Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Save $650 on Qlik Connect, Dec 1 - 7, our lowest price of the year. Register with code CYBERWEEK: Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
mbespartochnyy
Creator III
Creator III
‎2023-10-04 03:47 PM

Why Do Web Connectors Need Encryption Key?

While trying to create a data connection for GitHub, I got an error message saying that ENCRYPTION_KEY_MISSING:

 

Error retrieving URL to authenticate ENCRYPTION_KEY_MISSING.png

 

I figured out the problem, got an encryption key generated, and data connection created. What I can't figure out is why was encryption key needed.

Does anyone know?

Labels (3)
Labels
852 Views
1 Solution

Accepted Solutions
howdash
Creator II
Creator II
‎2025-08-18 05:05 PM

Short answer is "to encrypt access tokens and, possibly, refresh tokens that are used to access data."

 

Context

For context, and continuing to use GitHub as an example, when an employee creates a new data connection to GitHub using Qlik's web connector, the web connector obtains an Access token from GitHub that it can use to access that employee's GitHub data on behalf of employee.

 

Role of Access Token

Qlik Sense will need to access that employee's GitHub data each time the employee or service account reloads the app that is using the GitHub data connection to pull data from GitHub. GitHub won't allow Qlik Sense access employee's GitHub repository without the web connector having the access token.

 

Example

So, if 10 employees each create a connection to their own GitHub repository to use in apps they are creating, GitHub issues 10 unique access tokens - one per connection. When any of those apps reloads, Qlik Sense uses the matching employee's access token to pull their data. Without the correct token, GitHub rejects the request.

 

Access Token Security

Since the access tokens are used by Qlik web connector to access employee's GitHub data, these access tokens must be protected. They can't just be laying around on the server in plaintext.

To protect access tokens, an encryption key is created and installed. The encryption key is used to encrypt access tokens before they are written to your Qlik Sense server's hard drive. This ensures that even if someone will get access to the access tokens, they still won't be able to connect to and read employees' GitHub data.

View solution in original post

262 Views
0 Likes
2 Replies
Alan_Slaughter
Support
Support
‎2025-08-18 10:28 AM

Hi, An encryption key is required for several important reasons:

  1. Data Protection: It transforms sensitive data into unreadable cipher text, safeguarding it from unauthorized access and potential breaches.

  2. Compliance: Encryption is often recommended or required to comply with various data protection laws and regulations.

  3. Security for Web Storage Provider Connectors: Many Qlik Web Storage Provider Connectors specifically require an encryption key to function securely.

  4. Access Control: The encryption key ensures that only authorized users can decrypt and access the protected data.

  5. Risk Reduction: In big data environments where large volumes of data are collected and stored, encryption helps mitigate the risk of internal or external data leakage.

  6. Asset Protection: It safeguards your organization's and customers' sensitive information from potential threats.

  7. Secure Authentication: For certain connectors, the encryption key is necessary to authenticate and establish secure connections.

Without a proper encryption key, you may encounter errors such as "ENCRYPTION_KEY_MISSING" when trying to create new connections or access protected data. It's crucial to generate and manage encryption keys securely, following your organization's best practices and security protocols.

https://community.qlik.com/t5/Official-Support-Articles/MISSING-ENCRYPTION-KEY-when-creating-a-data-...

https://help.qlik.com/en-US/connectors/Content/Connectors_Home/Setting-encryption-key.htm

279 Views
0 Likes
howdash
Creator II
Creator II
‎2025-08-18 05:05 PM

Short answer is "to encrypt access tokens and, possibly, refresh tokens that are used to access data."

 

Context

For context, and continuing to use GitHub as an example, when an employee creates a new data connection to GitHub using Qlik's web connector, the web connector obtains an Access token from GitHub that it can use to access that employee's GitHub data on behalf of employee.

 

Role of Access Token

Qlik Sense will need to access that employee's GitHub data each time the employee or service account reloads the app that is using the GitHub data connection to pull data from GitHub. GitHub won't allow Qlik Sense access employee's GitHub repository without the web connector having the access token.

 

Example

So, if 10 employees each create a connection to their own GitHub repository to use in apps they are creating, GitHub issues 10 unique access tokens - one per connection. When any of those apps reloads, Qlik Sense uses the matching employee's access token to pull their data. Without the correct token, GitHub rejects the request.

 

Access Token Security

Since the access tokens are used by Qlik web connector to access employee's GitHub data, these access tokens must be protected. They can't just be laying around on the server in plaintext.

To protect access tokens, an encryption key is created and installed. The encryption key is used to encrypt access tokens before they are written to your Qlik Sense server's hard drive. This ensures that even if someone will get access to the access tokens, they still won't be able to connect to and read employees' GitHub data.

263 Views
0 Likes