Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hello,
I just setup a new tenant in Qlik Cloud Services. I am trying to configure Auth0 to allow new users to be able to login to the site.
I am not able add new users.
I did get the auth0 IdP working in the sense that the validation works successfully. But if I add users in the auth0 site - Qlik Sense CS does not see it...or allow that new account to login.
Am I missing something? Does anyone have guidance for setting this up?
If you have experience with Qlik Sense Enterprise previous to this, like let's say on Windows, then think of QCS as QSE without a User Directory Connector.
For QCS specifically it has no awareness of what is done on the IdP side until the user logs in. If the user cannot login it's not because QCS does or does not have an awareness that the user exists. When the user accesses the QCS tenant, what happens? What are the steps which the user goes through? For example: tenant.us.qlikcloud.com > Auth0 Login screen > ???
Users are added when they login. So the inability to login is the issue. Can you shed more details into that?
That is correct. New users are not able to login.
Let's say I create a new user in auth0. That new user is not recognized (i.e. unable to login) when they attempt to access the QCS site.
Generally speaking, How do I add new users to the environment? Clearly you can't create a user within QCS. So my thought is that you'd add them in the IdP directory. But that doesn't seem to be working either.
Thanks for your help
If you have experience with Qlik Sense Enterprise previous to this, like let's say on Windows, then think of QCS as QSE without a User Directory Connector.
For QCS specifically it has no awareness of what is done on the IdP side until the user logs in. If the user cannot login it's not because QCS does or does not have an awareness that the user exists. When the user accesses the QCS tenant, what happens? What are the steps which the user goes through? For example: tenant.us.qlikcloud.com > Auth0 Login screen > ???
Okay.
So when the user goes to the site (tenant.us.qlikcloud.com) > Qlik Login screen (appears to come from Qlik, not auth0) > enter credentials > goes to 403 forbidden message.
I attached the resulting image and the login screen image.
@AdamSawyer : Thoughts?
Hey Curt,
I just sent you an email to gather some more details.
Adam Sawyer
This document might help.
The login screen shown at https://community.qlik.com/t5/Qlik-Sense-Multi-Cloud/QCS-Auth0-setup-and-configuration-How-to-add-ne... is the Qlik IdP login screen (the default IdP before you configure and activate your own IdP), not your own Auth0 IdP.
To add your own Auth0 IdP, you must configure it successfully in the Management Console (/console after logging it as administrator) and then set it as "active". Please confirm that you have done this.
The toggle to activate an IdP that has been successfully configured and tested can be found here:
Once you've activated your own IdP, visiting your tenant URL should bring you to your own Auth0 login screen, not the Qlik login. From there, any user setup with access on your Auth0 IdP should be able to login to Qlik Sense.
This explains the issue.
We must create / manage the users allowed to access the site using the IdP (and from within the IdP). Once the user has logged in we can manage the user's authorization to various assets.
Thanks all who contributed.