article Qlik Cloud: Call Qlik APIs using JWT authentication (PowerShell) in Official Support Articles https://community.qlik.com/t5/Official-Support-Articles/Qlik-Cloud-Call-Qlik-APIs-using-JWT-authentication-PowerShell/ta-p/2467423 <P>This is a sample of how to call the Qlik Cloud APIs to assign an Analyzer license to a user with PowerShell/JWT authentication.</P> <P>&nbsp;</P> <H4><FONT color="#339966">Environment</FONT></H4> <UL> <LI><LI-PRODUCT title="Qlik Cloud" id="qlikSenseEnterpriseSaaS"></LI-PRODUCT>&nbsp;</LI> </UL> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Resolution</STRONG></FONT></H3> <P>In order to call Qlik Cloud API with JWT authentication, the first step is to call <FONT face="courier new,courier">POST /login/jwt-session</FONT>&nbsp;to get the necessary cookies. Which API can be called depends on the privileges the JWT user has been assigned.</P> <P>&nbsp;</P> <LI-CODE lang="csharp">[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $hdrs = @{} # Put your JWT token here $hdrs.Add("Authorization","Bearer eyJhbGciOiJSU...pgacN8QqAjKug") $url = "https://tenant.ap.qlikcloud.com/login/jwt-session" $resp = Invoke-WebRequest -Uri $url -Method Post -ContentType 'application/json' -Headers $hdrs #Fetch all required cookies $AWSALB= [Regex]::Matches($resp.RawContent, "(?&lt;=AWSALB\=).+?(?=; Expires)") $AWSALBCORS= [Regex]::Matches($resp.RawContent, "(?&lt;=AWSALBCORS\=).+?(?=; Expires)") $eassid= [Regex]::Matches($resp.RawContent, "(?&lt;=eas.sid\=).+?(?=; path)") $eassidsig= [Regex]::Matches($resp.RawContent, "(?&lt;=eas.sid.sig\=).+?(?=; path)") $csrftoken= [Regex]::Matches($resp.RawContent, "(?&lt;=_csrfToken\=).+?(?=; path)") $csrftokensig= [Regex]::Matches($resp.RawContent, "(?&lt;=_csrfToken.sig\=).+?(?=; path)") $allCookies = "AWSALB="+$AWSALB.Value+";AWSALBCORS="+$AWSALBCORS.Value+";eas.sid="+$eassid.Value+";eas.sid.sig="+$eassidsig.Value+";_csrfToken="+$csrftoken.Value+";_csrfToken.sig="+$csrftokensig.Value $session = New-Object Microsoft.PowerShell.Commands.WebRequestSession foreach ($cookiePair in $allCookies.Split((";"))) { $cookieValues = $cookiePair.Trim().Split("=") $cookie = New-Object System.Net.Cookie $cookie.Name = $cookieValues[0] $cookie.Value = $cookieValues[1] $cookie.Domain = "tenant.ap.qlikcloud.com" $session.Cookies.Add($cookie); } $hdrs = @{} #Request that modify content such as POST/PATCH requests need the Qlik-Csrf-Token header $hdrs.Add("Qlik-Csrf-Token",$csrftoken.value) $body = '{"add":[{"subject":"DOMAIN\\user1","type":"analyzer"}]}' $url = "https://tenant.ap.qlikcloud.com/api/v1/licenses/assignments/actions/add" Invoke-RestMethod -Uri $url -Method Post -Headers $hdrs -Body $body -WebSession $session</LI-CODE> <P>&nbsp;</P> Wed, 03 Jul 2024 05:38:01 GMT Damien_V 2024-07-03T05:38:01Z Qlik Cloud: Call Qlik APIs using JWT authentication (PowerShell) https://community.qlik.com/t5/Official-Support-Articles/Qlik-Cloud-Call-Qlik-APIs-using-JWT-authentication-PowerShell/ta-p/2467423 <P>This is a sample of how to call the Qlik Cloud APIs to assign an Analyzer license to a user with PowerShell/JWT authentication.</P> <P>&nbsp;</P> <H4><FONT color="#339966">Environment</FONT></H4> <UL> <LI><LI-PRODUCT title="Qlik Cloud" id="qlikSenseEnterpriseSaaS"></LI-PRODUCT>&nbsp;</LI> </UL> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Resolution</STRONG></FONT></H3> <P>In order to call Qlik Cloud API with JWT authentication, the first step is to call <FONT face="courier new,courier">POST /login/jwt-session</FONT>&nbsp;to get the necessary cookies. Which API can be called depends on the privileges the JWT user has been assigned.</P> <P>&nbsp;</P> <LI-CODE lang="csharp">[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $hdrs = @{} # Put your JWT token here $hdrs.Add("Authorization","Bearer eyJhbGciOiJSU...pgacN8QqAjKug") $url = "https://tenant.ap.qlikcloud.com/login/jwt-session" $resp = Invoke-WebRequest -Uri $url -Method Post -ContentType 'application/json' -Headers $hdrs #Fetch all required cookies $AWSALB= [Regex]::Matches($resp.RawContent, "(?&lt;=AWSALB\=).+?(?=; Expires)") $AWSALBCORS= [Regex]::Matches($resp.RawContent, "(?&lt;=AWSALBCORS\=).+?(?=; Expires)") $eassid= [Regex]::Matches($resp.RawContent, "(?&lt;=eas.sid\=).+?(?=; path)") $eassidsig= [Regex]::Matches($resp.RawContent, "(?&lt;=eas.sid.sig\=).+?(?=; path)") $csrftoken= [Regex]::Matches($resp.RawContent, "(?&lt;=_csrfToken\=).+?(?=; path)") $csrftokensig= [Regex]::Matches($resp.RawContent, "(?&lt;=_csrfToken.sig\=).+?(?=; path)") $allCookies = "AWSALB="+$AWSALB.Value+";AWSALBCORS="+$AWSALBCORS.Value+";eas.sid="+$eassid.Value+";eas.sid.sig="+$eassidsig.Value+";_csrfToken="+$csrftoken.Value+";_csrfToken.sig="+$csrftokensig.Value $session = New-Object Microsoft.PowerShell.Commands.WebRequestSession foreach ($cookiePair in $allCookies.Split((";"))) { $cookieValues = $cookiePair.Trim().Split("=") $cookie = New-Object System.Net.Cookie $cookie.Name = $cookieValues[0] $cookie.Value = $cookieValues[1] $cookie.Domain = "tenant.ap.qlikcloud.com" $session.Cookies.Add($cookie); } $hdrs = @{} #Request that modify content such as POST/PATCH requests need the Qlik-Csrf-Token header $hdrs.Add("Qlik-Csrf-Token",$csrftoken.value) $body = '{"add":[{"subject":"DOMAIN\\user1","type":"analyzer"}]}' $url = "https://tenant.ap.qlikcloud.com/api/v1/licenses/assignments/actions/add" Invoke-RestMethod -Uri $url -Method Post -Headers $hdrs -Body $body -WebSession $session</LI-CODE> <P>&nbsp;</P> Wed, 03 Jul 2024 05:38:01 GMT https://community.qlik.com/t5/Official-Support-Articles/Qlik-Cloud-Call-Qlik-APIs-using-JWT-authentication-PowerShell/ta-p/2467423 Damien_V 2024-07-03T05:38:01Z