Skip to main content
Announcements
Global Transformation Awards! Applications are now open. Submit Entry
cancel
Showing results for 
Search instead for 
Did you mean: 
lcavinat24
Contributor II
Contributor II

Impersonification in API mashup

Hi everyone,

is it possible to call a qlik sense api from mashup (with Qlik sense on prem), making sure that in the mashup the authenticated user is actually the logged in user, but the api is launched as if it were another user?

So login with my user, and then click a button that launch an api as if i am another user, for example to launch a reload of an app as if it were launched by the scheduler user and not the actual user.

Thanks

Labels (3)
5 Replies
alex_colombo
Employee
Employee

Hey @lcavinat24 why you need this? What is the main requirement here?

Btw, for calling a Qlik API with impersonation on Qlik on prem you can use ticket authentication, which allow you to impersonate another user. Use QPS API for asking a ticket and do it in the backend. This is needed because impersonation is an admin activity, and you will use Qlik certs for authenticate your QPS API call.

lcavinat24
Contributor II
Contributor II
Author

Hi @alex_colombo , thank you!

To answer your question, the request comes in order to bypass the properties that prevent the partial reload of an app published by non-owner users, and allowing them to reload as if they were the authorized user.

Your suggestion is not very clear to me, in the javascript section of the mashup, how do I use the API to  ask for the ticket and how do I 'store' it to pass it to Qlik?

In my html I have a button with id=button

<button id="button">Reload</button>

and in the javascript

var app = qlik.openApp('xxxxxx', config);

$("#button").click(function(){
  app.doReload(0, true, false)
});

Thanks in advance

alex_colombo
Employee
Employee

What is preventing your users to start a partial reload? 

I would be a little bit worried about allowing all users to perform a complete reload of an app. How many minutes does reload take to perform a complete reload? Did you think about Qlik server resource consumption? Potentially, if your users continue to press your reload button, your task could run for a long long time.

Why do you need to perform a reload? Users can edit data and they want to see them in the app immediately?

lcavinat24
Contributor II
Contributor II
Author

Some users can't start the reload because of custom properties (that the client doesn't want to modify) and other users can't because of Analyzer license.
 
But don't worry, about 20 users will use the app, not all simultaneously, and the reload takes about 1 minute.
 
The reload is needed to store the data that users write in 3 input boxes, see the data in the app, and send an email, is a simple app to perform a sort of data entry and for the intended use we expect approximately 3/4 reload per day.

alex_colombo
Employee
Employee

I would not create this kind of process. To me, seems is not secure call an API with impersonation from a frontend app. I would stay with how product works, so using partial reload and custom property with a professional license. If customer don't want to change custom property or assign more professional license, so proabbly they don't want to provide this kind of permissions to end users.