Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
July 15, NEW Customer Portal: Initial launch will improve how you submit Support Cases. READ MORE

Qlik Cloud: Call Qlik APIs using JWT authentication (PowerShell)

100% helpful (1/1)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Damien_V
Support
Support

Qlik Cloud: Call Qlik APIs using JWT authentication (PowerShell)

Last Update:

Jul 3, 2024 1:38:01 AM

Updated By:

Sonja_Bauernfeind

Created date:

Jul 2, 2024 11:23:35 PM

This is a sample of how to call the Qlik Cloud APIs to assign an Analyzer license to a user with PowerShell/JWT authentication.

 

Environment

 

Resolution

In order to call Qlik Cloud API with JWT authentication, the first step is to call POST /login/jwt-session to get the necessary cookies. Which API can be called depends on the privileges the JWT user has been assigned.

 

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

$hdrs = @{}
# Put your JWT token here
$hdrs.Add("Authorization","Bearer eyJhbGciOiJSU...pgacN8QqAjKug")
$url = "https://tenant.ap.qlikcloud.com/login/jwt-session"
$resp = Invoke-WebRequest -Uri $url -Method Post -ContentType 'application/json' -Headers $hdrs

#Fetch all required cookies
$AWSALB= [Regex]::Matches($resp.RawContent, "(?<=AWSALB\=).+?(?=; Expires)")
$AWSALBCORS= [Regex]::Matches($resp.RawContent, "(?<=AWSALBCORS\=).+?(?=; Expires)")
$eassid= [Regex]::Matches($resp.RawContent, "(?<=eas.sid\=).+?(?=; path)")
$eassidsig= [Regex]::Matches($resp.RawContent, "(?<=eas.sid.sig\=).+?(?=; path)")
$csrftoken= [Regex]::Matches($resp.RawContent, "(?<=_csrfToken\=).+?(?=; path)")
$csrftokensig= [Regex]::Matches($resp.RawContent, "(?<=_csrfToken.sig\=).+?(?=; path)")

$allCookies = "AWSALB="+$AWSALB.Value+";AWSALBCORS="+$AWSALBCORS.Value+";eas.sid="+$eassid.Value+";eas.sid.sig="+$eassidsig.Value+";_csrfToken="+$csrftoken.Value+";_csrfToken.sig="+$csrftokensig.Value

$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession

foreach ($cookiePair in $allCookies.Split((";"))) {
  $cookieValues = $cookiePair.Trim().Split("=")
  $cookie = New-Object System.Net.Cookie
  $cookie.Name = $cookieValues[0]
  $cookie.Value = $cookieValues[1]
  $cookie.Domain = "tenant.ap.qlikcloud.com"
  $session.Cookies.Add($cookie);
}

$hdrs = @{}
#Request that modify content such as POST/PATCH requests need the Qlik-Csrf-Token header
$hdrs.Add("Qlik-Csrf-Token",$csrftoken.value)

$body = '{"add":[{"subject":"DOMAIN\\user1","type":"analyzer"}]}'

$url = "https://tenant.ap.qlikcloud.com/api/v1/licenses/assignments/actions/add"
Invoke-RestMethod -Uri $url -Method Post -Headers $hdrs -Body $body -WebSession $session

 

Qlik Cloud
Thumbnail of Qlik Cloud
Qlik Cloud
Labels (2)
112 Views
Was this article helpful? Yes No
Version history
Last update:
3 weeks ago
Updated by:
Digital Support