Solved: Re: Using a Session Cookie with Repository API - Qlik Community

elva_lester · ‎2016-09-23

I have a .NET MVC web application that requires SSL. I am able to successfully access the Proxy Service to obtain a session ID and store it in my forms authentication cookie to allow for single sign-on. I am able to display a specific app or sheet within an iframe by simply specifying the URL. Instead of hard-coding the GUIDs for the apps and sheets, I would like to use the Repository Service to get a list of available apps and sheets. Whenever I call qrs/virtualproxy/app/hublist, I get the html for the login screen returned. I have tried adding various headers, but can't seem to find the right combination. Here's my code:

public string GetAppList(string method, string server, string virtualProxy, string user, string userdirectory, HttpCookie session)

{

string url = server + "/qrs/" + virtualProxy + "/app/hublist";

//Create the HTTP Request and add required headers and content in Xrfkey

string Xrfkey = "0123456789abcdef";

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url + "?Xrfkey=" + Xrfkey);

request.Method = method;

request.Accept = "application/json";

request.ContentType = "application/json";

request.Headers.Add("X-Qlik-Xrfkey", Xrfkey);

request.Headers.Add("X-Qlik-User", "UserDirectory=" + userdirectory + ";UserId=" + user);

request.Headers.Add("X-Qlik-Virtual-Proxy-Prefix", virtualProxy);

// make the web request and return the content

HttpWebResponse response = (HttpWebResponse)request.GetResponse();

Stream stream = response.GetResponseStream();

return stream != null ? new StreamReader(stream).ReadToEnd() : string.Empty;

}

Basically, I want the call to work like the .NET SDK command location.AsExistingSessionViaProxy(sessionCookie.Value, sessionCookie.Name). Is this possible?

Thanks.

elva_lester · ‎2016-09-27

Thank you. That definitely was part of my problem. The other thing I needed to do was to add the Session cookie to the request as follows:

request.CookieContainer = new CookieContainer();

request.CookieContainer.Add(new Uri(server), new Cookie(session.Name, session.Value));

View solution in original post

konrad_mattheis · ‎2016-09-26

Hi Elva,

yes this should be possible. You have to extract the cookie out of the response.

bye Konrad

elva_lester · ‎2016-09-26

Yes, I am able to extract the cookie, but I cannot get the qrs request to use it. I tried request.Headers.Add("X-Qlik-SessionId", session.Value); where the variable session is the cookie.

grangerats · ‎2016-09-26

Hi,

If you're trying to get to the QRS Api via a Virtual Proxy, you appear to be using the wrong path. It should be /{virtual-proxy-prefix}/qrs/... E.g. /virtualproxy/qrs/app or /virtualproxy/qrs/app/full or /virtualproxy/qrs/about/api/description With that, you can use whatever AuthC your Virtual Proxy is setup to use.

elva_lester · ‎2016-09-27

Thank you. That definitely was part of my problem. The other thing I needed to do was to add the Session cookie to the request as follows:

request.CookieContainer = new CookieContainer();

request.CookieContainer.Add(new Uri(server), new Cookie(session.Name, session.Value));

dmohanty · ‎2017-04-27

Hi elva.lester‌, grangerats‌,

I have a similar requirement to get the active SMSESSION cookie for an application in Access Point. Once I can capture that, I have to pass the same as one of the header and x-api-key as another to call the URL (HTTP request).

Any suggestion here how to capture that SMSESSION cookie (or all cookie of that page) using VBScript or JScript in Qlik?

Regards!

dmohanty · ‎2017-05-01

Hi elva.lester, grangerats

Any possible help on my request please?

Regards!

grangerats · ‎2017-05-01

Not enough information, and what's there appears to be jumping between many different products. Sounds like only a small portion of it has anything to do with Qlik Sense. And, finally, it sounds like a completely new topic; ask a new question (not on this question) and supply more detail.

dmohanty · ‎2017-05-01

grangerats‌

Thank you for suggestion

I have a thread already created here -

Generate a user specific SMSESSION cookie calling a WebService

To simplify more -

Fetch the SMSESSION cookie from the login browser (may be using a Macro). Store in variable or notepad.
Use this SMSESSION as one of the header input and X-API-KEY as another input to call the URL (HTTP Request)

GET https://iri1lvu09j.execute-api.us-east-1.amazonaws.com/oe_stage/api/v1/token-generator/generate?user...user’s login id

Create the Cart by calling the URL –

POST https://dzrsa753r1.execute-api.us-east-1.amazonaws.com/oe_stage/pd/ecom/v1/carts

Here are the inputs –

Authorization – JWT Token

X-API-KEY - Qlik API Key

Content-Type: application/json

User – User’s Log in id

UUID - cb6d61da-1eb4-4827-bc32-fb2a71f15f8b (It is just a unique transaction tracking identifier. We can use whatever you want to generate it and can be any format. It will be part of the API logs we can find it in Splunk. It should be unique per request. It will accept the same one on multiple calls and does not do duplicate checking.)

amien · ‎2017-05-01

@elva.lester

Just wondering. .why dont you use the SDK for extracting all the apps and sheets indeed of adding de API solution?