Qlik Sense - Single Sign on for QMC - Qlik Community

dbaksa_wit · ‎2019-12-12

I have a customer that has asked me if the Sense QMC can be configured for Single Sign-on.

They have very strict security rules and would like to enable SSO for the QMC

Any information is appreciated?

Thanks in Advance

Dan Baksa

analienx · ‎2019-12-12

If the virtual proxy has windows authentication and you are using the same account and domain for Qlik Sense then users would not need to enter credentials while logging-in.

Check this out for more info:

https://support.qlik.com/articles/000042375

dbaksa_wit · ‎2019-12-12

I should clarify that the customer wants to use SAML authentication for the QMC

?????

Levi_Turner · ‎2019-12-12

Short answer: Yes.

Long answer:

Let's start with principles.

Qlik Sense Proxy Service: This is a web server
Virtual Proxy: This is a method of authentication
Hub & QMC: These are endpoints or websites that are hosted by the Qlik Sense Proxy Service

A single Qlik Sense Proxy Service can have one to many methods of authentication and thus the endpoints or websites which it hosts can use those methods of authentication.

When installing Qlik Sense Enterprise on Windows, a default, Windows-based Virtual proxy is created. This is because every site where Qlik is installed supports this, be it using domain users or local users. This virtual proxy has no prefix out of the box. So when you access https://qliksense.company.com/qmc you are using the prefixless virtual proxy which uses Windows.

This default virtual proxy can had a prefix added (e.g. windows, win, default). Such that in order to access the QMC using the Windows method, the user would need to access https://qliksense.company.com/prefix/qmc.

This then allows you to create a new virtual proxy to support your SSO needs (SAML, JWT, Ticketing, Header, etc), which does not require a prefix.

Qlik Sense - Single Sign on for QMC

qmc access

SINGLE SIGN ON WITH SAML