Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Data Integration & Quality
Forums for Qlik Data Integration solutions. Ask questions, join discussions, find solutions, and access documentation and resources
Explore Qlik Gallery
Qlik Gallery is meant to encourage Qlikkies everywhere to share their progress – from a first Qlik app – to a favorite Qlik app – and everything in-between.
About Qlik Community
Get started on Qlik Community, find How-To documents, and join general non-product related discussions.
Qlik Resources
Direct links to other resources within the Qlik ecosystem. We suggest you bookmark this page.
Qlik Academic Program
Qlik gives qualified university students, educators, and researchers free Qlik software and resources to prepare students for the data-driven workplace.
Recent Blog Posts
-
Managing your Analytics lifecycle in Qlik Cloud Analytics - UPDATE!
Introduction The majority of customers use some form of software development lifecycle in their organizations. When moving to SaaS customers are somet... Show MoreIntroduction
The majority of customers use some form of software development lifecycle in their organizations. When moving to SaaS customers are sometimes unsure of if or how to apply these techniques to a Qlik Cloud Analytics tenant.
We will explore some of the technical processes that need to occur within or interacting with a Qlik Cloud Analytics tenant as part of a software development lifecycle. We look at a number of areas including setting up your tenant in a way that supports your SDLC, encouraging re-use, building context aware applications, and many other topics. Qlik Cloud Analytics runs on Qlik Cloud, Qlik’s SaaS platform for our customer’s data analytics and data integration needs. We see customers being able to manage their entire data landscape and are continually expanding our cloud offerings. We have introduced new services such as Data Integration, Application Automation, Machine learning and AI, as well as adding many new features to Qlik Cloud Analytics. While there are many other areas where Qlik Cloud can be integrated into your SDLC, this document will focus on Qlik Cloud Analytics.
The aim of this document is not to provide a strict SDLC process for customers to follow, rather it aims to provide examples of how SDLC processes could work in a Qlik Sense Enterprise SaaS environment. We encourage you to implement or amend the parts or this you need so Qlik Sense Enterprise SaaS fits into your organization.
Read it all in the PDF attached in this post.
-
Creating a write back solution with Qlik Cloud is now possible!
Static, read-only dashboards are a thing of the past compared to what's possible now in Qlik Cloud. ‘Write back’ solutions offer the ability to input... Show MoreStatic, read-only dashboards are a thing of the past compared to what's possible now in Qlik Cloud.
‘Write back’ solutions offer the ability to input data or update dimensions in source systems, such as databases or CRMs, all while staying within a Qlik Sense app.
The solution incorporates both Qlik Cloud and Application Automation to enable users to input data from a dashboard or application and run the appropriate data refresh across the source system as well as the analytics.
Example Use Cases:
- Ticket/ Incident Creation
- Create Ticket or Incident in JIRA or ServiceNow.
- Data Changes
- Update Deals/Accounts in a CRM like HubSpot or Salesforce.
- Data Annotations
- Add a comment to or more records in a source system.
This new feature is possible with all of the connectors located in Application Automation, including:
- CRMs like HubSpot or Salesforce
- Databases like Snowflake, Databricks, Google Bigquery
- SharePoint
- and more!
Below you can see technical diagram based around using Application Automation for a write back solution.
The ability to write back in Qlik Cloud is a game changer for customers who want to operationalize their existing Qlik Sense applications to enhance decision making right inside an app where the analytics live. This not only streamlines business processes across an ever-growing data landscape, but it also enables users to to act in the moment. With Application Automation powering the write back executions, customers can unlock more value across their data and analytics environment.
To learn more for a more ‘hands-on tutorial’ please see video here.
- Ticket/ Incident Creation
-
Hot Wheels Card Game
Hot Wheels Card GameBildenThis application was built with the aim of practicing and exploring the possibilities of Layout Container in QlikSense. The ... Show MoreHot Wheels Card GameBilden
This application was built with the aim of practicing and exploring the possibilities of Layout Container in QlikSense. The card game has a similar mechanic to the game Top Trumps, where the player chooses an attribute of his card and compares it with that of his opponent. It is not an application for commercial use, although many of the resources used have applications in real analytical dashboards, such as modal pop-ups, logic control in variables and others. I tried to make the most of the new features made available in the latest updates, such as the Layout Container, border customizations, shadows and component background images.
Discoveries
Flexibility and countless visualization possibilities with Layout Container and new features from Qlik
Impact
New ways to build interfaces, using knowledge of visual resources improved in this application
Audience
Mainly Qlik developers, but also any enthusiast of the tool who is interested in new possibilities
Data and advanced analytics
As the focus of this application is the visual part, there is no relevant data or insight to highlight.
-
Qlik now supports HIPAA requirements for US Healthcare
Qlik is excited to announce that we have recently completed our SOC2 Type 2 + HITRUST attestation in addition to releasing Customer Managed Keys, an a... Show MoreQlik is excited to announce that we have recently completed our SOC2 Type 2 + HITRUST attestation in addition to releasing Customer Managed Keys, an advanced encryption offering for customers hosting data in Qlik Cloud. These additional levers of governance enable Qlik Cloud to now host Personal Health Information (PHI), subject to HIPAA requirements, and enable Qlik to enter into a Business Associate Agreement (BAA) with customers.
Qlik has invested heavily to support our customers through their journey into the cloud and this achievement illustrates Qlik’s commitment to ensure customers feel safe deploying their data into Qlik Cloud. Now US Healthcare customers can benefit from all of the advantages of Qlik Cloud like automation and AutoML with the peace of mind that compliance is fulfilled.
Advanced Data Encryption
We launched Customer Managed Keys, a security offering in Qlik Cloud which allows customers to bring their own encryption keys (BYOK) to protect the data stored at rest in their Qlik Cloud tenant.
Customers can now host PHI and sensitive data in Qlik Cloud with trust and take advantage of SaaS and the full potential of Qlik Cloud. US Healthcare organizations can leverage the power of Qlik Cloud to enhance patient outcomes, improve service delivery, and close the gaps between data insights and actions.
