Qlik Community

New to Qlik Sense

Discussion board where members can get started with Qlik Sense.

annu181818
New Contributor

How to apply user specific security in Qlik Sense?

Hi,

I am new to Qlik sense. I have got a new project in which I am supposed to show the data and dashboard(Sales Analysis) for Global Account Managers (GAM) across the world working for the company. I have successfully prepared the visualisations using Netezza as the data source. But I am stuck in applying custom securities wherein I am supposed to make it visible to the GAM for his accounts data only using/capturing his/her windows/login credentials. As the global data is confidential and everyone is not supposed to see anyone else's accounts data.

Is there any way to apply this kind of security for data/visualisations in Qlik Sense.

I just want the data and visualisations specific to the user, so that no one is able to see others' data. But at the same time, few people (including Company Heads/ Creator) should have the access to the whole data set and every visualisation.

Kindly help me in this regard. I have included a separate table in one section, which includes list of all the users along with their mail ids/user names and designations, who are going to use the Qlik app prepared for this project.

This is a little urgent, your quick attention/help will be highly appreciated..!! 

Thanks & Regards,

Anurag Saxena

Email : anuragsaxena2001@gmail.com

1 Solution

Accepted Solutions
DavidŠtorek
Contributor III

Re: How to apply user specific security in Qlik Sense?

Hi,

  1. AD_DOMAIN and A,B,C, SA_SCHEDULER is User Directory\User ID as in QMC Capture.JPG
  2. SA_SCHEDULER is internal Qlik Service which takes care about data load (it must have access)
  3. If field OMIT is blank it means nothing to omit. If there is name of whatever filt than given user will not see this field. If there is an asterisk it will take in account all others field mentioned here. So if it will be as following user A wil not be able to see fields NUM and ALPHA, user B NUM and user C ALPHA. (OMIT is not required you can omit it ). In adition User A sees only rows with REDUCTION value=1, user B with values 2...

"------------------------------------------

USER, AD_DOMAIN\A,1,*

USER, AD_DOMAIN\B, 2,NUM

USER, AD_DOMAIN\C, 3, ALPHA

ADMIN, INTERNAL\SA_SCHEDULER,*,

--------------------------------------------"

    4.REDUCTION (this is only placeholder) there will be name of your field based on which you want to restrict access on row level (for example Accounts). So if you define that GAM1 can see everithing related to account number GAM1, he will see only this. If some GAM hase more than one account he mast have 2 rows. If there is an asterisk it will take in account all others values mentioned here.


Section access;

ACCESS, USERID, Accounts


ADMIN, User directory\User ID,

USER, User directory\User ID,GAM1(here comes value for given manager accounts)

USER, User directory\User ID,GAM2(here comes value for given manager accounts)

USER, User directory\User ID,GAM3(here comes value for given manager accounts)


Section application;


...all your tables here...


Instead of inline table you cane use excel sheet or whatever database with fields ACCESS, USERID, Accounts

All in section access table must be in upper case. This table must be on very beginning of load script.

For more details see Section access. You can try  as in help.

6 Replies
DavidŠtorek
Contributor III

Re: How to apply user specific security in Qlik Sense?

Hi, there is specific tool called Section Access.

You can use inline table or whatever source for this purpouse (table in excel, database...)

On very beginning of scrip insert following:

section access;

LOAD * inline [

ACCESS, USERID,REDUCTION, OMIT

USER, AD_DOMAIN\ADMIN,*,

USER, AD_DOMAIN\A,1,

USER, AD_DOMAIN\B, 2,NUM

USER, AD_DOMAIN\C, 3, ALPHA

ADMIN, INTERNAL\SA_SCHEDULER,*,

];

section application;

or

section access;

LOAD

ACCESS, USERID,REDUCTION, OMIT

from [lib:\\...]...;

section application;

ACCESS is type of access USER (sees only rows defined for him) or ADMIN (sees all)

USERID stands for User directory\user ID (as in QMC)

REDUCTION (this should be name of field based on whcich you want to restrict access e.g. cost center,site code...) and its values should be in UPPER CASE (same as in table in data model where this field is) - you restrict rows (if some user should be able to see more e.g. cost centers you have to make special row for each value in section access table for him)

OMIT is not required, you restrict whole fields

Make sure all your tables are properly connected because section access work on same asociative relation principle.

