Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
I am trying to set JWT token authentication to anonymous access to Qlik embed content by following the tutorial
https://qlik.dev/embed/iframe/quickstart/embedding-with-anonymous-access-and-qlik-cloud/
I followed the flow, and done all the steps. However, the token generated seems very unstable. most of the time, I would get unauthorised error as follow:
But sometimes, I retry the same token, it will successfully log me in, other time, it still get the same error.
It is also mentioned in this post
https://community.qlik.com/t5/Integration-Extension-APIs/Seemingly-unstable-JWT-Authentication-for-Q...
so I implemented retry mechanism, code as follow:
async function retryJwtLogin(token, maxRetries = 😎 {
for (let attempt = 1; attempt <= maxRetries; attempt++) {
try {
const loginRes = await jwtLogin(token);
if (loginRes) {
return loginRes; // Return the successful response
} else {
console.error(`Attempt ${attempt} failed`);
}
} catch (error) {
console.error(
`Attempt ${attempt} failed with error: ${error.message}`
);
return null;
}
if (attempt < maxRetries) {
console.log(`Retrying... (${attempt}/${maxRetries})`);
} else {
const message =
"Something went wrong while logging in after multiple attempts.";
throw new Error(message);
}
}
}
async function jwtLogin(token) {
try {
const authHeader = `Bearer ${token}`;
const reponse = await fetch(
`https://${TENANT}/login/jwt-session?qlik-web-integration-id=${WEBINTEGRATIONID}`,
{
credentials: "include",
mode: "cors",
method: "POST",
headers: {
Authorization: authHeader,
"qlik-web-integration-id": WEBINTEGRATIONID,
},
}
);
if (reponse.status === 200) {
console.log(117, await reponse.json());
return reponse;
} else {
console.log(117, await reponse.json());
return null;
}
} catch (e) {
console.error(e);
return null;
}
}
The result is still the same, most of the time i get unauthrised error, but occasionally it successfully logs me in.
my token decode is as following:
{
sub: 'ANON//fc2018e5-e566-467d-9958-bc3a8a78c480',
subType: 'user',
name: 'anonymous',
email: 'fc2018e5-e566-467d-9958-bc3a8a78c480@anon.com',
email_verified: true,
iss: 'my issuer.ap.qlikcloud.com',
iat: 1717650839500,
nbf: 1717650901500,
exp: 1717654400500,
jti: 'fc2018e5-e566-467d-9958-bc3a8a78c480',
aud: 'qlik.api/login/jwt-session',
groups: [ 'Anonymous' ]
}
I also made sure that exp does not exceed 3600 seconds and jti is unique, also I tried the method mentioned in previous post, to make iat 1 min early before current time.
Still, I have no idea why the authentication would sometimes work and sometimes fail giving the same code and configration. Does anyone also encounter this or have a solution for it? Thanks!