To learn more about Customer Managed Keys, watch the video here.
Summary
Qlik Cloud delivers enterprise data integration and world-class analytics into a single platform and through our advanced encryption services we can support customers become data-driven and navigate their HIPAA compliance requirements.
To learn more about Qlik Cloud for US Healthcare, visit our website.
-
Calculated Fields
Normally, new fields are created in the script and stored as additional columns in the data model. Just write your expression inside a Load statement ... Show MoreNormally, new fields are created in the script and stored as additional columns in the data model. Just write your expression inside a Load statement and you’re done:
But you can also do the same thing in the user interface, and then it could look like this:
So, which way should you do it?
Generally, I would say that you should put as much as possible in the script. In most cases, it is far better to have these calculations pre-made, so that they do not have to be calculated at run-time, i.e. when the user clicks.
The Qlik Engine has two fundamentally different ways to calculate such expressions: As “Calculated dimension” or as “Field-on-the-fly”. The engine automatically decides how a specific calculation should be made, depending on the expression.
Fields-on-the-fly
This method was introduced in one of the early versions of Qlik Sense. As the expression is evaluated, the engine creates an additional column in the data model, with a corresponding symbol table. Just as for a real field, the selection is stored in state vectors linked to this column.In the picture below you can see a table dimension defined as “=Year(Date)”, which results in four rows.
Now look at the selection bar: When a selection is made, the corresponding year is selected in the Field-on-the-fly called “=Year(Date)” – a field that does not exist in the original data model. And in the selection bar you can see that the selection is indeed stored in this “virtual” field, and not in the Date field.
Calculated dimensions
This is the old-fashioned way, and this is how QlikView still today does it. In the example below, the table dimension is “=Aggr(Year(Date),Date)” and it also results in four rows. Logically, this expression is equivalent to the above one.But here the selection is instead made in in the underlying field: in the Date field.
It is always possible to create a Calculated dimension, no matter what the expression looks like. But the same is not true for Fields-on-the-fly. There are limitations to when they can be generated:
- The expression must be based on one single field only, or on multiple non-key fields from the same table in the data model
- The expression cannot depend on the selection state, e.g. through the GetSelectedCount() function
- The expression cannot contain an Aggr() function
If a Field-on-the-fly cannot be generated, the expression will be evaluated as a Calculated dimension instead.
Performance
Both Calculated dimensions and Fields-on-the-fly can cause performance problems, so it is a good idea to consider moving them to the script instead. Fields-on-the-fly can almost always be moved to the script.For Fields-on-the-fly, the performance problems become especially severe if the underlying field has many distinct values. A common example is when calendar functions like Year and Month are used on a timestamp with millions of distinct values, rather than on a date with fewer values, like 2 x 365 dates. Further; since Fields-on-the-fly are added to the data model, and the hash of the data model is used in the ID of the cache entry, Fields-on-the-fly can prevent the cache from being re-used properly.
To improve the performance, Master dimensions containing Fields-on-the-fly are now (since Nov 2019) calculated already when the first user opens the app, something which can increase the time it takes to open a document. On the other hand, this will improve the response time considerably in the analysis phase, as well as mitigate cache problems, so we are confident that this is a correct decision. Hence, put your Fields-on-the-fly in the Master dimensions!
Should you want to tweak the behavior of the engine, you can always try the following:
- Using “UseAutoFieldOnTheFly=0” in Settings.ini will disable Fields-on-the-fly for all documents served by the engine
- Using “Set QlikInternalDisableFotfMode=1;” in the script will disable Fields-on-fly in the app
- Using “Set QlikInternalDisableFotfPregen =1;” in the script will prevent Fields-on-fly from being pre-calculated when the app is opened
- Wrapping the expression in “=CalcDim(…)” will force it to be a Calculated dimension
But most importantly - don't use a timestamp to create your calendar! Use a date instead:
Good luck!
HIC
Read also in Calculated Fields in Qlik Data Analytics .
-
Qlik Cloud 5月の新機能
分析の新機能 テーブルの画像表示 ビジュアライゼーション バンドルの新しいストレート テーブルとピボット テーブルに画像を埋め込むことができるようになりました。画像はメディア ライブラリまたは URL から取得できます。 データロードエディターの改善 データロードエディターのスクリプト編集機能... Show More分析の新機能
テーブルの画像表示
ビジュアライゼーション バンドルの新しいストレート テーブルとピボット テーブルに画像を埋め込むことができるようになりました。画像はメディア ライブラリまたは URL から取得できます。
データロードエディターの改善
データロードエディターのスクリプト編集機能が改善されました。
スクリプトエディターと同様に、データプレビュー機能やビジュアルウィザードが追加され、Storeステートメントの記述やQVSファイルのインクルードが容易になりました。また、サイズ変更可能なパネルや、インクルードされたQVSファイルの内容をプレビューできるようになるなど、使いやすくなっています。
カタログ上のシートへのリンク
カタログ上にシートへのリンクを貼り付けることができるようになりました。
自動化のための接続を共有
共有スペースで自動化接続を作成および管理し、テナントの他のユーザーが自動化を作成する際に、これらの接続を使用できるよう許可します。
詳細については、Qlik Community: Shared automation connectionsを参照してください。
自動化で共有接続を構成するには、自動化エディターの右側のブロック構成メニューのConnectionタブを開きます。ここにSelect Space のフィルターが追加されています。ここで選択したスペースで、接続を共有して使用できるようになります。作成した共有接続は管理コンソールの自動化セクションで、スペースを移動したり、所有者を変更したりすることができます。
今後、共有スペースで自動化を作成できるようになる予定です。
ゲートウェイー直接アクセス 新バージョン 1.6.6
- ServiceNowアクセスのサポート
アウトバウンド、暗号化、および相互認証接続を介して安全にファイアウォールで保護されたデータソースに接続 - 新しい認証方法のサポート
Azure Synapse Analytics: Azure OAuthとAzure Active Directory
Azure SQL Database: Azure OAuthとAzure Active Directory
Snowflake: Oauth
Databricks: Azure Oauth
MongoDB: SCRAM-SHA-256 および LDAP - ODBCコネクタ使用時のメタデータのページング機能強化
10,000以上のテーブルが取得される場合、タイムアウトを防ぐために10,000のバッチでテーブルが取得されます。 - .NET 8.xの要件
このバージョンから、Direct Accessゲートウェイを使用するには、.NET 6と.NET 8.xの両方をインストールする必要があります。 - サポート性の向上
トラブルシューティングのために、Direct Accessゲートウェイのリクエストの継続時間を測定するロギングが追加されました。
データ統合の新機能
Qlik Data Gateway - Data Movement 2023.11.11
- 日本リージョンをサポートします。
