Skip to main content
Woohoo! Qlik Community has won “Best in Class Community” in the 2024 Khoros Kudos awards!
Announcements
Nov. 20th, Qlik Insider - Lakehouses: Driving the Future of Data & AI - PICK A SESSION
cancel
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable

how to assign dynamic login/access pass in QS?

Hello Experts,

1) What is the difference between login access rule and user access rule?

2) How can I assigned dynamic login/access passes in QlikSense?

3) What is the difference between Audit, content, security and deployment admins?

BR,

Anta

1 Solution

Accepted Solutions
marcohadiyanto
Partner - Specialist
Partner - Specialist

Hi Anta,

1. Different between user access rules and login access rules

User access rules

A user access rule defines which users that will automatically be assigned user access when logging in.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/user-access-rules.htm

Login access rules

One token equals a predefined amount of login access passes. The login access allows a user to access streams and apps for a predefined amount of time. This means that a single user may use several login access passes within a day. You create security rules specifying which users the login access is available for.

When you delete a login access (group), tokens are released immediately if the login access contains enough unused login access passes. The number of tokens that are released is dependent on the number of used login access passes. Used login access passes are not released until 28 days after last use. For example: If you allocated tokens giving 1000 login access passes to a group, they cannot use more than 1000 login access passes over 28 days. Also, if 100 login access passes are consumed on day 1, the 100 are available again on day 29. If no access passes are in use then all tokens assigned to the login access instance will be released when it is deleted.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/login-access-rules.htm

3. Different roles for admin

The AuditAdmin has read access to all resources from the audit page. The SecurityAdmin has read rights on server node configuration.

As RootAdmin or SecurityAdmin you have the possibility to create new roles to suit your purposes.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/default-administration-ro...

Regards

View solution in original post

4 Replies
marcohadiyanto
Partner - Specialist
Partner - Specialist

Hi Anta,

1. Different between user access rules and login access rules

User access rules

A user access rule defines which users that will automatically be assigned user access when logging in.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/user-access-rules.htm

Login access rules

One token equals a predefined amount of login access passes. The login access allows a user to access streams and apps for a predefined amount of time. This means that a single user may use several login access passes within a day. You create security rules specifying which users the login access is available for.

When you delete a login access (group), tokens are released immediately if the login access contains enough unused login access passes. The number of tokens that are released is dependent on the number of used login access passes. Used login access passes are not released until 28 days after last use. For example: If you allocated tokens giving 1000 login access passes to a group, they cannot use more than 1000 login access passes over 28 days. Also, if 100 login access passes are consumed on day 1, the 100 are available again on day 29. If no access passes are in use then all tokens assigned to the login access instance will be released when it is deleted.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/login-access-rules.htm

3. Different roles for admin

The AuditAdmin has read access to all resources from the audit page. The SecurityAdmin has read rights on server node configuration.

As RootAdmin or SecurityAdmin you have the possibility to create new roles to suit your purposes.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/default-administration-ro...

Regards

Not applicable
Author

What message do users see when they have consumed all token passes? can we proactively mitigate this situation i.e. senior excs seeing login failure message

marcohadiyanto
Partner - Specialist
Partner - Specialist

Hi Tauqeer,

The message similiar to this 'you don't have allocated token'

Regarsd

Not applicable
Author

Hi Marco,

Many thanks. I assume security admins can set the alerts or monitor the token usage through QMC. The situation we want to avoid is senior execs not being able to log in.

Regards