2 Replies Latest reply: Jul 20, 2018 10:00 AM by Erik Wetterberg RSS

    Authentication from web app - best practices??

    Erik Wetterberg


      Lately I have been working om integrating an existing web app with Qlik Sense using the Engine API. Unlike most of the cases I have worked on before this web app is not hosted by Qlik Sense, which means users might not be authenticated with Qlik Sense. So we have to handle authentication.


      What we have done some far is that when we get a 'Not authenticated' error message we make a HTTP GET to the Qlik Sense server. This triggers a login dialog, which works well when we have 'Windows authentication pattern' set to 'Windows'. When we switch to 'Form' is does not work any more...


      This leads to my question: what is best practices for this scenario?

      • is the HTTP GET a general pattern, or just when 'Windows authentication pattern' is windows?
      • is there a more general approach? If possible we would like something that works with different configurations.
      • what file/URL is recommended for the GET?
      • what about logging out? How can we do that?? I've seen that the built-in client uses a HTTP DELETE when you do a logout, is that the way to go??

      Grateful for any help


      Erik Wetterberg