Qlik Community

Qlik Design Blog

All about product and Qlik solutions: scripting, data modeling, visual design, extensions, best practices, etc.

QlikWorld online is next week! REGISTER NOW

Hello everyone, today I have the pleasure of introducing Jeff Goldberg as our guest blogger - (jog‌) - Jeff is a Senior Enterprise Architect on the Americas Pre-sales team who has worked in various technology positions for over 15 years. In between running half-marathons and crushing crossfit workouts , Jeff focuses on integration, deployment, automation, security, and api topics across a wide range of software.  If you have a technical challenge, Jeff can put you on a path to figuring out the best way to overcome it. Jeff has the extreme pleasure of introducing you to SAML authentication with Qlik Sense, not only in text - but as well in supporting videos. Thanks for this valuable contribution Jeff!

Qlik Sense SAML

With the release of Qlik Sense 2.0, we introduced SAML as an authentication option between enterprise identity management systems (known as identity providers) and Qlik Sense. While SAML is a standard for authentication and authorization, it is open to interpretation and variability in its implementation.  Consequently, implementing SAML can be a bit tricky.  The goal of this blog post is to demystify SAML and provide some examples you can use to implement it with Qlik Sense.

SAML stands for Security Assertion Markup Language, an xml based authentication and authorization standard for web applications to exchange user credentials and attributes.  SAML works between two parties, an identity provider (IdP) and a service provider (SP), to facilitate single sign-on access to secure content for a user.

Identity providers come in a variety of shapes and sizes.  Salesforce.com, Active Directory Federation Services, and Ping Federate are just a few of the options available for handling the authentication components of the SAML handshake. The service provider is the system with the content we want to access.  In this case, Qlik Sense is the service provider.

The figure below illustrates the SAML authentication process.

Keep in mind the SAML protocol is an open standard, therefore, implementing the solution between the SP and the IdP differs based on the requirements of the chosen provider.

For example:

  • ADFS metadata contains a whole section of information that needs to be removed before it is imported into Qlik Sense. 
  • With Ping Federate, the IdP configuration needs to have the name ID format for the SAML response manually set to transient or the user authentication to Qlik Sense will fail. 
  • One login doesn’t care about the name ID format for the response.

Bottom line, expect some trial and error when configuring SAML, regardless if it’s with Qlik Sense or some other solution.

To ease the pain and hopefully reduce frustration, we have created some videos to help walk through configuring different SAML identity providers with Qlik Sense.  As we encounter more flavors of IdP, we will create content to help with configuration.

For now, have a watch of the following videos, enjoy!

Video Link : 3601

Video Link : 3605

Video Link : 3653

Video Link : 3652


Hi There 

We have a web app and we want to set up sso via SAML. The user will login to our web app and click on a link to QlikSense and at that point we are going to pass few parameter in relayState parameter which is encoded and pasted in url end. I would like to use the parameters in the relaystate to read the role of the user and redirect him to suitable stream and then use other parameter to do default selection in our Qlik Apps.


Let me know how can we go about it.


Contributor II
Contributor II

Hi There, 

I am looking for your help inorder to setup ADFS-SAML authentication .We have successfully implemented the ADFS and on QMC as per the documentation .However When we try to access the link it says 

"Contact your system administrator the user can not authenticate"


Could you please help me as we are got stuck and it is our production env.




Contributor II
Contributor II

Could someone please help us through.