In working with Qlik Alerting for Windows, I’ve encountered several issues.
Here’s a categorized summary, including:

• 1 newly discovered issue with core config

• 1 new issue with SSO in SR2

• Previously known SSO & extension issues

✅ [1] Newly Discovered – Core Config Issue ❗ CSRF Token API Error (Missing Port When Using Non-Default HTTPS Port)

• From Qlik Sense Nov 2024, CSRF token validation is required

• Alerting now supports this (see doc: https://community.qlik.com/t5/Official-Support-Articles/Qlik-Alerting-403-errors-after-upgrading-to-...)

• However, if you use a non-default port (e.g., 8443), CSRF token fetch fails with 403

• Debugging server.js shows the CSRF token URL omits the port

✅ [2] SSO Integration – Issues (1 New + 2 Previously Documented)

Full breakdown of earlier issues here:
https://community.qlik.com/t5/Reporting-Service-Alerting/Issue-and-Solution-for-SSO-Integration-betw...

🆕 (New in SR2) Test Connection Error in SSO Mode

• Appears in SR2 only – SR1 behaves correctly

• When clicking “Test Connection”, result shows:

  "Invalid SSO URL. Please contact your administrator."

• Yet actual login works fine

✅ Workarounds:

• Modify the MongoDB config manually under qlikalerting > source

• Or: Use Basic Auth → Save → Switch to SSO mode → Save again

📌 Previously Identified Issues

1. In qaw_sso.html, getQlikURL() parses URL based on /sense → should use /content

2. Port is missing in constructed URL → breaks non-default port configs

✅ [3] Extension Bug (Previously Noted)

• request.js in qlik-alerting-extension.zip includes a getQlikURL() function with no port in result

• This function works contextually in /sense, so no immediate issue there

• Likely reused in SSO code without necessary adjustments

If you’ve faced any of these issues, I’d appreciate your input or confirmations in the comments.
And if any Qlik engineers see this:
Can these be tracked as formal bugs or passed to engineering?

Thanks for reading!

Qlik Alerting Qlik Sense Enterprise on Windows