Qlik Community

Integration, Extension & APIs

Discussion board where members can learn more about Integration, Extensions and API’s for Qlik Sense.

Announcements
Coming Aug. 9: New Simplified Authoring for Qlik Sense SaaS – For Details, CLICK HERE
cancel
Showing results for 
Search instead for 
Did you mean: 
lokeshwer
Contributor
Contributor

Qlik Custom Hub Page

I created a web app and I fetched Qlik ticket from QPS. I also fetched list of app using qrs/app/full api.

I tried to access /sense/app/{app-id-from-qrs-api}?qlikTicket={qlik-ticket-from-qps} but the request is redirected to 4242 demanding authentication.

I don't want user to authenticate directly. The web app can redirect them with qlik ticket.

Please let me know how to avoid redirection

6 Replies
Not applicable

Without having looked at the code you have created, it sounds like you are getting the ticket from a path including a virtual proxy and then requesting the resource from a different proxy (in this case central).  Another potential issue is you are using the ticket after it has expired.

Do you mind attaching your code?

jg

lokeshwer
Contributor
Contributor
Author

Thanks Jeff

I cannot post the code. I will share the source from which I obtain ticket and apps


Ticket fetched from QPS:

var url = "https://" + qlikServer + ":4243/qps/ticket";


Fetching list of apps from QRS:

var url = "https://" + qlikServer + ":4242/qrs/app/full?Xrfkey="+xrfkey+"&filter=published eq true";


var appDashboardUrl = "https://" + qlikServer  +"/sense/app/" + app.ID + "?qlikTicket={ticketFromQPS}";


When client accesses appDashboardUrl, they are challenged with auth prompt.


Might be the ticket expiry you mentioned. Can I increase it from 1 minute?


Not applicable

Lokesh, it is not possible to change the ticket expiry.  But what you could do is get the ticket and create a request that accesses the sense server to another resource with the qlikticket so that you get a session, and then allow the user to pick the app they want and go to it through your interface.

Unrelated, why are you referencing port 4242 when using the qrs rest interface?  It is not necessary.

jg

Alexander_Thor
Employee
Employee

The ticket is only active for 1min for security reasons.
However you can use the ticket on a dummy resource that you just discard to get your session.

The Sense demo site for example will fetch https://sense-demo.qlik.com/resources/img/dark_noise_16x16.png?qlikTicket=<ticket> once a ticket is returned. That will set the correct session cookie on the client. Now you do also have a time-out on a session but it's a lot higher than in comparison to the ticket.

Alexander_Thor
Employee
Employee

And I also get why it's convenient to render the app list server side.

You could of course render the applist client side also but you would have to switch programming language.

This a very contrived example of how to use the QIX Engine API to fetch the applist and render a "Hub" client side.

The benefit here being is that you can authenticate the user before the websocket is established and leverage the ntlm support the browser provides if you want single-sign on for windows.

http://cb-stage.qlik.com/newhub/

Not applicable

Hi Lokesh,

You can try to access a .qvf directly using this URL:

"https: //"+ Server +"/sense/app/"+ app.ID +"/?QlikTicket=" + {ticketFromQPS}

("/" is missing).

It worked for me.

Best Regards.

Pablo