Skip to main content
Announcements
Live today at 11 AM ET. Get your questions about Qlik Connect answered, or just listen in. SIGN UP NOW

NPrinting: How to configure and call APIs with JWT authentication

100% helpful (1/1)
cancel
Showing results for 
Search instead for 
Did you mean: 
Damien_Villaret
Support
Support

NPrinting: How to configure and call APIs with JWT authentication

Last Update:

Mar 21, 2024 5:37:11 AM

Updated By:

Sonja_Bauernfeind

Created date:

Jan 8, 2020 4:55:25 AM

This explains how to set up JWT authentication to call the NPrinting API.

This customization is provided as is. Qlik Support cannot provide continued support of the solution. For assistance, reach out to our Professional Services or engage in our active Integrations forum.

If you do not have a certificate, for testing purposes, it is possible to use certificates generated by default by NPrinting in C:\ProgramData\NPrinting\certificates:

cert.pem
key.pem

For production environments, for security purposes, we recommend that you use a certificate you have purchased or generated yourself.

Setting up JWT authentication in the NPrinting Console

  1. Go to Admin > Settings > Authentication
  2. Select "Enabled" for JWT authentication
  3. Open cert.pem in a text editor, copy the content and paste it in JWT certificate
  4. Choose "Authenticate user by email" and input a value for the attributes name, such as "mailaddress" (Authenticate user by Domain\Name can also be used if the user has a domain account filled in in his user information)
  5. Click on "Update authentication settings" in order to save.

Generate a JWT token

It is possible to use the debugger on https://jwt.io in order to generate a JWT token.

  1. Select algorithm: RS256
  2. In Payload, input the following:
    {
      "mailaddress":"youremailaddress@email.com"
    }
    The email address should be the email address of an NPrinting user.
     
  3. In "Verify signature", paste the content of cert.pem in the first field and the content of key.pem in the second field.
  4. The JWT token is now ready to use and appear on the left.

Use the JWT token to call the NPrinting API:

Below is a PowerShell script that is calling the API using JWT authentication. The JWT token needs to be passed in the "Authorization" header and be preceded by the "Bearer" keyword, the same method can also be used in the Qlik Rest Connector or Postman.
 

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

add-type @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

$hdrs = @{}
$hdrs.Add("Authorization","Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...3TOMbQPF2gCb5xnzB9mKumqldotYBH_2OjKZakYHQzNTRzMNRoH5eG6UovkPBA")
$url = "https://nprinting01.domain.local:4993/api/v1/connections"
Invoke-RestMethod -Uri $url -Method Get -ContentType 'application/json' -Headers $hdrs | ConvertTo-Json -Depth 10


For information about running script in PowerShell see Qlik Sense QRS API using Xrfkey header in PowerShell

This custom solution is limited to NPrinting API's only and does not apply to Qlik Sense and NPrinting On Demand reporting (NPrinting On Demand with Qlik Sense support NTLM only. JWT is not supported for use with supported Qlik Sense NPrinting On Demand report objects)
Labels (2)
Comments
petrus
Partner - Contributor II
Partner - Contributor II

Hi @Damien_Villaret 

any possibility to use AD groups instead of AD users?

Thank you!

Version history
Last update:
3 weeks ago
Updated by: