[Client‑Managed] Building a Monitoring App for User Access: Streams + Section Access Details (Qlik Sense Enterprise May 2024)
I’m trying to build a monitoring app that shows exactly which users have access to Qlik Sense apps—both at the stream level and within Section Access for data reduction.
So far, I’ve:
Extracted stream access permissions via QRS.
Used regex in the load script to detect if Section Access exists in an app.
Now I need to identify the actual users/groups defined in Section Access. Sometimes this is easy (INLINE tables in the script), but other times the data comes from external sources (SQL tables, QVDs, etc.), which makes it harder
1. Has anyone managed to do this in a practical way?
2. Which Qlik product or API should I use to extract the Section Access user list? Is it possible via Engine API (GetScript()) only, or do I need something like qlik-cli, QRS, or a reload process?
Environment: Qlik Sense Enterprise on Windows (May 2024).
I used an Writeback table to create the section acces table. And then load the section acces tables inside the app. Then i connected an custom property to the app what section acces i am using.
Thank you for the suggestion. Using a Writeback table is definitely a best practice for new implementations, but unfortunately, it doesn't fit my current scenario.
I am dealing with a legacy environment containing a vast amount of apps developed over the last 6 years in a completely unstructured way. The Section Access definitions vary wildly (Inline, SQL sources, QVD loads, etc.), and refactoring all these apps to use a unified Writeback table is not feasible at the moment.
I am looking for a passive auditing solution—something that can verify 'Who has access to App X?' without modifying the app's script.
Since parsing the load script is difficult (due to Include files and variables), has anyone successfully used the Hub API to simulate/impersonate a user check?
