Qlik Community

Qlik Sense Integration, Extensions, & APIs

Discussion board where members can learn more about Integration, Extensions and API’s for Qlik Sense.

Not applicable

Mashup/Capability API without a redirect for authentication?

All of the examples of the mashup/capability API in node.js that I've seen use the qlik-auth module.  The drawback of the qlik-auth module is that it relies on redirection through the proxy to obtain a ticket.

What I would like to do is obtain a ticket via ajax, and defer loading the qlik client until the ticket is returned.

There doesn't, however, seem to be an API in the client to pass in the ticket and/or session and the qlik client assumes that a valid cookie is set when loaded, otherwise it redirects to the authentication URL in the virtual proxy.

How can the qlik js client be loaded without needing to be redirected to the authentication url by using the QPS session API to first obtain a ticket?

Tags (1)
1 Solution

Accepted Solutions
Employee
Employee

Re: Mashup/Capability API without a redirect for authentication?

Hey Chris,

The http://sense-demo.qlik.com site does exactly that. We fetch a ticket in the background, then we consume said ticket by just issuing a GET against a resource behind the proxy with the ticket attached to it. Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.

Process

1. Browser requests ticket from server component.

2. Server component issues ticket to user/browser

3. Browser consumes ticket by requesting https://<your QS server>/resources/img/dark_noise_16x16.png?qlikTicket=<yourticket>

4. QS Server returns the image and a Set Cookie header.

5. Discard the image and just load the qlik.js API

10 Replies
Employee
Employee

Re: Mashup/Capability API without a redirect for authentication?

Hey Chris,

The http://sense-demo.qlik.com site does exactly that. We fetch a ticket in the background, then we consume said ticket by just issuing a GET against a resource behind the proxy with the ticket attached to it. Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.

Process

1. Browser requests ticket from server component.

2. Server component issues ticket to user/browser

3. Browser consumes ticket by requesting https://<your QS server>/resources/img/dark_noise_16x16.png?qlikTicket=<yourticket>

4. QS Server returns the image and a Set Cookie header.

5. Discard the image and just load the qlik.js API

Not applicable

Re: Mashup/Capability API without a redirect for authentication?

Thanks Alexander!

Once the ticket has been consumed and the session cookie is present in the client you can just inject the qlik.js script into the head or manually bootstrap our API onto the page.

I have a follow-up question regarding this.  The node.js mashup example uses a third approach, which is to load the master require.js (full html here):

<script src="http://<hostname>:<hostport>/resources/assets/external/requirejs/require.js"></script>

What's the difference between loading this require.js file (which is different stock require.js) and directly loading the qlik.js file?  Also, can you give an example of manually bootstrapping the API?  I'm not quite sure what you mean by that.

Not applicable

Re: Mashup/Capability API without a redirect for authentication?

Alexander, could you clarify how exactly "1. Browser requests ticket from server component." is achieved?

samarind
New Contributor

Re: Mashup/Capability API without a redirect for authentication?

This sounds like exactly what I need to do as I need to authenticate (get session for a user) via client side ajax...care to elaborate?

Not applicable

Re: Mashup/Capability API without a redirect for authentication?

Hi Robert,

You can read more about the authentication API here:

Authentication API ‒ Qlik Sense

The service that is used to actually obtain a ticket is here:

Add ticket ‒ Qlik Sense

If you were using normal authentication, then you wouldn't have to worry about getting a ticket since the app would do it on your behalf, but if you are using a proxy with an authentication module (as would be the case in most node.js examples), then the service you deploy (i.e. the node.js app) calls the ticket method in the QPS after using whatever authentication the application defines.

Hope that helps.

~Chris

Not applicable

Re: Mashup/Capability API without a redirect for authentication?

IMHO, the best place to start would be to work through one of the examples of a mashup application in node.js or the .net SDK.

That should give you a pretty good understanding of the architecture behind mashups.

If you've already gotten that far, then you'd have to give us more details on what else you'd like to know about the approach that Alexander laid out.

~Chris

Employee
Employee

Re: Mashup/Capability API without a redirect for authentication?

When you are loading the requirejs file from behind the proxy a authentication check is performed.
So if you are not authenticated when the page tries to load requirejs it will trigger the authentication re-direct.

Employee
Employee

Re: Mashup/Capability API without a redirect for authentication?

You build a server component that is trusted by Qlik Sense by certificates.

Your server component is responsible for authenticating the user, if that is successful you request a ticket for the user and pass it along.

alexbjorlig
Contributor

Re: Mashup/Capability API without a redirect for authentication?

Just if it helps anyone - the dark_noise picture moved location

/resources/img/core/dark_noise_16x16.png

Community Browser