1 Reply Latest reply: Dec 12, 2016 2:34 PM by Alexander Karlsson RSS

    How to get the credentials of the current authenticated user to call a REST web service on a separate back-end server?

    Thomas Westhead


      Before I ask my question, here's a bit of context and scenario:

      1. My end-users access: https://front-end-qlik-server and are redirected to a login page.

      2. They proceed to enter their credentials, submit and are redirected to:

      - https://front-end-qlik-server/extensions/ExtensionHome/ExtensionHome.html

      My site is built on a set of Qlik Sense Extensions between which the user can navigate:

      - https://front-end-qlik-server/extensions/Extension1/Extension1.html

      - https://front-end-qlik-server/extensions/Extension2/Extension2.html

      - and so on...


      4. These extensions are mashups that embed Qlik objects and other HTML objects.


      5. Data is loaded into the page from Qlik but also from a back-end server (unrelated to Qlik Sense) that exposes web-services.

      Data is also posted from the extensions to the web-services.


      Now, the problem:

      So far I am calling my web services using ajax on the client side, from the JavaScript in my extensions.

      These web services need authentication, and right now for development purposes I am using hard coded credentials.

      However, I would like to use the Qlik Sense credentials to authenticate the client when calling my web services. (Credentials would be the same for the Qlik Sense server and my back-end server)

      • Could I get the credentials of the current authenticated user from the JavaScript in my extension?

      My research so far:

      I have explored this type of code in my browser js console that gives me the username :

      var userData;

      require( ["js/qlik"], function ( qlik ) {


                userData = 'User:'+reply.qReturn;



      Of course it would be a major security issue to be able to get the password from the browser on the client side.

      • How would experienced Qlik Sense developers deal with this type of situation?
      • Perhaps a REST data connector?
      • But wouldn't data be static and loaded only once?
      • How would I post data to the REST endpoint from the page?
      • Could the credentials for the REST connector be set dynamically?


      Sorry for the long description, looking forward to some help.