I was using this URL to connect to QlikSense:
On version 1.1 it worked well, but after update to v2 server returns HTTP error 403 "Origin is not allowed"
Is this link correct?
That would connect to the Engine directly and thus also require that you use certificates to authenticate against the engine.
Is there a reason why you are not connecting over the proxy?
I have a similar issue, as I cannot connect to the engine to run basic commands like "GetDocList"
I get a 504 error when connecting to wss and nothing when I connect to ws.
So you could connect to the engine in two different ways for Qlik Sense Enterprise,
Over the Proxy
This would use either port 80/443 depending on ws/wss. You would have to authenticate before opening the socket unless anonymous access is allowed.
Here is a gists using node to fetch a ticket for a specific user and open a socket, QES-qsocks-connect.js
Connect directly to a Engine instance
This would use port 4747 as default or whatever Engine listen port you have specified in the QMC.
As this is considered server-to-server traffic you would have to supply the Qlik Sense certificates for the traffic to be trusted. All requests also has to have administrator level access, such as internal Qlik Sense accounts or a user with RootAdmin privileges.
Here is gist using node connecting directly to the Engine using certificates QES-NoProxy-Certs.js
Using Qlik Sense Desktop?
No SSL traffic so just connect to ws://localhost:4848/<resource such as app/>
No need to authenticate using Desktop has it has no users or authenticate mechanism.
I think what you wrote here is exactly what we want, especially the second part. We have a CentOS server running gateway and we tried to use that to talk to Qlik sense server. I am wondering what is the most convenient way to accomplish server to server certificate authentication. Could you installed the certificate at eash side? Thank you.
From the QMC on the Qlik Sense service you can export the service certificates (in various formats).
Then just transfer those certs to your server and sign your requests with the certificates, that will be your authentication.
You also need to supply a X-Qlik-User http header to identify which user you are connecting as.