Skip to main content
Announcements
See why Qlik is a Leader in the 2024 Gartner® Magic Quadrant™ for Analytics & BI Platforms. Download Now
cancel
Showing results for 
Search instead for 
Did you mean: 
lblumenfeld
Partner Ambassador
Partner Ambassador

Restricting the capability and engine APIs

If a user can create apps, edit apps, etc. in the hub then does that same user have accessibility to the capability and engine APIs? In other words, if the use knows how to code HTML and javascript then can that same user also access qlik sense apps using those?

If so then is there any way to restrict use of that method? Or, just allow embedding URLs in iframes, but not direct API calls?

Does Qlik Sense have any access settings that prevent users from using the APIs?

 

Thanks.

Labels (1)
  • API

1 Reply
Vincenzo_Esposito

The user authorization is regardless from the way he/she access to the platform . Saied that, a generic user who want to run a javascript accessing to QlikSense need to be allowed by an administrator for one of both schemario:

 1) If the script is served by Qlik Sense Server, the administrator need to upload the page/Mashup/script on the Server

or

2) If the script is served by a third server, those server need to be allowed to the CORS by an Administrator.