Hi Vasiliy, data access is configured using section access, take a look at this blog post to know more about section access, it has a lot of links:Section Access
And about Sense security: Qlik Sense Security integration - Security Rules and Section Access
To get to your ID question, there is an example in the Introduction to Section Access document, using REGION as id:
LOAD * INLINE [
ACCESS, USERID, PASSWORD, REGION
ADMIN, ADMIN, ADMIN,
USER, USER1, U1, AFRICA USER,
USER2, U2, AMERICA
USER, USER3, U3, ASIA
USER, USER4, U4, EUROPE
USER, USER5, U4, AMERICA
USER, USER5, U5, *
LOAD * INLINE [
In this example a reduction field has been added called REGION.
The purpose is to limit the USERS to their sales region profits.
USER1 will only be able to see the profits for AFRICA, USER2 the profits for AMERICA and USER3 will only see the profits for the ASIA region.
USER4 will be able to see the profits for EUROPE and AMERICA.
USER5 will be able to see all regions listed in the reduction field REGION except for OCEANIA.
Even if USER5 has “*“ for the REGION reduction field, star means “all listed values” not all values for the field. Since no USER has OCEANIA listed for the REGION field, USER5 will not have access to the values for OCEANIA.
If we want USER5 to see OCEANIA as well, we need to add an extra line in our section access solution USER, USER5, U5, OCEANIA
Can you tell by what field you want to restrict users to data?
Use Upper function for table you're loading and want to restrict. You can give NTNAME authorization to check for users. To run on QMC you'll need a service Account or it might fail the task, so we add Service account in inline as a part of section access.
The below script is a working one, I've used on my application. I'm not sure if it will same for you?
It will be helpful if you can provide the script which you'd like to add to section access and the field name you'd like to restrict users.
STAR is *;
UPPER("NTNAME") as NTNAME,
UPPER("FieldYouWanttoRestict") as FIELDYOUWANTTORESTICT;
LOAD * INLINE [
USERNAME, NTNAME, Field3, Field4, FIELDYOUWANTTORESTRICT
Service Account Name, Service Account NTNAME, SERVICEACNT, ADMIN, ADMIN
Yes, i think it's corect, but as it wrote in manual (Qlik Sense Security integration - Security Rules and Section Access):
Use the script below to authorize on groups (supplied in the ticket or via AD etc.) and on individual users
Note: normally you just load this table from your SaaS platform. For demo purposes I just do an inline load.
Explain me, please, what SaaS platform means? Windows Server Auth.??
I think i must write something after FROM ... ???
SaaS is an acronim for "Software as a Service", I don't think you are in one of those environments or wil know what that means, so don't care about it.
That link was about overall Sense security, for section access look at the other link, it summarizes all you need to know about section access and more.
Or give more details about what you have and what you need.
Forget about SaaS.
You'll implement section access to your script, it doesn't matter where you getting the data from.
It can be any data source, Oracle, Amazon etc...
But the Section Access script is same for all data sources.
Can help you more if your script is posted here or an example of your script to give you the answer..