Hi,

I am currently testing Qlik Sense embedding and would need some assistance. We use Qlik Sense Enterprise with ticket authentication and users are on our Active Directory.

I have created a second virtual proxy for embedding with the following settings and also added central proxy:

• Prefix: embed

• Session cookie header name: X-Qlik-Session-Embed

• Anonymous access mode: No anonymous access

• Authentication method: Ticket

• Has Secure attribute (HTTPS): Enabled

• SameSite attribute: No attribute

In Postman, I added the Qlik Sense certificates and used the following request configuration.

Headers:

• Content-Type: application/json

• X-Qlik-Xrfkey: 1234567890123456

Body:

{
  "UserId": "ADUser",
  "UserDirectory": "OurADUserDirectory",
  "Attributes": []
}

I then send a POST request to retrieve a ticket using the following endpoint:

https://server.com:4243/qps/ticket?xrfkey=1234567890123456

The request returns a ticket successfully.

However, when I paste the following URL with ticket into the browser using an incognito window, I am still prompted with a login dialog (Internal Windows Authentication):

https://server.com/embed/?qlikTicket=TicketFromPostman

Does anyone have any idea what might be missing or misconfigured?