Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Do More with Qlik - Qlik Cloud Analytics Recap and Getting Started, June 19: REGISTER
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
_Johan
Partner - Contributor III
Partner - Contributor III
‎2024-05-07 07:50 AM

How to use data-get-access-token variable

Hi,

In the example of getting the impersonation access token data-get-access-token is associated with the function that fetches the access token.
If I already have the access token because I fetched it earlier, how would I format it so that it fits the variable or if I have to, set it in the function getAccessToken()?

 

Labels (3)
Labels
375 Views
1 Solution

Accepted Solutions
_Johan
Partner - Contributor III
Partner - Contributor III
‎2024-05-16 09:03 AM
Author

In response to _Johan

I was wrong. The response from getAccessToken should only be the token itself in a string without anything else.

I tried that after reading this post and looking at oauth-token-exchange.
With that the embedding started.

Final answer seems to be that:
data-get-access-token takes a string which is the name of a function.
That function should return the access token in a string 


View solution in original post

177 Views
0 Likes
7 Replies
DaveChannon
Employee
Employee
‎2024-05-07 01:31 PM

Hey @_Johan, our examples use client-side javascript to place the token into the head tag on page load, is there a use case where you don't want to do this?

352 Views
0 Likes
_Johan
Partner - Contributor III
Partner - Contributor III
‎2024-05-07 03:25 PM
Author

In response to DaveChannon

HI @DaveChannon,

I am trying to embed a multi-tenant qlik solution in a single page application where different users should use different tenants.

Thus, it would be good if I could do these parts in the body since they are dynamic depending on which user it is. And it is very easy for me to fetch the token on the server and present a contextual page ( where tenant id and access tokens are set depending on the user) instead of letting the client call a function to get the token.

 

336 Views
0 Likes
_Johan
Partner - Contributor III
Partner - Contributor III
‎2024-05-08 02:46 AM
Author

In response to DaveChannon

Hi @DaveChannon,
Is there something that is hard coded into qlik-embed that makes placing the script setting the token in the body impossible?

Would it work if the setup part is placed in one body and the embedding placed in another body at least one navigation away? Or can I re-initialize qlik somehow?

290 Views
0 Likes
_Johan
Partner - Contributor III
Partner - Contributor III
‎2024-05-15 07:43 AM
Author

Currently I have tried to inject a version of the getAccessToken function into my head and it appears there.
But it doesn't seem to be triggered when the page with embedding is loaded.

if (document.readyState !== 'loading') {
  var s = document.createElement("script");
  s.textContent = 'function getAccessToken() {console.error("read access token"); const response = ' + json_TokenString + '; return response.text();}';
  document.head.appendChild(s);
}

The console error log doesn't show up.

Also I get a 401 on the api call <tenant>/api/v1/users/me even though I can test it with the access token I have.
There is also a lot of cookie warnings

Preview file
101 KB
232 Views
0 Likes
DaveChannon
Employee
Employee
‎2024-05-16 06:58 AM

You need to be particular with the load order if injecting the head - take a look at the example here to see how it's done (e.g. head, then the qlik-embed tags): https://replit.com/@withdave/qlik-embed-auto-objects 

200 Views
_Johan
Partner - Contributor III
Partner - Contributor III
‎2024-05-16 07:40 AM
Author

In response to DaveChannon

Hi @DaveChannon,
Yes, the order is very important.

I have found out why this getAccessToken didn't execute though.
I had missed the camel case in the injection of the function name in the data-get-access-token variable. In my other injection script I had:

var s = document.createElement("script");
s.dataset.getaccesstoken = "getAccessToken";
s.dataset.authtype = "oauth2";
document.head.appendChild(s);


Instead of:

var s = document.createElement("script");
s.dataset.getAccessToken = "getAccessToken";
s.dataset.authType = "oauth2";
document.head.appendChild(s);



And to answer my other questions:
data-get-access-token seems to take a string which is the name of a function and the return string of that function seems to be formatted like this:
{"access_token":"eyLnlYPf3..............mKxI1lqmgbxOn5Ywi","scope":"user_default","token_type":"bearer","expires_at":"2024-05-16T16:53:52.000Z","expires_in":21600}

The token exchange API call can use that format at least. Even though it is currently failing for me for unclear reasons

196 Views
0 Likes
_Johan
Partner - Contributor III
Partner - Contributor III
‎2024-05-16 09:03 AM
Author

In response to _Johan

I was wrong. The response from getAccessToken should only be the token itself in a string without anything else.

I tried that after reading this post and looking at oauth-token-exchange.
With that the embedding started.

Final answer seems to be that:
data-get-access-token takes a string which is the name of a function.
That function should return the access token in a string 


178 Views
0 Likes