15 Replies Latest reply: Aug 24, 2016 11:49 AM by Senthil Kumar RSS

    QlikSense SAML

    Logesh Jayaraman

      I have configured the SAML as suggested in the documentation. And when i tried to access the Qlik Sense URL with SAML as suggested in the documentation



      the URL is getting redirected to the windows authentication like this https://server:port/windows_authentication/?targetId=11234 

      and prompting for windows authentication. And it works fine.

      (a) How to validate it is authenticated through SAML. Is there any logs associated with it ? Is it expected to prompt for windows authentication and validated through SAML.

      Is there any specific setting has to be changed or additional coding required apart from the QMC settings

        • Re: QlikSense SAML
          Jeffrey Goldberg



          No, you shouldn't be redirected to a windows auth through the browser.  How are you configuring SAML?  Put another way, what identity management solution are you using as an identity provider?


          Can you send a screen shot of your virtual proxy configuration?



          • Re: QlikSense SAML
            Nithesh Kattekola

            Hi All,


            I have integrated SAML with 1 proxy node for PF IDP which works fine. Now I have added one more proxy node and I have linked the same node in SAML virtual proxy. When I try to access https://localhost/saml/hub I get below error.


            Do I need to anything on top of this?


            Thanks for your help in advance.



            Please help!!


              • Re: QlikSense SAML
                Senthil Kumar

                Immediately after seeing this error, look at the log file ????_audit_proxy.txt (found under

                c:\programdata\qlik\sense\logs\proxy\trace\) and check the last few entries.


                The log file will tell you why the authentication is failing. It could be your ID provider rejecting the request. Find out if something was changed in your ID provider side. If you have changed/updated your security certificate recently, you may have to send your metadata again to the ID provider and get it imported there.