Skip to main content

Qlik

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
WhoAmI
Contributor II
‎2023-07-06 02:17 AM

(nebula.js) extension Auth0 integration

Hello,

I have written an extension based on the nebula.js framework. This calls an internal application, which in turn is technically secured by an internal Auth0 instance security. In Qlik SaaS the same Auth0 instance is used.

Now the question, is it possible to pass the token to the nebula.js extension, which should already be generated by using the Qlik application. My goal would be that I can pass the bearer token directly when communicating with my extension.

Currently I do a relatively awkward iframe in the Qlik Mashup application to log in with my application.

Labels (2)
Labels
938 Views
0 Likes
4 Replies
jprdonnelly
Employee
‎2023-07-07 01:49 PM

@WhoAmI - does the extension need to authenticate as the user who has logged into the Qlik Cloud tenant, and have you investigated OAuth2 yet?

- @jprdonnelly
906 Views
0 Likes
WhoAmI
Contributor II
‎2023-07-17 06:09 AM
Author

Hi @jprdonnelly , sorry for my late reply. Yes, the Qlik extension (especially the backend) needs the user currently logged in.

Since the extension is only for visualization, I can't specify redirect_uri or anything like that. Currently I don't know which flow I can use, or which API endpoint from Qlik.

888 Views
0 Likes
Jeffrey_Goldberg
Employee
‎2023-07-17 08:23 AM

In response to WhoAmI

@WhoAmI , You may need to allow the correct origins and callbacks in the auth0 configuration to support using the same auth.

2023-07-17_08-15-04.png

 

@jprdonnelly  is also correct. You could set up an OAuth application on Auth0 (because in this case Qlik is the client, not the resource server) that has a relationship to the identity provider application. In this case, you would be able to set up the extension as a public client. You would add the client_id from auth0 to your extension and then have it make a request for an authorization and access token on Auth0.

Because you're already authenticated to Auth0, it should see that when the request for the authorization token comes through from your extension and gives you what you need to take the next step.

 

This may be helpful as well: https://auth0.com/docs/quickstart/spa/vanillajs/interactive

 

876 Views
0 Likes
WhoAmI
Contributor II
‎2023-07-18 06:52 AM
Author

In response to Jeffrey_Goldberg

Do you mean to call one of the POST method /oauth/token https://qlik.dev/apis/rest/oauth

if yes, which body type should I use?

WhoAmI_0-1689677554152.png

 

 

863 Views
0 Likes
Top