Qlik Enterprise Manager (QEM) allows Personal Access Token authentication with Okta. The token generation in QEM will fail if the incorrect variables have been passed in. Missing quotations on the variables will result in the variables being treated as "Null" values. The following error would be seen in the Enterprise Manager logs if null values are found.
Parameter name: s
System.ArgumentNullException: Value cannot be null.
Parameter name: s
at System.Runtime.InteropServices.Marshal.SecureStringToBSTR(SecureString s)
at Attunity.Infrastructure.Globals.Crypto.GetClearString(SecureString value)
at Attunity.Infrastructure.Globals.Authentication.OpenIdAuthClient..ctor(HttpClient httpClient, String authority, String clientId, String redirectUri, SecureString clientSecret, String additionalScopes, String openIdUserNameClaimType, String openIdDisplayNameClaimType, String openIdGroupClaimType)
at Attunity.Infrastructure.HostManager.HostManager.CreateOpenIdAuthClient()
at Attunity.Infrastructure.HostManager.RestHandler.OpenIdRedirect(OpenIdRedirectParams param)
Resolution
Ensure the following variables are double-quoted and correct information from the Okta integration app is used
- --open_id_authority
- --open_id_client_id
- --open_id_id_client_secret
Syntax
aemctl.exe configuration set --open_id_authority your-openid-connect-authority --open_id_client_id your-client-id --open_id_client_secret your-secret
Example using Okta
aemctl.exe configuration set --open_id_authority "https://dev-13465054.okta.com" --open_id_client_id "0oa8ohkl5ftweZNWTT5d7" --open_id_client_secret "FJxXqWOpJsROGrthsaVzfUIcNthG6JLA1-nAJH0"
Related Content
Setting up Personal Access Token authentication for the API
Environment
