Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
rlesage
Partner - Contributor III
Partner - Contributor III

Qlik Embedding - Future of Third-Party cookies

Hi all,

When embedding Qlik SaaS in mashups or webapps, frequently we get errors because of third-party cookies (especially with Apple). Solution described by Qlik since now is always to enable third-party cookies.

However, Apple has already started with blocking this by default and Google will follow in 2024. What is the roadmap for Qlik on this topic?  Will they provide a solution for embedding without third-party cookies (e.g. custom domains)?

Kind regards,
R

Labels (3)
1 Solution

Accepted Solutions
Jeffrey_Goldberg
Employee
Employee

@rlesage ,

The answer to your question is yes! and I'm happy to report you can start using it with Qlik Cloud today. We've released several enhancements to our OAuth2 portfolio enabling you to create single page applications, web applications (with your own backend), and machine-to-machine (m2m) solutions for non-interactive applications.

You can use the new OAuth2 single page and web mechanisms with the capability API if that is how you've built your mashups, or using Nebula.js and enigma.js.

I'll admit the documentation right now is rough, but we're actively working on enhancing it. I have an example of using the capability API here: https://glitch.com/edit/#!/spring-maroon-howler.

The example isn't going to work for you because you don't have access to the tenant I have the mashup hosted on, but you can view the code and see how to set it up.

In addition, you do need to do some configuration in the management console to set up your OAuth2 application. Tutorials specific to the single page application set up are on the way.

Here's what you need to do:

Go here in the MC: 

Jeffrey_Goldberg_0-1674134036631.png

 

then go here and fill out the appropriate information. Unfortunately, I usually get the redirect url incorrect so that's why you see my tenant and the app in the list.

Jeffrey_Goldberg_1-1674134108238.png

Using this approach will switch from using cookies to session tokens, eliminating the third-party cookie problem.

NOTE: This isn't a solution for iframes. Iframes and OAuth2 are two tastes that don't work very well together. We are actively working on solutions to make it easier to embed with as few lines of javascript as possible to replace iframes so that you can take advantage of OAuth2 and a cookie-less world.

 

Jeff G

 

View solution in original post

2 Replies
Jeffrey_Goldberg
Employee
Employee

@rlesage ,

The answer to your question is yes! and I'm happy to report you can start using it with Qlik Cloud today. We've released several enhancements to our OAuth2 portfolio enabling you to create single page applications, web applications (with your own backend), and machine-to-machine (m2m) solutions for non-interactive applications.

You can use the new OAuth2 single page and web mechanisms with the capability API if that is how you've built your mashups, or using Nebula.js and enigma.js.

I'll admit the documentation right now is rough, but we're actively working on enhancing it. I have an example of using the capability API here: https://glitch.com/edit/#!/spring-maroon-howler.

The example isn't going to work for you because you don't have access to the tenant I have the mashup hosted on, but you can view the code and see how to set it up.

In addition, you do need to do some configuration in the management console to set up your OAuth2 application. Tutorials specific to the single page application set up are on the way.

Here's what you need to do:

Go here in the MC: 

Jeffrey_Goldberg_0-1674134036631.png

 

then go here and fill out the appropriate information. Unfortunately, I usually get the redirect url incorrect so that's why you see my tenant and the app in the list.

Jeffrey_Goldberg_1-1674134108238.png

Using this approach will switch from using cookies to session tokens, eliminating the third-party cookie problem.

NOTE: This isn't a solution for iframes. Iframes and OAuth2 are two tastes that don't work very well together. We are actively working on solutions to make it easier to embed with as few lines of javascript as possible to replace iframes so that you can take advantage of OAuth2 and a cookie-less world.

 

Jeff G

 

jashmead
Contributor
Contributor

This is good information... but @Jeffrey_Goldberg  are there any updates?  Do you guys have a newer example, and/or documentation on this topic?

 

We are starting our migration from Qlik on-prem to our Qlik SaaS tenant, and this is one of the decision points we need to make regarding our authentication:  Require 3rd party cookies, or instead, use this information and direction from Qlik to avoid the issue altogether.

Any updates would we most welcome!

Jason A.