4 Replies Latest reply: Sep 10, 2015 12:59 PM by Paul Martin RSS

    How to authenticate a user?

      Hello,

       

      I want to build an integration in JS with the mashup API in an portal. I want to login the user to my QlikSense server with his Sense credentials but I don't understand which API I can use for that.

       

      Do you have any links or example of code for that?

       

      Best regards,

        • Re: How to authenticate a user?
          Alexander Karlsson

          You would use the Proxy API https://help.qlik.com/sense/2.0/en-us/developer/Subsystems/ProxyServiceAPI/Content/ProxyServiceAPI/ProxyServiceAPI-Proxy…

           

          When you say Sense credentials what do you refer to? We don't have users in a traditional sense but rely on external systems to perform the authentication.

           

          If you are integrating the mashup into a portal and that portal has already performed a authentication you could either do session integration, if a session token/cookie exists, or even header authentication if your solution is not exposed externally.

           

          The authentication flow would happen before you expose your users to the mashup.

            • Re: How to authenticate a user?

              Hello Alexander,

               

              Thanks a lot for your first answer that provide me some way to explore the very large Sense documentation!

               

              We connected the sense server to our Active Directory and by consequence when we go to the hub we have a popup to ask credentials to the users. I want to store the credentials on the portal to prevent the asking every time at the user. But I don't understand in the API flow which API I can call with these credentials.

               

              Thanks again for your help!

                • Re: How to authenticate a user?
                  Alexander Karlsson

                  It's probably not a good idea to store your users windows passwords in the portal itself.
                  Unrelated but if you add your Qlik server to the intranet zone you will most likely get rid of that annoying popup when access the Hub since then the browser will be allowed to do the ntlm negotiation.

                   

                  If you also do that you should also be able to leverage pouc/qlik-mashup-bounce · GitHub

                  You would upload that to QRS under the Extensions section. The reason why it works is because mashups that are hosted through QRS sits behind the proxy so when a user requests a resource from behind the proxy and are authenticated, either automatically or through the popup, we set the session cookie for their Qlik Sense session.

                   

                  The qlik-mashup-bounce module will then redirect the user to whatever URL you have your mashup hosted on but since they now have a valid session cookie in place they will be treated as authenticated users.