Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
dionverbeke
Luminary Alumni
Luminary Alumni

saml

Hi,

Did anyone have experience installing Qlik Sense SAML on Azure with Azure's AD?

I've been able to connect it to the Domain, local user via a virtual proxy. This all works.

But can't get SAML to work.

2016-05-26_21-02-12.png

Did someone create a walkthrough where I should get the details on how to do this?

Qlik's online help was not so straightforward.

Kind Regards,

Dion

1 Solution

Accepted Solutions
marcus_sommer

5 Replies
marcus_sommer

Here are various postings to this topic: https://community.qlik.com/search.jspa?q=error+500

- Marcus

Anonymous
Not applicable

Hi Dion.

I've a working Azure AD Virtual Proxy setup. If you need help, my email is in my profile.

- Egbert

adam_groenbeck
Partner Ambassador
Partner Ambassador

Hi Egbert,

Sounds interesting - I have been browsing a bit and could not find any detailed information (step by step) on what to do in order to authenticate against an Azure AD - do you have any information you can share?

Anonymous
Not applicable

Steps in QMC:

- Create new Virtual Proxy

Identification

Name: Azure
Prefix: azure
Session inactivy timeout: 30
Session cookiename: X-Qlik-Session-Azure

Authentication

Anonymous access mode: No anonymous user

Authentication method: SAML

SAML Host URI: https://your-qliksense-server.domain.tld/

SAML Entity Id: https://your-qliksense-server.domain.tld/azure/

SAML IdP Metadata: (comes next, after creating application in Azure AD)

SAML attribute for user ID: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

SAML attribute for user directory: [Azure]

SAML signing algorithm: SHA-1

Load balancing

Add your Proxy here.

Steps in Azure:

- Login to Azure old portal at https://manage.windowsazure.com/

- Navigate to your Azure Active Directory, select Applications

- Add an application. Choose "Add an application my organization is developing".

- Give it a name, choose "WEB APPLICATION AND/OR WEB API".

- Sign-on url: https://your-qliksense-server.domain.tld/azure/, app id uri can be the same uri.

- Configure application, add Reply URL https://your-qliksense-server.domain.tld/azure/samlauthn/

- Click View endpoints in the bar on the bottom.

- Navigate to your FEDERATION METADATA DOCUMENT Url, e.g. https://login.microsoftonline.com/<your-tenant-id>/federationmetadata/2007-06/federationmetadata.xml. Download that document to your computer.

Step back in QMC:

- Upload metadata XML in your Virtual Proxy, field SAML IdP Metadata.

Navigate in a new private window of your browser to https://your-qliksense-server.domain.tld/azure/. You should be redirected to https://login.microsoftonline.com/<your-tenant-id>/saml2?<long-querystring>. After entering your Azure credentials here you should be redirected back to Qlik Sense. You might get a QS access error (the nice one) due to a missing license. The user should be visible in QMC.

Not applicable

Hello Egbert,

Do you still have a working Azure AD Virtual Proxy setup? I am interested to see your settings. I am getting the same error message.