Qlik Sense Header Authentication 401 Error

Sonja_Bauernfeind — Mon, 21 Jun 2021 17:46:14 GMT

When setting up Header Authentication in Qlik Sense, the browser displays a 401 Error, "Could not authenticate the request: Expected an authentication header".

Environments:

Qlik Sense, all versions

Resolution:

This error means that the browser is not sending the required authorization headers.

For example, given a Virtual Proxy configuration as follows:

Setting	Value
Prefix	dynamic-header-auth
Authentication Method	Header authentication dynamic user directory
Header authentication header name	my-header
Header authentication dynamic user directory	$ud\\$id

Given a server with name qlikserver1.domain.local, this virtual proxy would be accessed at https://qlikserver1.domain.local/dynamic-header-auth/hub with the header my-header: some-user\some-domain.

Testing with the ModHeader Extension for Chrome:
In the below example, the "ModHeader" Chrome browser extension is used to inject the headers. If the headers are not provided, then the error "Could not authenticate the request: Expected an authentication header" is thrown.

Testing with Powershell:
You can use Powershell's Invoke-WebRequest method to verify this functionality as well, if you do not want to or are not able to install Chrome or the ModHeader extension.

$hdrs = @{}
$hdrs.Add("my-header","some-domain\some-user")
$url = "https://qlikserver1.domain.local/dynamic-header-auth/hub"
Invoke-WebRequest -Uri $url -Method Get -Headers $hdrs

An example successful response:

StatusCode        : 200
StatusDescription : OK
Content           : <!doctype html>
                    <html lang="en">...

An example error response:

Invoke-WebRequest : <!doctype html>
<html>
    <head>
        <meta charset="utf-8"/>
        <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
        <meta name="google" value="notranslate"/>
        <title>401 - Http code: 401</title>....

Qlik does NOT support the 3rd party software mentioned and used in this documentation. Please use them at your own discretion and, if concerned, contact the proper IT team within your company to verify the ability to use non-Qlik related software in the environment.?

These examples/code are made available "AS IS" without warranty of any kind. Qlik support agreement does NOT cover support for this code, please use at your own discretion and, if concerned, contact the proper IT team within your company.

Re: Qlik Sense Header Authentication 401 Error

abadreamer — Fri, 04 Sep 2020 20:01:48 GMT

problem in this post is that this chrome extension sets the header in all requests not only in the first request , which can't be done if you are trying to implement this behavior from a mobile app web view

Normally you should set the header in first request and then in subsequent child requests qlik should depend on the value provided in the session cookie

Re: Qlik Sense Header Authentication 401 Error

david_kesselhei — Wed, 28 Oct 2020 14:52:25 GMT

I am trying to reverse proxy an app with header authentication and I am having this issue (using nginx). It works with the named extension but not when using nginx. Anybody an idea?

Re: Qlik Sense Header Authentication 401 Error

Sonja_Bauernfeind — Tue, 03 Nov 2020 15:46:53 GMT

Hello @david_kesselhei For better visibility, I would recommend heading over to our Qlik Sense Integration forums and post your question there, including any and all supporting information that you can gather (screen caps/log files, etc).

article Qlik Sense Header Authentication 401 Error in Official Support Articles

Qlik Sense Header Authentication 401 Error

Resolution:

Re: Qlik Sense Header Authentication 401 Error

Re: Qlik Sense Header Authentication 401 Error

Re: Qlik Sense Header Authentication 401 Error