Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
ErikWetterberg
Master
Master
‎2018-07-18 07:30 AM

Authentication from web app - best practices??

Hi,

Lately I have been working om integrating an existing web app with Qlik Sense using the Engine API. Unlike most of the cases I have worked on before this web app is not hosted by Qlik Sense, which means users might not be authenticated with Qlik Sense. So we have to handle authentication.

What we have done some far is that when we get a 'Not authenticated' error message we make a HTTP GET to the Qlik Sense server. This triggers a login dialog, which works well when we have 'Windows authentication pattern' set to 'Windows'. When we switch to 'Form' is does not work any more...

This leads to my question: what is best practices for this scenario?

  • is the HTTP GET a general pattern, or just when 'Windows authentication pattern' is windows?
  • is there a more general approach? If possible we would like something that works with different configurations.
  • what file/URL is recommended for the GET?
  • what about logging out? How can we do that?? I've seen that the built-in client uses a HTTP DELETE when you do a logout, is that the way to go??

Grateful for any help

Erik Wetterberg

Qlik Sense extensions, mashups, integrations and APIs
Blog Extending Qlik
4,465 Views
0 Likes
4 Replies
Vincenzo_Esposito
Employee
Employee
‎2018-07-20 03:41 AM

Hi Erik,

Qlik Sense does not make any Authentication, instead it relies on an external Identity Provider (IdP). Windoes Authentication is the default IdP for QlikSense. If you don't want Windows as IdP, you need to replace it with something else. Let me suppose your application already makes authentication, in this case you can use it as IdP. Qlik Sense can relies on your authentication module using the custom authentication (JWT, Ticket, header, session, and son on)..

If you want to know more, have a read here (https://help.qlik.com/en-US/sense/June2018/Subsystems/PlanningQlikSenseDeployments/Content/Deploymen...)  for general informations and here (https://help.qlik.com/en-US/sense/June2018/Subsystems/PlanningQlikSenseDeployments/Content/Deploymen...) for the custom solution. And here (https://github.com/mhamano/qlik-session-auth) an example of Session authentication which probably suite the best your case

4,194 Views
ErikWetterberg
Master
Master
‎2018-07-20 10:00 AM
Author

In response to Vincenzo_Esposito

Hi,

Thanks for the reply, but the help is more around 'how can I configure authentication in my Qlik Sense installation' while my question is more 'how can I authenticate from a web app to Qlik Sense'. Since this web app should potentially be used with different Sense installations, we want it to be as general as possible. We have a working solution that simply makes a HTTP GET, but we have just grabbed a file which we believe is in all Qlik Sense installtions - is this the way to go? This means that Qlik Sense does all tickets, cookies etc, which is great, but perhaps we need to handle that in our code?

As far as I understand the example it is a Node js solution, while we are working in the browser, which means we want the user to enter username/password or do whatever authentication procedure is necessary.

Erik Wetterberg

Qlik Sense extensions, mashups, integrations and APIs
Blog Extending Qlik
4,194 Views
0 Likes
Anonymous
Not applicable
‎2018-10-26 01:30 AM

In response to ErikWetterberg

Hi Erik,

May I ask how you manage to get a 'Not authenticated' message? Did you try to create a session using enigma, or you call some qlik url?  If I call https://qlikserver/qps/user, it will return "session: inactive".  So I guess you're calling in a different way to get a 'Not authenticated' message.


Also, you said when you get a 'Not authenticated' message, you do an http get to qlik server.  Does it mean you call https://qlikserver/proxy/hub?  Cause calling this will either show a login pop-up or a login page depending if you use Windows or Form.  But why do you still want qlik to serve the login page when you have your own webapp?  I thought you have your own login page.  Unless you set your own login page in "authentication module redirect uri".  But even if you did set it as redirect, once you login, you'll be served with the https://qlikserver/proxy/hub url because that is the target url.  Is that your intention, or you also have your own landing page after you login from your own login page?


Also, did you manage to solve this?  Would appreciate it if you could share how you did it.  Thank you.


Thanks,

Ben

4,194 Views
0 Likes
swetha1
Contributor
Contributor
‎2020-08-14 03:19 PM

In response to Anonymous

Hello Ben,

I am in a similar situation. We have qlik sense enterprise on cloud.  We are supposed to connect to it from asp.net web application. We are able to get the Cookie information that we need. But how should we redirect to the Qlik sense url while passing the cookie and header information.

What did you do to resolve your issue. It will a be a lot of help if you can point me in the right direction.

 

Thanks,
Swetha

1,831 Views
0 Likes