- メタデータの並列抽出:複数のテーブルのメタデータを同時に取得
- ランディングタスクとレプリケーションタスクの監視情報の更新が60秒ごとから10秒ごとに短縮
その他問題解決しています。
※ 日本リージョンを利用する場合は、Data Movement 2023.11.11 以降をご使用ください。
管理者向けの新機能
アプリシートの使用状況の把握
2024年5月28日より、下記のイベントが管理コンソールと、監査APIのイベントセクションに表示されています。アプリでシートが表示される都度ログに記録されます。
com.qlik.v1.analytics.analytics-app-client.sheet-view.opened
その他
- 7月13日から管理コンソールのイベントに「com.qlik.user-identity.impersonation」が表示されなくなります。
- ServiceNowアクセスのサポート
-
P&L Pivot Chart Extension
Several years ago, I blogged about how I used IntervalMatch to create a profit and loss statement. Now that Qlik Sense has the P&L Pivot chart extensi... Show MoreSeveral years ago, I blogged about how I used IntervalMatch to create a profit and loss statement. Now that Qlik Sense has the P&L Pivot chart extension in the visualization bundle, I decided to test out the extension to see how it may help create a P&L report in Qlik Sense. This blog will review some of my findings and what was involved to create the P&L Pivot chart shown below.
The P&L Pivot chart extension provides a lot of properties that allow you to change the style and coloring in the chart. You can find a complete list of the properties here in Qlik Help. The chart above uses one dimension and 6 measures but I could have used up to 9 measures with my single dimension or used 2 dimensions and up to 8 measures. After loading the data into Qlik Sense, my next step was to create a style template that I could use to handle the formatting of the chart. Here is a snapshot of the template in Excel:
I added a header row so that I could easily see what options I could set but it is not required and can be omitted. In the styling template, Column A should include the data that is in the first dimension of the chart you will be applying the template to. Note that this data is case sensitive. The other columns have the various styles that can be modified via the template.
Here is an example of the same template in a CSV file.
If a template is used, it needs to be loaded via the script. Here is how you can load the Excel and CSV versions of the templates:
Excel:
CSV:
The key in both scripts is that the entire template needs to be loaded into one field which can later be selected from the Style template field drop down in the Properties window of the P&L Pivot chart. In the Excel script, the styles are concatenated into one field separated by semi-colons. In the CSV file, the file format is set to Fixed record to load all the data into one field. Note that the name that you give the field in the script will be the template name you select from the Style template field drop down.
Each row of the template should have this format:
DimensionValue;Bold;Background;FontStyle;TextColor;Align;FontSize;Comment
- DimensionValue is the data value of the dimension in the row that you would like the change
- Bold is used to bold the text in a row
- Background is used to set the background color of a row
- FontStyle is used to change the font style of a row to italic or oblique
- TextColor is used to change the default black font color of a row to white
- Align is used to set the alignment to center
- FontSize is used to change the font size of a row
- Comment is used to replace all zeros with a space
Check Qlik Help to see the default and styling options that are available in the styling template.
There are many additional properties that can be set in the properties window of the P&L Pivot chart extension. I kept many of the defaults but here are some that I changed. In the Table Format section of the Properties, I checked Indent to indent the P&L Heading. The columns can be narrow so I moved the Column width slider all the way to the right, (for max width), and changed the Font family so that I could see as much of the numeric values in the chart as possible. I tweaked the header coloring in the Header format section. I opted not to color variances below 0% red because then I would lose some of my styling template changes. While I used a styling template in my example, you do not have to. The P&L Pivot chart extension can be styled via the Properties window without using a template.
The P&L Pivot chart extension provides a ton of styling options that can be used to easily make your profit and loss statement looks exactly the way you want. It is worth checking out or you can watch this video to learn more.
Thanks,
Jennell
-
Connector Factory - May and June 2024 releases
Qlik Data Integration Additional SaaS application connectors We’re continuing to expand the connectivity of Qlik Cloud Data Integration with the ad... Show MoreQlik Data Integration
Additional SaaS application connectors
We’re continuing to expand the connectivity of Qlik Cloud Data Integration with the addition of three more business applications that can now be used as a data source. By eliminating the need for custom connectors to access these sources, Data Engineer productivity is increased and Data Consumer’s time to insight is decreased. The new connectors are for:
- Anaplan, which provides business planning software
- Oracle Fusion, a suite of applications built on Oracle Cloud
- Oracle Fusion Project Management, which is used to manage project deliveries.
Qlik Replicate
The May 2024 release of Qlik Replicate delivered a number of improvements related to connectivity with Snowflake, Databricks, SAP, AWS and Microsoft Azure. You can find out more about these enhancement in this blog.
Qlik Data Analytics
Updated DynamoDB Connector
This connector has been updated to be based on ODBC instead of JBDC. The Qlik DynamoDB connector now also supports authentication using AWS IAM credentials (access key & secret key) or a credentials file. Note that the previous JDBC-based Qlik DynamoDB connector will continue to be supported until the end of July 2024.
Learn more about the DynamoDB connector.
New version of Direct Access gateway
The Qlik Data Gateway - Direct Access allows Qlik Sense SaaS applications to securely access behind-the-firewall data, over a strictly outbound, encrypted, and mutually authenticated connection.
In May, we released Direct Access gateway 1.6.6 which introduced the following enhancements and new functionality:
- Support for accessing ServiceNow via the Direct Access gateway
- Support for Azure Active Directory authentication when using the Azure Synapse Analytics and Azure SQL Database Connectors.
