Skip to main content

Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

QlikWorld 2023, a live, in-person thrill ride. Save $300 before February 6: REGISTER NOW!
Showing results for 
Search instead for 
Did you mean: 

Security rules to enable user-initiated reload?

Hi everybody,

It's my turn to ask a question. I need to enable the user to reload his Sense App from the UI, while the App is published to a stream. I installed an extension from the Branch web site, and it works just fine when the app is not published, however once it's published I'm getting an error message "Access is denied".

Could someone explain to me in detail what security rule(s) need to get created in order to enable that? Should I enable Apps, Reload Tasks, Objects, etc...

thanks in advance,

Oleg Troyansky

25 Replies
Creator III
Creator III

Hi Oleg,

I am sure you might have imported your extension to the QMC extensions under Manage resources..

Once you import it should appear on the list and you select it and edit it and you see the below window with user access and you will have to give access

and next create a security rule as below screen shot:

save everything and use the extension in your app and republish to any stream you want and ask the users to whom you have given access to check..



Hi Chandrasheker,

thank you so much for your quick response. I tried the suggested, but the problem wasn't solved.

I think the issue is not to enable the extension for a user (all extensions are enabled for all users by default), but rather enabling the published App to be reloaded by the user - and for that, I can't find the correct security rule.

If you could possibly try the following extension:

Qlik Branch

and make it work for a published App, it would help me a great deal!

thanks in advance!

Oleg Troyansky

Not applicable


I have nothing to contribute, but I hope someone has a simple answer for this need. I too am working through the same scenario with the same extension. Unfortunately, I have very limited rights to my client's server, so I'm unable to test a solution.

The default security rule on our server only allows app owners to reload their own apps.

It would be great if someone could help us with creating a security rule that overrides the default rule and would allow a user to reload any app in a given stream.

Thanks for the original post! I'll follow and update you if I find a solution.



Contributor II
Contributor II

Anyone find the answer to this?  I'm running into the same problem.

Want to have a user with limited access (can not create new apps, can not edit an app), but I want them to be able to push the RELOAD button in the app from an extension and reload it dynamically.

I can't find the correct combination of security rules to make it work.  Just keep getting Access is Denied...


I'm in the same boat as Jonathan.

It works great for admins but I can't seem to get it working for users.

Partner - Contributor III
Partner - Contributor III

I was testing the new version of ReloadButton extension too, and it works fine when i used it with the user who was the current owner of the APP, but failed using another user.

I could solve it by making a little change in Security Rule proposed:

Resource filter:



(((resource.resourcetype="App" and"Everyone") or (resource.resourcetype="App.Object" and"Everyone" and resource.objectType = "app_appscript")))


Both in hub and QMC



See the text remarks at Resource filter, Conditions and Actions.

Partner - Contributor III
Partner - Contributor III


I know the post is older than a year. I had the same issue today. I solved it with giving the user special access to every data-connection used in the apps script:


Also you need to add a specific resource rule in the stream:


Tell me if you could solve this problem using my hints.

Best regards

Partner - Contributor III
Partner - Contributor III

I figured out a similiar solution, but unfortunately there is the impact after reloading the app, the user has access to the load script, data model and so on.

Same behaviour for the app owner also.


Hi Oliver,

Does the solution you figured work in Sense September 2018 version?