Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Woohoo! Qlik Community has won “Best in Class Community” in the 2024 Khoros Kudos awards!
Announcements
Nov. 20th, Qlik Insider - Lakehouses: Driving the Future of Data & AI - PICK A SESSION

Qlik Cloud: How to set up Auth0 and map roles to groups (OIDC)

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Damien_V
Support
Support

Qlik Cloud: How to set up Auth0 and map roles to groups (OIDC)

Last Update:

Aug 5, 2024 6:11:57 AM

Updated By:

Sonja_Bauernfeind

Created date:

Aug 5, 2024 6:11:57 AM

This article explains how to set up OIDC authentication with Auth0 and map Auth0 roles to groups in Qlik Cloud.

This customization is provided as is. Qlik Support cannot provide continued support of the solution. For assistance, reach out to our Professional Services or engage in our active Integrations forum.

Environment

Qlik Cloud

 

Auth0 Setup

  1. Create a single page application

    Example:

    create a single page application.png
    Note down Client ID and Client Secret
  2. Add your Qlik Cloud tenant callback URL (original tenant URL) in the allowed Callback URLs, which should be https://<tenanturl>.<region>.qlikcloud.com/login/callback

  3. Scroll to the Advanced Settings section

  4. Open Endpoints and copy the OpenID configuration endpoint
  5. On the menu on the left, go to Actions > Library 

  6. Create a new custom action of type Login/Post Login and use the below code:

     
    exports.onExecutePostLogin = async (event, api) => { 
    const namespace = 'https://my-app.example.com';
    if (event.authorization) { 
    api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles); 
    api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles); 
    api.user.setUserMetadata(`${namespace}/roles`, event.authorization.roles); 
    } 
    }
  7. Click Deploy to activate the action.

    This action will pass the user roles in Auth0 to be used as groups in Qlik Cloud.

 

Qlik Cloud Setup

  1. Set up a new OIDC Identity Provider and provider Auth0
  2. In the OpenID configuration field, add the endpoint copied in the previous step 3 of your  Auth0 configuration
  3. Fill in the Client ID and Client secret copied in the previous step 2 of your  Auth0 configuration
  4. For the claims mapping, set the groups to "https://my-app.example.com/roles", adjust other settings based on your needs or leave as default
  5. Make sure that Override email verified to true is checked and that scope is openid profile email
  6. Save the settings and go through the validation procedure before activating the Identity Provider
Qlik Cloud
Thumbnail of Qlik Cloud
Qlik Cloud
Labels (1)
Labels:
287 Views
Was this article helpful? Yes No
Version history
Last update:
‎2024-08-05 06:11 AM
Updated by:
Digital Support