I am creating a web application which has to authenticate users with QlikSense in order to ensure that the user of the web application see's data appropriate to them from QlikSense.
I am authenticating Ticket system using a modified version of the following library:
The modifications are relatively minor and simply allow me to use a certificate from file rather than from the certificate store.
In that code it ultimately calls the below API:
Now in most cases this succeeds, however if we logout of the web application which will tear down any active sessions for the current user in QlikSense (using this https://help.qlik.com/sense/2.0/en-US/developer/#../Subsystems/ProxyServiceAPI/Content/ProxyServiceAPI/ProxyServiceAPI-P…) and log in as somebody else Qlik will return an error 400 Bad Request.
However, if we then proceed to clear our browser cache and retry or browse with Developer Tools open with the Disable Cache checkbox ticked in network then the authentication will take place as normal.
Now there is no documentation as to why the API might return an error 400 and the response doesn't give any more information away other than that - does anyone have any ideas about what could be wrong or what I should try next?