Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
See why IDC MarketScape names Qlik a 2025 Leader! Read more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
DejeanIN
Contributor
Contributor
‎2025-03-21 06:53 AM

External authentication (JWT or Ticket)

Hello everyone, 
I'm currently working at the following scenario:

- We have a web system

- We have Qlik Sense (in the cloud)

 

In order to make it easier for our users that are already authenticated, we'd like to have a menu item in our system, called something like "Go to the Dashboard".... That redirects the user

to the Qlik hub already authenticated. (So the user don't need to retype its password and userId).

What I have tried so far:

- JWT - I've created a virtual proxy that accepts JWT auth.... It works when Authorization Bearer is sent in the header. However, I can't "redirect" the user from our system to Qlik with it, because the browser removes the header on the redirection step.

- Web Ticketing = Still working on... Once I have a ticket, will I be able to send my user to /hub and then will it be authenticated for the next requests? (I read the ticket has a 1 minute time expiration). Do I have to open port 4243 on the Qlik Sense machine? How ab out the machine I'm sending the request? I'm getting a Timed Out error in the URL 

 

Labels (2)
Labels
440 Views
3 Replies
alex_colombo
Employee
Employee
‎2025-03-21 09:34 AM

Hey, you said you have Qlik Sense in the cloud, I guess you meant you have Qlik Sense on prem installed in a cloud machine, correct?

In this scenario we usually try to have same IdP for both Web app and Qlik Sense, this will create a SSO. When this is not possible you can use JWT or Ticket auth as you mentioned.

For JWT, you have to set up a Virtual Proxy and before redirect the user, you have to get a Qlik resource attaching JWT token. This will generate Qlik cookie and it will be attached to the session. Then, we you will redirect the user to Qlik hub you are already authenticated.

Same for ticket, you have to first get a ticket using QPS APIs, then get a Qlik resource consuming the ticket (attach the ticket as url param ?qlikTicket=_qlikTicket_), and finally this will generate Qlik cookie.

 

406 Views
0 Likes
DejeanIN
Contributor
Contributor
‎2025-03-21 10:14 AM
Author

In response to alex_colombo

Thank you for answering! Yes, you are correct. Qlik Sense on prem installed in a cloud machine.


Do you think it's possible to achieve this JWT flow solely on Javascript? For example, using fetch? By consuming a resource, what do you suggest? (Sorry, I'm new to Qlik, still trying to figure things out)

402 Views
0 Likes
alex_colombo
Employee
Employee
‎2025-03-27 05:04 AM

it is possible to achieve JWT flow using Javascript. You have to built a backend service for creating the JWT token, and pass the token to your front end.

For getting a Qlik resource you can call a simple API end point or getting a small image (https://_qlikServer_/content/Default/Qlik_default_orange.png).

311 Views
0 Likes