend. These credentials are passed to backend via RestAPI.</P><P>2. Java backend then verifies login credentials before asking qlik server for a ticket number. This ticket is passed to the frontend.</P><P>3. Frontend then makes a $http.get() request to a darknoise url with the ticket as a query parameter to get the cookie to authenticate the session.</P><P>4. Redirect browser to application that is using require.js (since you have to be authenticated to access this resource). </P><P></P><P>Both backend and frontend are external to Qlik.</P><P></P><P>At step 3, I am running into the CORS issue. I've tried adding various configurations to Additional Response Headers in the virtual proxy section involving Access-Control-Allow-Origin including * and my host. Neither worked.</P><P></P><P>Does anyone have any ideas as to why this isn't working or suggestions for how I can authenticate my session from an external mashup without directing the user away from the webpage and to the qlik server?</P><P></P><P>My current workaround is loading a hidden iframe with the qlik url including the ticket. This works, however, in order to dynamically create the iframe url, I have to $sce.trustAsResourceUrl the image, which causes a MIME type issue that stops the application from progressing until clicking again.</P><P></P><P>Thank you,</P></BODY></HTML> Fri, 24 Feb 2017 21:10:05 GMT 2017-02-24T21:10:05Z https://community.qlik.com/t5/Integration-Extension-APIs/QlikSense-qlikTicket-CORS-Issue/m-p/1265426#M6934 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>I am currently trying to create an external QlikSense mashup. The issue I am currently running into is a CORS issue when trying to send the qlikTicket over to the Qlik server.</P><P></P><P>Ideal Setup/Flow is currently like this:</P><P>1. User inputs login credentials into angular frontend. These credentials are passed to backend via RestAPI.</P><P>2. Java backend then verifies login credentials before asking qlik server for a ticket number. This ticket is passed to the frontend.</P><P>3. Frontend then makes a $http.get() request to a darknoise url with the ticket as a query parameter to get the cookie to authenticate the session.</P><P>4. Redirect browser to application that is using require.js (since you have to be authenticated to access this resource). </P><P></P><P>Both backend and frontend are external to Qlik.</P><P></P><P>At step 3, I am running into the CORS issue. I've tried adding various configurations to Additional Response Headers in the virtual proxy section involving Access-Control-Allow-Origin including * and my host. Neither worked.</P><P></P><P>Does anyone have any ideas as to why this isn't working or suggestions for how I can authenticate my session from an external mashup without directing the user away from the webpage and to the qlik server?</P><P></P><P>My current workaround is loading a hidden iframe with the qlik url including the ticket. This works, however, in order to dynamically create the iframe url, I have to $sce.trustAsResourceUrl the image, which causes a MIME type issue that stops the application from progressing until clicking again.</P><P></P><P>Thank you,</P></BODY></HTML> Fri, 24 Feb 2017 21:10:05 GMT https://community.qlik.com/t5/Integration-Extension-APIs/QlikSense-qlikTicket-CORS-Issue/m-p/1265426#M6934 2017-02-24T21:10:05Z