Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I want to use Keycloak like Identity Provider for Qlik Sense.
I configure a virtual proxy in QMC Qlik and a client in Keycloak.
When I go to https://myqlikserver.fr/keycloak/hub, I have Error 500.
Anyone knows keycloak or have already configure a SAML virtual proxy ?
I see videos from Youtube but I don't find my solution with these 2 systems.
Regards
I resolve my problem, communication between Qlik and Keycloak works.
So, if y ou have same problematic, you can contact me.
Regards
Hi Emeline,
I am struggling to get this to work, could you share what you did?
Thanks
Keycloak exposes different XML metadata, you will need to edit the XML metadata to suit Qlik Sense format.
Hi,
I am having a similar issue with Google, it is authenticating if I am logged into Google but if not I am getting a 500 error but nothing in the logs so I am suspecting it may be the IdP format from google.
How do you get an example format of the IdP file ?
Lee
Finally it was a wrong configuration into Keycloak.
IdP file looks like :
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://keycloak_server/auth/realms/myrealm"><IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><KeyDescriptor use="signing"><dsig:KeyInfo><dsig:KeyName>JkhkWVjQNl_s0-TTkaEhI2hIn37xZyFRFl0m_PqS_BM</dsig:KeyName><dsig:X509Data><dsig:X509Certificate>MIIC...X2yfdJul2FQywQ==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></KeyDescriptor><SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keycloak_server/auth/realms/myrealm/protocol/saml"></SingleLogoutService><SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://keycloak_server/auth/realms/myrealm/protocol/saml"></SingleLogoutService><NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat><NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat><NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat><NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keycloak_server/auth/realms/myrealm/protocol/saml"></SingleSignOnService><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://keycloak_server/auth/realms/myrealm/protocol/saml"></SingleSignOnService></IDPSSODescriptor></EntityDescriptor>
Thanks and my format looks OK, so I am not sure what is wrong with my setup now... thanks for your help anyway.
I have posted another community question asking for help with details of my setup here: https://community.qlik.com/thread/312910
Lee
Hi,
I am using OAM as service provide,
I uploaded the idp metadata to the virtual proxy and SP metadata to the service provider.
Unfortunately, I am getting Qliksense 500 Internal Server error.
I am using https://[domain]/[Virtual Proxy prefix]/hub URL.
Could you please help me on this?
Thanks,
Binu
Error 500 usually means there is a configuration issue associated with Qlik Sense, but usually external to Qlik Sense. Have a look at this article to see if it helps https://support.qlik.com/articles/000041560
Hi,
I have the same problem. Can you tell me how you resolved it ?
Regards