Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Is there a way of restricting access to certain endpoints in the QRS API through a virtual proxy. We would like to be able to share a reduced QRS to supporting systems to allow them to get metadata and run tasks, but nothing else.
Anyone know a way of doing this?
Hello @DavidFosterVF ,
It's not possible to restrict access to specific endpoints, but feel free to create a feature request using ideation.
https://community.qlik.com/t5/Suggest-an-Idea/idb-p/qlik-ideas
Best regards,
Francisco
When you access the QRS, you have to be identified or authenticated. When accessing the QRS over a Virtual Proxy, you are authenticated via the method configured for the Virtual Proxy (Windows, Header, SAML, JWT, OIDC, etc). After authentication, any and all configured security rules for the site and the user will be applied. This means, out of the box, QRS access is already restricted. If the user can see metadata via the UI, they will be able to do so via QRS. If they can't via the UI, they will not via QRS.
Hello @DavidFosterVF ,
It's not possible to restrict access to specific endpoints, but feel free to create a feature request using ideation.
https://community.qlik.com/t5/Suggest-an-Idea/idb-p/qlik-ideas
Best regards,
Francisco
When you access the QRS, you have to be identified or authenticated. When accessing the QRS over a Virtual Proxy, you are authenticated via the method configured for the Virtual Proxy (Windows, Header, SAML, JWT, OIDC, etc). After authentication, any and all configured security rules for the site and the user will be applied. This means, out of the box, QRS access is already restricted. If the user can see metadata via the UI, they will be able to do so via QRS. If they can't via the UI, they will not via QRS.