- Support for Azure OAuth authentication when using the Azure Synapse Analytics, Azure SQL Database and Databricks Connectors.
- Support for OAuth authentication when using the Snowflake Connector
- Support for SCRAM-SHA-256 and LDAP authentication when using the MongoDB Connector
- Enhanced metadata paging when working with ODBC connectors
- Additional logging to improved supportability
You can learn more about the Gateway here.
Qlik Application Automation
Sharing Automation Connections
Users can now create and manage automation connections in shared spaces. You can find out more about this new capability in this blog.
-
【7/10(水)14:00 開催】SAP データ活用の課題解決 Web セミナー
生成 AI の業務への組み込みは、DX のさらなる推進という従来からの取り組みと共に、多くの企業での喫緊の課題となっています。そしてその根幹にあるのはデータ活用であることは言うまでもありません。 その中でも生産・流通・財務・人事など主要業務システムの根幹でもある SAP データの活用は多くの企業が望... Show More生成 AI の業務への組み込みは、DX のさらなる推進という従来からの取り組みと共に、多くの企業での喫緊の課題となっています。そしてその根幹にあるのはデータ活用であることは言うまでもありません。
その中でも生産・流通・財務・人事など主要業務システムの根幹でもある SAP データの活用は多くの企業が望んでいます。Qlik は、これまでに数多くの SAP ユーザー様との対話を重ね、SAP データ活用の課題の理解に努め、さまざまな解決策をご提案してまいりました。
本 Web セミナーではこれらを集大成し、SAP ユーザーの皆さまが抱える課題を整理し、最適なソリューションと顧客事例をご紹介します。SAP の運用に関わる方だけでなく、SAP データをさらに活用したいビジネスユーザーの方、SAP の投資効果を高めたい経営部門のご参加をお待ちしています。
※参加費無料。パソコン・タブレット・スマートフォンで、どこからでもご参加いただけます。
今すぐ申し込む
【開催概要】
日時:2024年 7月 10日(水)14:00 - 15:00
会場:オンライン
参加費:無料 -
Welcome Talend Members!
Welcome Talend Community members to the Qlik Community! We are so DELIGHTED to have you be a part of the Qlik family and Qlik Community! Our Community... Show MoreWelcome Talend Community members to the Qlik Community!
We are so DELIGHTED to have you be a part of the Qlik family and Qlik Community! Our Community is a place to ask questions, find solutions, engage with other members and employees, and so much more. We would like to take this time to show you around and help you acclimate to your new surroundings.
Before we start showing you the ropes, a very important note:
YOUR ACTION IS REQUIRED!
Please register (click 'Sign Up' underneath the login form) for the Qlik Community by creating a Qlik Account. You MUST use the same email address used to register on the Talend Community. This will ensure your activity from the Talend Community persists within the Qlik Community.
If you do not remember the email address you signed up with or do not see your previous activity, please reach out to qlikcommunityadmins@qlik.com.
If you are a member of both Communities, your accounts should merge into one. If this is not what you experienced, please reach out to qlikcommunityadmins@qlik.com.
Participating in the Discussions
The Talend forums can be found by going to Forums > Data Integration. Here you will find a section called, ‘Formerly Talend’. The board names have remained the same to ensure a seamless experience. All posts have been brought over, as well as any attachments, embedded links, and likes (kudos).
Searching the Knowledgebase
Members of the Support and Digital Experience team have been hard at work, combing through the Talend articles checking validity and updating the content to ensure the latest and greatest information is at your fingertips. About 900 articles are available in the Community, with more on the way!
The articles can be found under Support > Knowledge > Official Support Articles.
Use the search bar to find articles using key terms, phrases, error messages, etc.
Filter the results using the facets on the left of the search results. Filter by 'Product' or 'Labels by Topic' to find what you are looking for.
The remaining articles will be added within the next couple of weeks. If there is anything you need and do not see, please let us know. Also in the coming weeks, redirects will be added to accommodate any saved bookmarks.
Creating Support Cases
Combining the two Communities is one amazing step towards integrating the two companies. The Support Portals will remain separate for the time being, which requires Authorized Support Contacts to continue to use the Talend Support portal to create cases.
Existing articles can still be found in the Support portal; however, they will only be maintained in the Qlik Community.
Viewing My Profile
All members that have logged in since January of 2019, were brought into the Qlik Community. Please note: if you registered for the Talend Community on or after January 11, 2024, your user will not be in the Qlik Community.
To get to your profile, click on the avatar in the top right corner and click “My Profile”.
The profile will display any recent conversations you participated in and show your current rank plus any badges earned. It will also display stats such as the number of posts, solutions accepted, likes given and likes received.
Your rank will replace the points you earned in the Talend Community. The more active you are, the higher the rank you will achieve. Learn more about ranks in the Qlik Community here.
Badges earned have been replaced with the Qlik Community badges. The two systems were very similar with badging, so you should mostly see the same badges.
Please note: badges will not appear on your profile until you log into the Qlik Community.
Learn more about Qlik Community
Here are some helpful resources to learn more about Qlik Community:
- Do’s and Don’ts for all Community members
- How to view and update your profile
- How to update your notification settings plus
- Subscribing in the Qlik Community
For more useful content about Qlik Community, see Get Started and Suzy’s Tips.
Where to ask questions about Qlik Community
We know this is a big change, but we hope an exciting one! If you should have any questions about Qlik Community, please do not hesitate to reach out to us. You can find us at the Water Cooler.
This is a lot of information all at once so please let us know in the comments below or in the Water Cooler what questions you have. We are here to help you through this transition.
Welcome again, we are thrilled to have you here!
Your Qlik Community Admins,
Melissa, Sue, Jamie, and Nicole
@Melissa_Potvin @Sue_Macaluso @Jamie_Gregory @nicole_ulloa
-
Quick and Easy Dashboard Makeover
The Original Let’s face it, the original dashboard was boring. It was just a plain, functional dashboard with no “Wow“ factor. My goal for this makeov... Show MoreThe Original
Let’s face it, the original dashboard was boring. It was just a plain, functional dashboard with no “Wow“ factor. My goal for this makeover was to add some character to the dashboard.
