Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
morenoju
Partner - Specialist
Partner - Specialist
‎2022-03-30 04:26 PM

GET Request to QRS API using Postman returns Qlik Sense login page

Hi all,

I've downloaded Postman desktop and I'm sending a GET request /qrs/app/full?Xrfkey=1234567890123456 adding the key X-Qlik-Xrfkey with 1234567890123456 as value.

I'm getting the Qlik Sense login page as response.

morenoju_0-1648671943329.png

How can I authenticate so I get an actual response to the GET?

Labels (1)
Labels

  • API

1,266 Views
0 Likes
1 Solution

Accepted Solutions
stefanstoichev123
Creator
Creator
‎2022-03-30 04:49 PM

There are few options:

- certificates - if you have access to QS certificates and port 4242 is accessible (from the machine where postman is running) then the certificates can be added to Postman  and start making requests on port 4242. For example: https://my-sense-instance.com:4242/qrs/about?Xrfkey=1234567890123456

- jwt - (personally i prefer this way) generate JWT token for a user and use virtual proxy that is set to JWT authentication and add the token to the headers request. Dont forget to add the virtual proxy prefix when making the requests https://my-sense-instance.com/prefix/qrs/about?Xrfkey=1234567890123456

- header - similar to JWT, create virtual proxy and set header authentication Personally i do not recommend this method because it might be quick and easy to set and use but its not secure (anyone with QMC access to the virtual proxies can use it with any user details)

- session cookie - if you have a valid proxy session then the session cookie can be added to postman. "Valid proxy session" means you have open Hub/QMC in a browser tab somewhere. From the browser tab (Chrome) DevTools -> Application -> Cookies you can find the session cookie

(All methods will require the X-Qlik-Xrfkey header to be present and its value to be equal to Xrfkey query param)

Stefan

View solution in original post

1,257 Views
2 Replies
stefanstoichev123
Creator
Creator
‎2022-03-30 04:49 PM

There are few options:

- certificates - if you have access to QS certificates and port 4242 is accessible (from the machine where postman is running) then the certificates can be added to Postman  and start making requests on port 4242. For example: https://my-sense-instance.com:4242/qrs/about?Xrfkey=1234567890123456

- jwt - (personally i prefer this way) generate JWT token for a user and use virtual proxy that is set to JWT authentication and add the token to the headers request. Dont forget to add the virtual proxy prefix when making the requests https://my-sense-instance.com/prefix/qrs/about?Xrfkey=1234567890123456

- header - similar to JWT, create virtual proxy and set header authentication Personally i do not recommend this method because it might be quick and easy to set and use but its not secure (anyone with QMC access to the virtual proxies can use it with any user details)

- session cookie - if you have a valid proxy session then the session cookie can be added to postman. "Valid proxy session" means you have open Hub/QMC in a browser tab somewhere. From the browser tab (Chrome) DevTools -> Application -> Cookies you can find the session cookie

(All methods will require the X-Qlik-Xrfkey header to be present and its value to be equal to Xrfkey query param)

Stefan

1,258 Views
morenoju
Partner - Specialist
Partner - Specialist
‎2022-03-31 03:54 PM
Author

In response to stefanstoichev123

@stefanstoichev123, thank you for your detailed response. I used your preferred method (jwt) and it worked.

1,219 Views