Qlik Community

Ask a Question

Knowledge Base

Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team

Announcements
Join this live chat April 6, 10AM EST - QlikView to Qlik Sense REGISTER

Customized Authentication in Qlik Sense

Sonja_Bauernfeind
Digital Support
Digital Support

Customized Authentication in Qlik Sense

If coming from QlikView, it is known that implementing custom authentication such as SAML, JWT, etc. requires specialized knowledge and the examples provided (as described in Customized Authentication in QlikView 11) are only provided as-is with no warranty. 
Qlik Sense, however, largely improves on the ability to implement customized authentication as it is now configurable from within the Qlik Management Console (QMC) via Virtual Proxy configurations.
 

Environment:

  • Qlik Sense Enterprise for Windows, all versions

 

Supported customized authentication methods now include, as of June 2020:

Alternatively, Windows authentication via Forms can also be used (See Logging out of Qlik Sense: Using Forms authentication to log in and out of the Sense Hub)
Note that for non-Windows devices, form authentication will be used by default even if the above setting has not been done on the virtual proxy.

 
  • Ticket - This consists in requesting a ticket to the Qlik Proxy API and consuming it by appending it to the Qlik Sense URL. This is generally the preferred method when integrating Qlik Sense in an iFrame as this does not require to set up headers or cookie, which may be blocked by browser cross-site scripting prevention policy.

 

  • Session - This consists of creating a session id with the Qlik Proxy API and then set the cookie with that same session id on the user side.

 

  • Header - This consists of sending the username you want to authenticate as in an HTTP header. This is considered as unsafe if there is no reverse proxy or proxy between the clients and server that will filter who is able to send a header to get authenticated, so this is a point that should be considered when using Header authentication.
  • SAML - The authentication is accomplished by exchange of claims between the Identity Provider (IdP) and the Service Provider (Qlik Sense)
See below for setup examples:
How To Use SAML Authentication With Qlik Sense
 
  • JWT - The authentication is accomplished with a JSON formatted token signed with the private key of a specific certificate. Qlik Sense will check if the signature is correct based on the certificate provided in the virtual proxy configuration.



Our Knowledge base has many articles available describing configuration of different authentication methods and related troubleshooting, for example:

More resources are available at http://help.qlik.com, as well as Qlik Community. Please keep in mind, however, that "how to" questions are generally outside the scope of technical support; if you need step-by-step help with setting up customized authentication please reach out to your Account Owner to inquire about Education Services or Consulting Services (see When and How to Contact the Consulting Team?).

Labels (1)
Version history
Revision #:
4 of 4
Last update:
‎2021-02-23 04:13 AM
Updated by:
 
Contributors