Step 1: Find a color palette
The color palette that I decided on was on the green scale. Here are the colors that I used:
Sheet Background: #3d6666
Chart Background: #578080
Font color: #ffffff
Step 2: Change the sheet background color
- In Edit Sheet mode, click on the sheet background to open up the Sheet Properties panel
- Select Styling from the Sheet Properties panel
- Toggle off the Background – Auto icon to show Custom
- Select the Background color dropdown and enter the hex code that you would like to use
Step 3 – Chart Styling
Much of the work is done this section. The way I approached this was to style one chart and then use the copy/paste style function to bring the other charts to life with the new chart properties.
Note: When copy and pasting styles between chart types, there may be some additional editing needed to update all the chart characteristics. I started with the Profitability by Clinician bar chart.
- First, we need to change the bars to white by selecting it in the Properties Panel > Colors and Legends
- Next, we need to edit the other chart properties by opening the Styling Properties
- We make the changes in the General section first.
- Change the text color of the Title, Subtitle, and Footnote: #ffffff
- Change the background color to our new chart background color: #578080
- Change the color of the border to the sheet background color: #3d6666
- Change the corner radius to 7px
- Change the shadow to medium
- We now need to make the same changes to the Chart section
- Change the text color of the Axis Title, Axis Label, Value Label, Legend Title, Legend Label to #ffffff
- Here is our new chart after the changes:
- Next we need to copy/paste the new style to all of the charts by right clicking on the chart and selecting Copy Style.
- Next, we right click on the chart where we want to paste the style and select Paste style
- Once we update the characteristics of each chart, we will add grid containers to help us to layout each section of the dashboard and add in the corresponding charts to each section.
After all of the visualizations are added to the grid containers, we now have a new and improved dashboard.
Summary: With just some small changes to our color scheme and chart properties, we were able to completely transform our dashboard. With all the new features, chart types, and chart properties available to the Qlik Sense developer, the only limit to customizing a Qlik Sense app is your own imagination.
-
User.Environment.What?! - Session Attributes in Qlik Sense
Today - Jeff Goldberg is back and will introduce us to using session attributes to pass security and other information to a Qlik Sense session.Introdu... Show MoreToday - Jeff Goldberg is back and will introduce us to using session attributes to pass security and other information to a Qlik Sense session.
Introduction
Did you know with Qlik Sense security rules, it's possible to use attributes delivered to Qlik Sense Enterprise during the authentication process? Yup, it's true. While the conventional approach to using attributes is to import them using a User Directory Connector, session attributes are a flexible alternative to storing attributes in the repository to control capabilities and authorization in Qlik Sense Enterprise.
Qlik Sense supports session attributes through SAML, ticketing, and session authentication schemes. Session attributes are attributes sent in the request for access to the Qlik Sense server. The attributes are not stored in the repository, but in the user's Qlik Sense session. Session attributes can be referenced in security rules using the user.environment (e.g. user.environment.attributename) syntax. In addition, if there is an attribute named group sent to Qlik Sense using SAML, ticketing, or session, it can be used in Section Access data reduction.
Session Attributes in SAML
When you setup a SAML virtual proxy in Qlik Sense, there is an additional attributes section where you can add attribute names from the saml response sent by the identity provider, and the name you want to use in Qlik Sense. Here you can see I have a SAML integration with Okta. I have an additional attribute that comes in from Okta named Groups. In Qlik Sense I have it use the name group. The name on the left must match what is sent by the idp. The name on the right can be whatever you want it to be.
How do you identify the names of the attributes contained in the SAML response? I use SAML Message Decoder chrome extension. It's a great tool for reading through the messages sent to an IDP and sent to the Qlik Sense server.
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
Destination="https://gss.qlikpoc.com:443/okta/samlauthn/"
ID="id1026813850591869499238360"
InResponseTo="_583b079d-39d2-44ab-9824-1336e628770e"
IssueInstant="2016-12-13T14:03:23.898Z"
Version="2.0"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
<...>
<saml2 :AttributeStatement xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
<saml2 :Attribute Name="email"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml2 :AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">goldbergjeffrey@yahoo.com</saml2:AttributeValue>
</saml2:Attribute>
<saml2 :Attribute Name="groups" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml2 :AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">QlikGroup</saml2:AttributeValue>
<saml2 :AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">Everyone</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2p:Response>
In Qlik Sense, I've created a stream for members of the QlikGroup group to access in the Qlik Sense Hub. The security rule I put in place uses the user.environment.group attribute and evaluates it against the QlikGroup group value.
When I log into Qlik Sense, you see that I have access to the stream I created because in my SAML response I am a member of the QlikGroup group.
Session Attributes in Ticketing and Session
When ticketing and session authentication schemes are used session attributes are sent as part of the request. Here is a snippet from some sample code that demonstrates how to send attributes in a ticketing request. Notice that in the JSON message there is the UserDirectory and UserId properties and then the attributes property which is an array inside you specify an additional JSON object for each key value pair that's used to send an attribute to Qlik Sense.
ticket request message body
{...}
//The body message sent to the Qlik Sense Proxy api will add the session to Qlik Sense for authentication
string body = "{ 'UserId':'" + user + "','UserDirectory':'" + userdirectory +"',";
body+= "'Attributes': [{"group":"QlikGroup"},{"group":"Sales"}],";
body+= "}";
byte[] bodyBytes = Encoding.UTF8.GetBytes(body);
{...}
Once a session attribute has been sent through the ticketing or session request system those attributes are stored for the duration of the users access and are used for security rules just like in the SAML example. Let's take a quick at how this works. I'll navigate to my webpage that uses the ticketing code. Inside the ticketing code I've supplied a group attribute that will grant me access to the QlikGroup stream. During authentication, security rules will evaluate and determine that I have a group attribute and the security rule uses user.environment.group to grant me access to the QlikGroup stream.
