Skip to main content
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Showing results for 
Search instead for 
Did you mean: 
manish_2991
Contributor III
Contributor III

SSO in Qliksense

Hi 

We are implementing SSO in qliksense with IDAM of Microfocus. We have created the virtual proxy as required and uploaded the IDP metadata and shared the SP metadata with the IDAM.

But whenever we are trying to log in to qliksense through our SSo, then it's not opening the page rather it's showing error 'Unable to complete request at this time. (Request was from an untrusted provider-95241285D8958F10)'. After discussing the same with IDAM team they are saying that Qliksense is not supporting SP initiated SSO, it's working on IDP initiated SSO.

Is there any case that qliksense doesn't support SP initiated SSO?

We are using Qliksense Nov 2021 version. 

Please guide.

Labels (1)
4 Replies
Damien_V
Support
Support

Hello @manish_2991 

That is SAML authentication, right?

Qlik Sense DOES support SP-initiated SSO.

From the error message, "Request was from an untrusted provider-95241285D8958F10" it rather looks like IDAM fails to validate the signature on the SAML AuthnRequest, maybe because it's using a self-signed certificate ?

You can replace your certificate by a certificate of your choice if you wish:

https://community.qlik.com/t5/Knowledge/How-to-change-the-certificate-used-by-the-Qlik-Sense-Proxy-t...

But keep in mind that it needs to have the cryptographic provider Microsoft Enhanced RSA and AES Cryptographic Provider if you wish to use SHA-256

https://community.qlik.com/t5/Knowledge/SHA-256-and-Converting-the-Cryptographic-Service-Provider-Ty...

 

Hope that helps.

Best regards,

If the issue is solved please mark the answer with Accept as Solution.
manish_2991
Contributor III
Contributor III
Author

Hi Damien 

Thanks for your revert.

On further investigating the issue we discovered that there was some issue at IDAM end only. They were not able to read the SP metadata properly. Now it's working with Self signed certificate only.

But now when we are trying with third party wildcard certificate we are getting issue in IDAM. Whenever they import the SP metadata having the wildcard certificate details they are unable to upload and it gives the attached error. Also when they try to import the certificates directly from IDAM by connecting Qliksense server (using IP& port - 100.0.0.100:443)it shows an error that Root certificate is not found on the server. (attached screenshot of the same).

Please guide what could be the issue?

Damien_V
Support
Support

Hello @manish_2991 

Was that certificate generated by a public Certificate authority such as VeriSign or similar, or generated by yourself?

Based on the error, it looks you would need to import the Certificate authority certificate of that certificate to IDAM so that it can trust it.

Best regards,

If the issue is solved please mark the answer with Accept as Solution.
BoB_Qlik_Support
Contributor II
Contributor II

any documentation or steps on how to Integration with Oracle IDAM(SSO configuration) @Damien_V