Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
NEW: Seamless Public Data Sharing with Qlik's New Anonymous Access Capability: TELL ME MORE!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
TKendrick20
Partner - Specialist
Partner - Specialist
‎2017-01-05 06:28 PM

When to Use Header Authentication for Qlik Sense

Just wanted to share a couple thoughts on a topic I have Googled many, many times.

Header authentication into a Qlik Sense environment bypasses Qlik Sense's traditional authentication measures. Therefore, it can be used to easily test calls to the Qlik Repository Service (QRS) API, but can also be used as a backdoor into your system and should be guarded very carefully.

  • In conjunction with another authentication method such as certificate authentication or an external authentication portal
  • A carefully configured system of firewalls / proxies
  • In a development environment

The QRS contains information about the configuration of your Qlik Sense environment. Access to the QRS comes with immense power. You'll have the ability to view license information. create and drop users. adjust security rules, export apps, etc. So be careful when building header authentication into external applications to protect yourself from malicious interactions. If your intent is to simply have users interact with your apps and data, then ticket and session authentication are other, more secure options to pursue.

1,287 Views
0 Likes
0 Replies