Section Access
In the previous examples I sent along an attribute named group. In reality I could send any attribute I want through the session attributes mechanism. But the group attribute name has some additional capabilities within Qlik Sense. Using the group attribute name allows those values to pass into an application for section access data reduction purposes.
Let's go ahead and open up a sales application as Anne Foster.
Her data is reduced to only the United States because the session attribute named group has a value of "SalesUS".
When I log in as Eddie Reese, he is only able to see Australia because his the session attribute value for him is "SalesAUS".
Wrap up
Session attributes are a powerful and flexible alternative to user directory connectors when using SAML, ticketing, or session authentication schemes. Session attributes are accessible in security rules with the user.environment syntax, and when the session attribute is named "group", the values may be used with Section Access data reduction. To learn more Qlik products and discover additional technical materials, join the conversation on our Qlik Community, Qlik Help YouTube channel and view the video libraries on the Qlik Community: New to Qlik Sense Videos - New to QlikView Videos
About Jeff:
Jeff is a Principal Enterprise Architect on the North America Enterprise Architecture team who has worked in various technology positions for over 16 years. Jeff focuses on integration, deployment, automation, security, and api topics across a wide range of software. Thanks for this valuable contribution Jeff!
(Hey Jeff - this pic is going to give me nightmares!)
Follow us:
Jeff Goldberg (@goldbergjeffrey) | TwitterMike Tarallo (@mtarallo) | Twitter
-
Thank you for making Qlik Connect a success!
Well, that’s a wrap on Qlik Connect 2024. There were so many product announcements and stories shared from our customers and partners. We were so luc... Show MoreWell, that’s a wrap on Qlik Connect 2024. There were so many product announcements and stories shared from our customers and partners. We were so lucky to have such a great crowd attending both in person and virtually. We saw so many of you sharing the week’s festivities using #QlikConnect on LinkedIn. But let’s continue the conversation here!
What were some event highlights for you?
Did you make any great connections?
Give us the details!
We loved having you in Orlando this year, hope to see you in 2025!
-
Qlik Inline load
Inline load is a type of data load that can be used when you do not have a data source. The data can be entered manually or by using the wizard within... Show MoreInline load is a type of data load that can be used when you do not have a data source. The data can be entered manually or by using the wizard within QlikView or Qlik Sense.
Here are a couple of key things to remember:- Data entered through an inline clause must be enclosed by square brackets [ ]
- The columns of the table are defined in the first line of the inline load statement, separated by comas.
- A semi colon (;) is required after the closing square bracket
Here is an example of a simple table using inline load:Load * Inline [
ID, Name, Age, Title
1, Wladimir, 31, Team Lead
2, Paul, 22, Technical Support Engineer
3, Mark, 40, Customer Support Engineer
4, Janne, 27, IT Specialist
];
In the example inline load above, the columns for the table are:
- ID
- Name
- Age
- Title
The values starting with 1, are all data values that will populate the table. After loading the data, and looking at the data model, it will look like a normal table:As with any other dataset, two inline load tables can be created and be connected as can be seen below. You can also connect your inline table to an already existing table:
Inline load using the QlikView wizard:
You can accomplish the same result using the QlikView Inline load wizard.
In the edit script window, go to Insert > Load Statement > Load Inline. A window with a structure of a table will appear. Select the top cell indicated by F1 and change its value to the name of your first column. Repeat for the other columns of your inline table. Insert the data to create the table. At the end, your table should look like this:Inline load using the Qlik Sense wizard:
In the Data Manager, select the ‘Manual Entry’ option located at the top left corner of the screen.
Add the table name and double click on Field_1 cell to insert your first column name. Repeat this for the other columns. After naming all the columns, you should have something like in the image below.
Note that at the bottom right you can see the column count = 4 and number of rows = 0. If you Insert data, you see that the number of rows is no longer 0.For more detail information on using the Qlik Sense Wizard, please see the following resources:
Manual Entry - Qlik Sense
Inline load Delimiter
Please give this post a like if you found it helpful! Also please let us know if you have any questions or leave your feedback in the comments. -
Healthcare Dashboard (Oncology)
Healthcare Dashboard AnyChart Unlock transformative insights in healthcare using Decomposition Tree, Gantt Chart, Combo Chart, Sunburst Chart, a... Show MoreHealthcare DashboardAnyChartUnlock transformative insights in healthcare using Decomposition Tree, Gantt Chart, Combo Chart, Sunburst Chart, and Timeline Chart visualizations in Qlik Sense.Discoveries
Dive deep into metrics like admissions, patient counts, and treatment costs. Perform root cause analysis or ad-hoc explorations with ease. Maintain clear, actionable visibility of doctor-patient timelines and track each patient's journey with insightful precision.
Impact
Experience how charts like Decomposition Tree, Gantt Chart, Combo Chart, Sunburst Chart, and Timeline Chart can enable powerful insights for a healthcare (oncological) institution
Audience
Healthcare institutions looking to unlock more efficient and insightful exploration of their data within their Qlik environment.
Data and advanced analytics
This application features Decomposition Tree, Gantt Chart, Combo Chart, Sunburst Chart, and Timeline Chart visualizations built with AnyChart's extensions for Qlik Sense. The data is fictional, representing a healthcare (oncological) institution.
-
Release Cadence Update: Qlik GeoAnalytics
We are introducing changes to the release cadence of our Qlik GeoAnalytics products, including: Server, Plus, Extensions, and Connectors for Qlik Sen... Show MoreWe are introducing changes to the release cadence of our Qlik GeoAnalytics products, including:
- Server,
- Plus,
- Extensions,
- and Connectors for Qlik Sense Client Managed and QlikView.
Beginning with May 2025, we will be releasing one yearly update, with a target release month of May. If needed, we will deliver service releases throughout the year on demand.
As always, we recommend upgrading to the latest available release and SR (service release). If you are looking for information on version compatibility, see our official documentation.
This change was done to match with Qlik Sense Enterprise On Windows.
General GeoAnalytics information
About Qlik GeoAnalytics | Qlik GeoAnalytics Help
Version Compatibility
GeoAnalytics for Qlik Sense supported versions | Qlik GeoAnalytics Help
GeoAnalytics for QlikView supported versions | Qlik GeoAnalytics HelpDon't hesitate to reach out with any questions you might have.
