Skip to main content

Qlik

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2025! Join us in Orlando join us for 3 days of immersive learning: REGISTER TODAY

Example auth0 authentication setup on Qlik Sense Enterprise SaaS

No ratings
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support

Example auth0 authentication setup on Qlik Sense Enterprise SaaS

Last Update:

May 10, 2022 3:03:11 PM

Updated By:

Jamie_Gregory

Created date:

Apr 10, 2020 9:20:02 AM

The steps below are for an example test setup of authentication using Auth0 as Identity Provider (IdP) with on Qlik Sense Enterprise SaaS.

Environment: 

 

Resolution:


The information in this article is provided as-is and to be used at own discretion. Ongoing support on the solution is not provided by Qlik Support.

Note: These steps assume an auth0 "Developer" account has already been created.

 

Create a new Application in Auth0.

 

Proceed with the following steps:

  1. In the left menu in Auth0, open Applications.
  2. Click Create application.
  3. Give the application a name, select Single Page Web Applications and click Create.
  4. Select Settings.
  5. In the box Allowed Callback URLs, add the URL to your host in the format https://<host>/login/callback (e.g: https://<tenant name>.us.qlikcloud.com/login/callback).
  6. Scroll down and click Save changes.
  7. Note down the Client ID value.
  8. Note down the Client Secret value.
  9. Scroll to the bottom and select Advanced Settings.
  10. Select the Endpoints tab.
  11. Note down the OpenID configuration URL for later.

 

Creating a database connection in Auth0

 

Create a database connection and configure the application to use this connection.

Proceed with the following steps:

  1. In the left menu, select Connections > Database.
  2. Fill in a name for the database connection and click Create.
  3. In the left menu, select Applications.
  4. Open the tab Connections
  5. Enable the new database connection for the new application.

Creating a new user

If users are not in Auth0, proceed with the following steps:

  1. In the left menu, select Users & Roles > Users.
  2. Click Create user.
  3. Fill in the fields and select the newly created connection.

 

Setup the Identity Provider in the Management Console within Qlik Sense Enterprise SaaS.

 

  1. Go to Profile > Administration 
  2. Open the section Identity provider.
  3. Click Create new. The page for creating an IdP configuration opens. 
  4. Select IdP type Interactive for login of users
  5. Select your IdP provider, Auth0.
  6. Optionally, enter a description.
  7. Fill in the fields in the Application credentials section:
    1. OpenID configuration - use the URL from step 11 in Create a new Application in Auth0 section.
    2. Client ID - use the Client ID value from step 7 in Create a new Application in Auth0 section.
    3. Client secret - use the Client secret value from step 8 in Create a new Application in Auth0 section.
  8. Accept the defaults for the Claims mapping section.
  9. Click Save.


Related Content:

Labels (1)
3,438 Views
Was this article helpful? Yes No
Comments
jfitz_chicago
Partner - Contributor III
‎2024-01-23 10:10 AM

Very helpful. I'm using Auth0. I used Roles to store group info.

groups box = /https:~1~1qlik.com~1groups

Advanced options claims = email openid profile https://qlik.com/groups

I created an API with the permissions to read groups. (Not 100% sure I needed to do that)

And I created a Flow in the Post Login section (Actions > Flows > Login) that added groups to the response.

/**
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
 */
exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://qlik.com';
  if (event.authorization) {
    api.idToken.setCustomClaim(`${namespace}/groups`, event.authorization.roles);
    api.accessToken.setCustomClaim(`${namespace}/groups`, event.authorization.roles);
  }
}

 

Version history
Last update:
‎2022-05-10 03:03 PM
Updated by:
Top