Qlik Community

Support Knowledge Base

Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team

Announcements
Coming your way, the Qlik Data Revolution Virtual Summit. October 27-29. REGISTER

How to configure Postman (desktop app) to connect to Qlik Sense

Digital Support
Digital Support

How to configure Postman (desktop app) to connect to Qlik Sense

This article will outline how to connect to Qlik Sense's APIs using the desktop app version of Postman. The desktop app is a standalone application whereas the Chrome Extension version is being deprecated. For insight into configuring the Chrome Extension, see article QRS API using Xrfkey header in Postman Chrome Extension.

Environments:

  • Qlik Sense Enterprise, All Versions

 

Assumptions:

  • Postman is installed
  • OpenSSL is installed
    • In this guide we will use a Windows version of OpenSSL provided by Shining Light Productions. Other Windows versions may operate slightly differently, likewise for *Nix (UNIX, Linux, etc.) based versions of OpenSSL 
  • The ports being called are open between the machine with Postman installed and the server
    • Example 4242 being the direct QRS port

Process with PEM Certificates (Simplest, Doesn't Require OpenSSL): 

  • Go into the QMC > Certificate section and export a copy of the certificates used in the site:
    • Arbitrary machine name (best practice is to use the machine you are making the API calls from)
    • No password on the files
    • Include secrets key
    • PEM Format
  • Copy the client.pem and client_key.pem from C:\ProgramData\Qlik\Sense\Repository\Exported Certificates\{computer name} (on the Central node if in a multi-node site) to a place where you can access it from Postman
  • Make a copy of the client.pem and client_key.pem files, and rename them to client.crt and client_key.key.
  • In Postman:
    • Go to Settings > Certificates > Add Certificate
    • Enter in the hostname of your Qlik Sense Server and port (e.g., servername.company.com with port 4242 in the example below)
      • Note: Since you must enter the port used to connect, if you plan to connect via both the Proxy and directly to the QRS then you will need to specify both ports (443 and 4242 respectively). The same goes for QPS calls (4243)
    • Navigate to the where the .crt and .key files is located
    • Enter the passphrase if you used one
    • Click Add to add this certificate to Postman
    • If using a self-signed certificate: Go to Settings > General > Request > SSL certificate verification and disable certificate verification.
  • Make a test connection to a known good QRS API endpoint

Process with PFX Certificates (Requires OpenSSL): 

  • Go into the QMC > Certificate section and export a copy of the certificates used in the site:
    • Arbitrary machine name (best practice is to use the machine you are making the API calls from)
    • No password on the files
    • Include secrets key
    • Windows format
  • Copy the client.pfx from C:\ProgramData\Qlik\Sense\Repository\Exported Certificates (on the Central node if in a multi-node site) to the bin directory of OpenSSL (C:\OpenSSL-Win32\bin for a default install of the above version of OpenSSL).
  • Open a command prompt with administrative rights
    • cd C:\OpenSSL-Win32\bin
    • openssl pkcs12 -in client.pfx -nocerts -out sense.key
      • The import password value will be whatever was used when exporting the certificate, if none then press enter
      • PEM pass phrase is a pass phrase to secure the .key file
        • Ultimately Postman will record this pass phrase in clear text so whether this is used or not is left up to the individual
    • openssl pkcs12 -in client.pfx -clcerts -nokeys -out sense.crt
      • The import password value will be whatever was used when exporting the certificate, if none then press enter
  • Copy the outputted .KEY and .CRT files to the client machine where Postman is installed
  • In Postman
    • Go to Settings > Certificates > Add Certificate
    • Enter in the hostname and port
      • Note: Since you must enter the port used to connect, if you plan to connect via both the Proxy and directly to the QRS then you will need to specify both ports (443 and 4242 respectively). The same goes for QPS calls (4243)
    • Navigate to the where the .CRT file is located
    • Enter the passphrase
    • Click Add to add this certificate to Postman
    • If using a self-signed certificate: Go to Settings > General > Request > SSL certificate verification and disable certificate verification.
  • Make a test connection to a known good QRS API endpoint

Video walkthrough:



(source: https://www.youtube.com/watch?v=XF9CKO63zk0)

Labels (1)
Comments
Creator
Creator

This is great!! 

thank you very much 🕺

Contributor
Contributor

@Andre_Sostizzo  The postman desktop app is slightly updated, getting an error with the current steps.

This is the error  - Error: error:0900006e:PEM routines:OPENSSL_internal:NO_START_LINE

 
Version history
Revision #:
3 of 3
Last update:
‎2020-08-24 08:22 AM
Updated by:
 
Contributors