Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
See what Drew Clarke has to say about the Qlik Talend Cloud launch! READ THE BLOG
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
mountaindude
Partner Ambassador
Partner Ambassador
‎2022-03-14 04:17 PM

qs-jwt: A new open source tool for creating JWTs

Edit: 

A few days ago qs-jwt 1.10.0 was released.
The main new feature is support for QS Cloud JWTs.

With this version it's now very easy to automate JWT creation for both QS Cloud and client-managed Qlik Sense, for example when short lived credentials (in the form of JWTs) should be created as part of a CI/CD pipeline or to give some third party system time-limited access to QS.

qs-jwt is still open source and free to use, of course.
Latest version available here.

--------------

 

tl;dr

  • qs-jwt is a cross platform, open source tool that makes it trivial to create JSON Web Tokens (JWTs) from the command line.
  • In this first version JWTs for client-managed Qlik Sense (on Windows) can be created.
  • Windows, Linux and macOS versions of the tool are available from https://github.com/ptarmiganlabs/qs-jwt

Long version

JWTs are an excellent, well established way to provide authenticated access to APIs.

With client-managed Qlik Sense (=QSEoW) certificates provide very flexible authentication, but therein also lies a problem: With certificate access to Sense APIs the calling system can impersonate any user, which is less than ideal from a security point of view.

There are some good posts on qlik.dev around JWTs. Both how to create them and how to set up virtual proxies to work with JWTs.

I however still felt the whole process of creating JWTs was too manual.
And not at all suited for production grade use in CI/CD pipelines etc.

So... enter qs-jwt. 
https://github.com/ptarmiganlabs/qs-jwt

It's cross platform (Win, macOs, Linux). 
It's a single binary, no installation needed. Just download and run.
It is specifically created to be easy to use in automation scripts and Continuous Integration (CI) pipelines.
It can create JWTs for client-managed Qlik Sense. Qlik Cloud support is around the corner.
It creates JWTs that embed both user identify and any other metadata than can be expressed in string format.
It places an expiry time in the JWT, making the JWT useless after that moment.
It can use an existing set of private key/certificate, or create new ones.
The macOS binary is signed by Apple. A signed Windows binary just might be coming too..
It has an easy to understand, permissive MIT open source license.

Enjoy!

Please mark the post as a solution if it provided you with a solution to the topic at hand. Thanks!
Labels (3)
Labels
396 Views
1 Reply
rzenere_avvale
Partner - Specialist II
Partner - Specialist II
‎2022-03-15 09:03 AM

Seems really interesting, I'll give it a good try. Thanks @mountaindude !

Riccardo

353 Views