We are building a POC custom connector using QVX SDK that will be used inside Qlik Sense HUB.
This connector is expected implement OAuth flow and execute data product APIs.
In this POC,
- User will be using Qlik Sense HUB to create connection using custom connector
- Custom connector will help user to authenticate and store the tokens in-memory ticket store
- When an user executes the custom connector to retrieve data from APIs, the custom connector should detect who the user is and retrieve the tokens from in-memory cache and execute the API call.
We have below questions while implementing the flow,
1. Are there any means to acquire the executing user’s context such as id, username..etc in the .exe (QVX Custom connector) without associating the user details in connection string?
2. Qlik admins can see all the connections created by users and are able to execute the APIs on behalf of them. This breaches our security model. Are there any settings/configurations that prevents Qlik Admins using other users’ connections?