Hope it helps

annu181818
New Contributor

Re: How to apply user specific security in Qlik Sense?

Hi David,

Many thanks for the support. I will definitely try this, but a little confused in few things in your answer.

Please consider the below code :

"------------------------------------------

USER, AD_DOMAIN\A,1,

USER, AD_DOMAIN\B, 2,NUM

USER, AD_DOMAIN\C, 3, ALPHA

ADMIN, INTERNAL\SA_SCHEDULER,*,

--------------------------------------------"

and kindly reply for these points related to the above script mentioned :

1) What does AD_DOMAIN stands here ?
2) For what you have used A, B, C, SA_SCHEDULER .... after AD_DOMAIN, I mean what should be there in my case e.g. userIDs or something ?

3) In line 1 there is a blank after "1,", but in other lines what is the significance of using NUM, ALPHA  and * ?

4) And if I am supposed to restrict few things for a particular user, what should I use in place of '*' in OMIT Column.

You can refer below values on basis of which I am supposed to apply securities:

ACCESS,                             USERID,                       REDUCTION,                             OMIT


ADMIN(full access),             ABC1,                        NULL (no security)                       NULL (nothing to OMIT) 

User                                    AB1                           GAM1 (to his specific               Other GAM's accounts
                                                                              accounts only)


User                                    AB2                           GAM2 (to his specific               Other GAM's accounts

                                                                              accounts only)

.

.

.

.

*GAM : here it refers to as Global Account Manager. !

As I am very New to Qlik sense, please tell me how to implement the security basis above details.

I will wait for your reply David, request you to make me understand this..!!

Many Thanks,

Anurag Saxena

vlad_komarov
Valued Contributor III

Re: How to apply user specific security in Qlik Sense?

DavidŠtorek
Contributor III

Re: How to apply user specific security in Qlik Sense?

Hi,

  1. AD_DOMAIN and A,B,C, SA_SCHEDULER is User Directory\User ID as in QMC Capture.JPG
  2. SA_SCHEDULER is internal Qlik Service which takes care about data load (it must have access)
  3. If field OMIT is blank it means nothing to omit. If there is name of whatever filt than given user will not see this field. If there is an asterisk it will take in account all others field mentioned here. So if it will be as following user A wil not be able to see fields NUM and ALPHA, user B NUM and user C ALPHA. (OMIT is not required you can omit it ). In adition User A sees only rows with REDUCTION value=1, user B with values 2...

"------------------------------------------

USER, AD_DOMAIN\A,1,*

USER, AD_DOMAIN\B, 2,NUM

USER, AD_DOMAIN\C, 3, ALPHA

ADMIN, INTERNAL\SA_SCHEDULER,*,

--------------------------------------------"

    4.REDUCTION (this is only placeholder) there will be name of your field based on which you want to restrict access on row level (for example Accounts). So if you define that GAM1 can see everithing related to account number GAM1, he will see only this. If some GAM hase more than one account he mast have 2 rows. If there is an asterisk it will take in account all others values mentioned here.


Section access;

ACCESS, USERID, Accounts


ADMIN, User directory\User ID,

USER, User directory\User ID,GAM1(here comes value for given manager accounts)

USER, User directory\User ID,GAM2(here comes value for given manager accounts)

USER, User directory\User ID,GAM3(here comes value for given manager accounts)


Section application;


...all your tables here...


Instead of inline table you cane use excel sheet or whatever database with fields ACCESS, USERID, Accounts

All in section access table must be in upper case. This table must be on very beginning of load script.

For more details see Section access. You can try  as in help.

annu181818
New Contributor

Re: How to apply user specific security in Qlik Sense?

Much appreciated David, I am done with the Security Piece in Qlik sense app.

Many thanks for the support..!!

DavidŠtorek
Contributor III

Re: How to apply user specific security in Qlik Sense?

Glad to help

If answer help you please mark it as correct