Thank you for choosing Qlik,
Qlik Support -
RESOLVED - Patch Error - Qlik Sense on Windows, February 2024 Patch 5
Update as of June 4, 2024: Patch 5 has been fixed and is now available for download.Qlik Sense on Windows, February 2024 Patch 5 Update 1 addresses th... Show MoreUpdate as of June 4, 2024:
Patch 5 has been fixed and is now available for download.
Qlik Sense on Windows, February 2024 Patch 5 Update 1 addresses the broken text issue that was found with its original release.
Please note: If you currently have Feb '24 Patch 5 installed, it is recommended you clear cache to solve font issue after installing the latest updated version, Feb '24 Patch 5 Update 1.
--------------------------------------------------------------------------------To our February 2024 Qlik Sense on Windows users,
A UI issue has been detected with the Patch 5 release, where broken text is shown throughout the interface.
This patch has been temporarily removed from our Downloads page, and it will become available again when the root cause has been identified.
Investigation ID: QB-27190
As a workaround, you can upgrade to the latest Qlik Sense on Windows version (May 2024) or use any other release from February 2024.
We apologize for the inconvenience and appreciate your patience,Qlik Global Support
-
OpenID Connect configuration in Qlik Cloud Services - Explained
OpenID Connect configuration in Qlik Cloud Services - ExplainedOpenId Connect wants to be a simplified mechanism for modern web application authentica... Show MoreOpenID Connect configuration in Qlik Cloud Services - Explained
OpenId Connect wants to be a simplified mechanism for modern web application authentication. But like most identity management schemes in software there are so many details to consider it can be hard to understand all the I/O. In this blog, I'll give my best effort to explain OpenId so you can speak about it intelligently, at least in context of configuring it for use with Qlik Enterprise SaaS.
Authenta-what-now?
Photo by Nathan Bingle on Unsplash
OpenID Connect has more words and acronyms to try to explain what it is than letters in the word "authentication", including OAuth, JWT, claims, client, authorization server, and more, so it makes sense to begin with some basic definitions.
TL;DR
- OpenID Connect and OAuth 2 basic description
- Qlik Cloud Service input fields for configuring an identity provider using OpenID Connect
- Resources to learn more about Qlik Cloud Services and authentication
Basic Definitions
- OpenID Connect == aka OIDC, an authentication scheme for modern web applications
- OAuth 2.0 == an authorization framework and the foundation of OpenID Connect
- JWT == JSON web tokens contain the payload exchanged in an OAuth 2.0 handshake
- Token == a JWT
- Payload == Information in the form of claims to be exchanged
- Claims == the information describing the subject of the JWT
- Subject == aka "sub", a unique identifier, and claim, typically representing a user
- Resource Owner == the user accessing a third-party application through OpenID Connect
- Authorization Server == an identity provider, or the resource server storing information about the resource owner
- Third-party Application == the "client" application requesting information about the resource owner from the authorization server
- Client == for the purposes of this blog, Qlik
- Scopes == permissions the authorization server grants the client, in many cases access to additional claims necessary to fulfill the client auth request
Check out the links at the end of the blog to learn more about OpenID, OAuth 2.0, and JWT
This is not an exhaustive list of terms in the OIDC orbit, however, it's a decent primer for what you need to know for integrating OpenID with Qlik.
The Double-click
If all I gave you were the basic definitions, you may feel bamboozled by the title of the blog. So here is some additional context for OpenID Connect and OAuth 2.0 before I get into Qlik-specific details.
OpenID Connect
OpenID Connect is an identity layer built on the OAuth 2.0 protocol. OIDC, as it is commonly referred, verifies identities between third-party applications like Qlik and an identity provider like Azure Active Directory, Okta, or Auth0. OIDC exchanges information using JWTs (aka JSON web tokens.)
OAuth 2.0
OAuth 2.0 is a framework for authorizing applications to share user profile information between a resource owner (the user), the authorization server (the identity provider), and the third-party application (aka the client, aka Qlik.) Exactly what information is shared depends upon the "scopes" the authorization server grants the client application.
Qlik and the Identity Provider
In Qlik SaaS, there are four different types of identity providers you can set up in an instance. This blog is interested in only discussing the Interactive option because it is the choice for connecting Qlik to an OIDC provider.
Selecting Interactive populates the Provider drop-down list with a number of popular vendors who offer OIDC capabilities. Depending on the provider you select, common values in the Claims mapping and Advanced settings sections will auto-populate in the text boxes. I'll discuss Claims mapping in more detail below. For now, I'm going to move to the Application credentials section of the configuration
Application credentials
The Application credentials section of the configuration is where you enter in the information that identifies Qlik as a registered application with the identity provider.
This blog doesn't cover the manual configuration options. Check help.qlik.com for information related to Application credential manual configuration.
Provider configuration URI
The configuration URI is a publicly accessible web address Qlik can navigate to access the OIDC metadata for the identity provider. The metadata informs Qlik of additional URIs to authenticate users and acquire JWTs containing supported claims, among other data describing the authorization server. Typically, the configuration URI will look like this:
https://login.microsoftonline.com/<your-azuread-tenant-id>/v2.0/.well-known/openid-configuration
Client ID
The Client ID is a public, unique string issued by the identity provider representing the application registration; in this case Qlik is the registered application with Microsoft Azure Active Directory. Qlik supplies the Client ID to Azure AD during authentication requests to route the request properly. Without the Client ID, Azure AD can't identify the app registration and responds with an error.
Client secret
The Client secret is a private, unique string issued by the identity provider, known only to the client and the authorization server. It is used in requests made to the identity provider to acquire the JWT token containing the authenticating user's profile information.
Courtesy xkcd
Realm
The Realm is an optional value intended to contain a pattern to determine the validity of an OpenID authentication request. In Qlik, it is sometimes used to specify a Windows domain which gets prefixed to the userid.
