Qlik Community

New to Qlik Sense

Discussion board where members can get started with Qlik Sense.

avipathak06
New Contributor III

how to assign dynamic login/access pass in QS?

Hello Experts,

1) What is the difference between login access rule and user access rule?

2) How can I assigned dynamic login/access passes in QlikSense?

3) What is the difference between Audit, content, security and deployment admins?

BR,

Anta

Tags (1)
1 Solution

Accepted Solutions
chooco_co
Valued Contributor

Re: how to assign dynamic login/access pass in QS?

Hi Anta,

1. Different between user access rules and login access rules

User access rules

A user access rule defines which users that will automatically be assigned user access when logging in.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/user-access-rules.htm

Login access rules

One token equals a predefined amount of login access passes. The login access allows a user to access streams and apps for a predefined amount of time. This means that a single user may use several login access passes within a day. You create security rules specifying which users the login access is available for.

When you delete a login access (group), tokens are released immediately if the login access contains enough unused login access passes. The number of tokens that are released is dependent on the number of used login access passes. Used login access passes are not released until 28 days after last use. For example: If you allocated tokens giving 1000 login access passes to a group, they cannot use more than 1000 login access passes over 28 days. Also, if 100 login access passes are consumed on day 1, the 100 are available again on day 29. If no access passes are in use then all tokens assigned to the login access instance will be released when it is deleted.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/login-access-rules.htm

3. Different roles for admin

The AuditAdmin has read access to all resources from the audit page. The SecurityAdmin has read rights on server node configuration.

As RootAdmin or SecurityAdmin you have the possibility to create new roles to suit your purposes.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/default-administration-ro...

Regards

4 Replies
chooco_co
Valued Contributor

Re: how to assign dynamic login/access pass in QS?

Hi Anta,

1. Different between user access rules and login access rules

User access rules

A user access rule defines which users that will automatically be assigned user access when logging in.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/user-access-rules.htm

Login access rules

One token equals a predefined amount of login access passes. The login access allows a user to access streams and apps for a predefined amount of time. This means that a single user may use several login access passes within a day. You create security rules specifying which users the login access is available for.

When you delete a login access (group), tokens are released immediately if the login access contains enough unused login access passes. The number of tokens that are released is dependent on the number of used login access passes. Used login access passes are not released until 28 days after last use. For example: If you allocated tokens giving 1000 login access passes to a group, they cannot use more than 1000 login access passes over 28 days. Also, if 100 login access passes are consumed on day 1, the 100 are available again on day 29. If no access passes are in use then all tokens assigned to the login access instance will be released when it is deleted.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/login-access-rules.htm

3. Different roles for admin

The AuditAdmin has read access to all resources from the audit page. The SecurityAdmin has read rights on server node configuration.

As RootAdmin or SecurityAdmin you have the possibility to create new roles to suit your purposes.

https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/default-administration-ro...

Regards

Not applicable

Re: how to assign dynamic login/access pass in QS?

What message do users see when they have consumed all token passes? can we proactively mitigate this situation i.e. senior excs seeing login failure message

chooco_co
Valued Contributor

Re: how to assign dynamic login/access pass in QS?

Hi Tauqeer,

The message similiar to this 'you don't have allocated token'

Regarsd

Not applicable

Re: how to assign dynamic login/access pass in QS?

Hi Marco,

Many thanks. I assume security admins can set the alerts or monitor the token usage through QMC. The situation we want to avoid is senior execs not being able to log in.

Regards