6 Replies Latest reply: Jun 4, 2017 1:43 PM by Robert Svebeck RSS

    REST API - Using different accounts

    Neill Bayley

      My company's software has a REST API that requires login and depending on which account is used, different results will be returned to maintain confidentiality. Is it possible to set up a data connector so that it accepts username and password at run time and to load data at that point? If so, how is that done?

       

      Thanks

        • Re: REST API - Using different accounts
          Robert Svebeck

          Yes, the REST connector supports login credentials.

            • Re: REST API - Using different accounts
              Robert Svebeck

              Oh, I see you write "at runtime".... somthis all would depend on your setup... so you want a on-demand reload where the user credentials are transfered back to the qmc before reloading?

                • Re: REST API - Using different accounts
                  Neill Bayley

                  Thank you Robert. Yes, what I want to be able to do is use different credentials per session because this can affect the data returned. So when user A logs in, they may have permissions to see all of the data across all departments in a particular data set but when user B logs in, they may only see one department's data.
                  It seems that the connector is instantiated before any dynamic filtering can be applied but I hope I am wrong.

                   

                  Thanks.

                    • Re: REST API - Using different accounts
                      Robert Svebeck

                      I see. In standard, data security settings is normally handled by Qlikview itself, and the Qlikview data layer normally contains all data. 


                      The reasons are many but amongst the important ones ; we normally do not want to allow users to stress the source databases by the users demand. 


                      Allowing users to trigger new database loads is not best practice as it can basically make users to lock the source databases. Perhaps not from a REST interface though, but they might be limited in # requests per day or such...


                      My recomendation is that you create a ETL standard QVD layer in your Qlikview installation and use the standard "section access" to make sure users gets the data  they are allowed to get.


                      What you describe as your need is however possible to do, but you would need to make a different QVW for each user... since the credentialls will be different for each user.