Claims mapping
When a user authenticates successfully to Qlik, the authentication service generates a new "internal" token using the claims from the identity provider token. The claims are "mapped" to this new token based on the claim names in each of the text boxes for the corresponding claim.
Certain claims, like the sub, email, and email_verifed are required claims from the identity provider token. Others, like groups and picture are optional claims. In Qlik SaaS, all of the claims listed in the mapping section are configurable, meaning you can set it to any claim name you know exists in the identity provider token.
sub (Subject)
The sub is a unique identifier representing the End-User at the identity provider.
The sub claim value must be unique for each End-User accessing Qlik SaaS because the platform relies upon the sub claim to act as the unique UserId in Qlik.
The typical sub value looks like a random string of characters like AItOawmwtWwcT0k51BayewNvutrJUqsvl6qs7A4. But as you can see, as a UserId the sub isn't readable. If you are migrating from an on-premises Active Directory to Azure AD, you may want to consider an alternate claim for the mapped sub.
A Short Detour to AD Land
If you are used to example\hardcoreharry representing a UserId, then chances are you have migrated from an on-premises Active Directory to Azure AD.
The identifiable UserId in this pattern is known as the sAMAccountName. sAMAccountName is an available claim if your Azure AD synchronizes with an on-premises AD through AD-Connect. If you have Qlik Sense applications with Section Access script, consider changing the sub claim to map the sAMAccountName from the identity provider token.
name
The name is a standard claim sent in OIDC JWTs. It represents the End-User's full name. Qlik will use this mapped claim as the friendly name used in greetings, user profile information, and in access control settings for artifacts like spaces.
groups
Groups is not a standard claim of OIDC. It is an optional claim that needs to be configured to be sent by the identity provider. Its name gives away the values the claim contains, but make sure you know the way the values appear. Certain identity providers like Azure AD do not send friendly names for native groups using an optional group claim, sending the unique identifier for the group instead.
email
Email is a standard claim of OIDC, and is intended to represent the preferred email address of the End-User. Some providers do not send the email address in the email claim because their own services support the user having multiple preferred email addresses. For example, in my Azure AD there is no value in the email claim for my users, however, the upn contains the End-User email address because it is the user principal name for that user.
client_id
The client_id claim contains the same value you entered in the Application credentials. It is required by OAuth 2.0 to be present in the payload of claims.
picture
The picture claim contains a url for the End-User's profile picture. If you configure the picture claim to map a different claim, the value must be a url and must refer to an image file. If no picture claim is sent by the identity provider, Qlik will not attempt a mapping.
email_verified
The email_verified claim contains a boolean value confirming the user has verified their email with the identity provider. It is standard claim of OIDC, but it is not a requirement to be sent by the identity provider. This can cause problems for claims mapping with Qlik because Qlik requires the presence of an email_verified claim set to true to perform the complete claims mapping process.
Each identity provider handles email verified differently
Okta and Auth0 send an email_verified claim because they require End-Users to verify their email address to access the service.
Onelogin does not send an email_verified claim in the default payload. You will need to add a custom claim to your configuration to send the email_verified claim to Qlik, and identify the claim name in this text box for Qlik to map it.
Azure AD does not send an email_verified claim in their token because Azure B2B users do not have to verify their email and because the user may have the same email address for accounts in different AZure Active Directory instances, it's not possible to provide a single verification mechanism which all ADs can read from. I address handling Azure AD email_verified claim challenges in the Advanced options section.
Advanced options
For the majority of providers, there are two advanced options you can adjust. One is to specify the scopes the configuration should read from, and the other is a text box to supply a url to be navigated to when a user logs out of Qlik SaaS.
There is one special advanced option that appears if you are using Azure AD as a provider, and that is a switch for the email_verified claim. I mentioned above that Azure AD does not supply an email_verified claim in the token sent to Qlik.
You could set up a custom claim in Azure AD that sends a boolean value to Qlik. I've done it, and it's a pain. So I asked the R&D team to copy what our friends at Auth0 do and provide the switch. Once the switch is set to true, Azure AD claims map to Qlik without any issue.
Recap
So there you have it, clear as mud right? Hopefully you come away from reading this with a better understanding of the inputs for an OpenID Connect configuration with Qlik Enterprise SaaS. While filling in these inputs is straightforward, it's unfortunate that every provider out there implements OIDC differently. Along with reference links for OIDC and OAuth 2.0 below, check out the links related to configuring these different providers with Qlik.
Happy Qlikking!
References
OpenID core specification - https://openid.net/specs/openid-connect-core-1_0.html
Auth0 OpenID Connect Protocol - https://auth0.com/docs/protocols/openid-connect-protocol
OAuth 2.0 RFC - https://tools.ietf.org/html/rfc6749
OAuth 2 Simplified - https://aaronparecki.com/oauth-2-simplified/
JWT Introduction - https://jwt.io/introduction/
Qlik Enterprise SaaS Identity Provider Configuration Guides
Okta - Coming soon!
Keycloak - Coming soon!
-
Updates to Qlik Cloud Security Roles
On April 16th, 2024, Qlik is launching a highly anticipated capability: custom security roles. What do custom security roles do? Custom security roles... Show MoreOn April 16th, 2024, Qlik is launching a highly anticipated capability: custom security roles.
What do custom security roles do?
Custom security roles introduce fine control of data export and access permissions within Qlik apps. This allows you to tailor permissions to your specific needs, enhancing data security and compliance.
The first delivery on April 16th includes the capability to control who can export content. Additional capabilities will be added soon after, such as who can create data connections, reports, and similar.
What does this mean for me?
As part of this update, the existing "has restricted view" space role will gain the ability to export data to Excel. This adjustment is in line with Qlik's capacity-based pricing model, ensuring basic users have essential tools.
If you do not wish for users with the "has restricted view" space role to be able to export data, you will need to edit the User Default role to deny download for all users, and then create a custom role that allows if for specific users and groups.
Stay tuned for more information and resources leading up to the April 16th launch. We are excited about these enhancements and the value they will bring to your data management and security efforts within Qlik.
Thank you for choosing Qlik,
Qlik Support
