Skip to main content
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable

How to acces to X-Qlik-Session cookie

Hello, 

We're trying to connect to the QRS API trough web browser using Ticket auth. To do it, we need to get the ticket (done) and pass the generated session cookie to every request we make. The problem comes when the cookie is in a different subdomain than our web application, because we can't get it. 

The first solution we tried to implement was to add a stub file within our qlik server and load it inside an iframe of our application who could get the cookie and give back it's value through a window post message. The problem is that the cookie is protected (htmlonly) and we can't read it's value using javascript. 

What else can we do to be able to connect to the QRS API? There is another way to get the cookie value or even to not to use it?

Labels (3)
1 Reply
teemusalo
Contributor II
Contributor II

Hi,

a bit late to answer but maybe you or someone else can find some help in this.

It's unclear to me how you can get the X-Qlik-Session cookie from a different subdomain than your QRS is, and presumably that's where the whole Qlik Sense server is also located.

I'm no expert on creating Qlik cookies, but one way to circumvent your subdomain problem is to use a reverse proxy. This middle-server could act as a gateway to different subdomains. The browser should send it's cookies every time since it cannot see where the request is connected after the first step.

More on reverse proxy can be found here: https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/

Sincerely,
Teemu