Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Launches Open Lakehouse and advanced agentic AI experience in Qlik Answers! | LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2015-09-30 09:10 AM

Mashup/Capability API without a redirect for authentication?

All of the examples of the mashup/capability API in node.js that I've seen use the qlik-auth module.  The drawback of the qlik-auth module is that it relies on redirection through the proxy to obtain a ticket.

What I would like to do is obtain a ticket via ajax, and defer loading the qlik client until the ticket is returned.

There doesn't, however, seem to be an API in the client to pass in the ticket and/or session and the qlik client assumes that a valid cookie is set when loaded, otherwise it redirects to the authentication URL in the virtual proxy.

How can the qlik js client be loaded without needing to be redirected to the authentication url by using the QPS session API to first obtain a ticket?

12,235 Views
1 Solution

Accepted Solutions
Alexander_Thor
Employee
Employee
‎2015-09-30 12:08 PM

Hey Chris,

The http://sense-demo.qlik.com site does exactly that. We fetch a ticket in the background, then we consume said ticket by just issuing a GET against a resource behind the proxy with the ticket attached to it. Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.

Process

1. Browser requests ticket from server component.

2. Server component issues ticket to user/browser

3. Browser consumes ticket by requesting https://<your QS server>/resources/img/dark_noise_16x16.png?qlikTicket=<yourticket>

4. QS Server returns the image and a Set Cookie header.

5. Discard the image and just load the qlik.js API

View solution in original post

6,004 Views
12 Replies
Alexander_Thor
Employee
Employee
‎2015-09-30 12:08 PM

Hey Chris,

The http://sense-demo.qlik.com site does exactly that. We fetch a ticket in the background, then we consume said ticket by just issuing a GET against a resource behind the proxy with the ticket attached to it. Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.

Process

1. Browser requests ticket from server component.

2. Server component issues ticket to user/browser

3. Browser consumes ticket by requesting https://<your QS server>/resources/img/dark_noise_16x16.png?qlikTicket=<yourticket>

4. QS Server returns the image and a Set Cookie header.

5. Discard the image and just load the qlik.js API

6,005 Views
Not applicable
‎2015-09-30 01:52 PM
Author

In response to Alexander_Thor

Thanks Alexander!

Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.

I have a follow-up question regarding this.  The node.js mashup example uses a third approach, which is to load the master require.js (full html here😞

<script src="http://<hostname>:<hostport>/resources/assets/external/requirejs/require.js"></script>

What's the difference between loading this require.js file (which is different stock require.js) and directly loading the qlik.js file?  Also, can you give an example of manually bootstrapping the API?  I'm not quite sure what you mean by that.

6,004 Views
Not applicable
‎2016-03-02 12:38 PM
Author

Alexander, could you clarify how exactly "1. Browser requests ticket from server component." is achieved?

6,005 Views
0 Likes
Anonymous
Not applicable
‎2016-03-03 04:34 AM
Author

In response to Alexander_Thor

This sounds like exactly what I need to do as I need to authenticate (get session for a user) via client side ajax...care to elaborate?

6,005 Views
0 Likes
Not applicable
‎2016-03-03 08:32 AM
Author

In response to

Hi Robert,

You can read more about the authentication API here:

Authentication API ‒ Qlik Sense

The service that is used to actually obtain a ticket is here:

Add ticket ‒ Qlik Sense

If you were using normal authentication, then you wouldn't have to worry about getting a ticket since the app would do it on your behalf, but if you are using a proxy with an authentication module (as would be the case in most node.js examples), then the service you deploy (i.e. the node.js app) calls the ticket method in the QPS after using whatever authentication the application defines.

Hope that helps.

~Chris

6,005 Views
0 Likes
Not applicable
‎2016-03-03 01:09 PM
Author

In response to Anonymous

IMHO, the best place to start would be to work through one of the examples of a mashup application in node.js or the .net SDK.

That should give you a pretty good understanding of the architecture behind mashups.

If you've already gotten that far, then you'd have to give us more details on what else you'd like to know about the approach that Alexander laid out.

~Chris

6,005 Views
0 Likes
Alexander_Thor
Employee
Employee
‎2016-03-03 01:09 PM

In response to

When you are loading the requirejs file from behind the proxy a authentication check is performed.
So if you are not authenticated when the page tries to load requirejs it will trigger the authentication re-direct.

6,005 Views
0 Likes
Alexander_Thor
Employee
Employee
‎2016-03-03 01:10 PM

In response to

You build a server component that is trusted by Qlik Sense by certificates.

Your server component is responsible for authenticating the user, if that is successful you request a ticket for the user and pass it along.

6,005 Views
0 Likes
alexbjorlig
Creator
Creator
‎2017-01-24 12:04 PM

In response to Alexander_Thor

Just if it helps anyone - the dark_noise picture moved location

/resources/img/core/dark_noise_16x16.png

6,005 Views
0 Likes