Qlik Sense QRS API using Xrfkey header in PowerShell
Article Number: 000067703 | Last Modified: 2020/04/28
Qlik Sense Repository Service API (QRS API) contains all data and configuration information for a Qlik Sense site. The data is normally added and updated using the Qlik Management Console (QMC) or a Qlik Sense client, but it is also possible to communicate directly with the QRS using its API. This enables the automation of a range of tasks, for example:
Start tasks from an external scheduling tool
Change license configurations
Extract data about the system
Using Xrfkey header
A common vulnerability in web clients is cross-site request forgery, which lets an attacker impersonate a user when accessing a system. Thus we use the Xrfkey to prevent that, without Xrfkey being set in the URL the server will send back a message saying: XSRF prevention check failed. Possible XSRF discovered.
Qlik Sense Enterprise 3.x and higher
Note: Please note that this example is related to token based licenses and in case this is needed to be configure with Professional Analyser type of licenses you might need to use the following API calls:
Make sure that port 4242 is open between the machine making the API call and the Qlik Sense server.
Import the certificate on the machine you will use to make API calls. This must be imported in the personal certificate store of your user in MMC. The following PowerShell script is fetching automatically the Qlik Client certificate from the Certificate Personal store for the current user. You may need to modify the script if you have QlikClient certificates imported from different Qlik Sense servers in the store)
If there are several certificates from different Qlik Sense server, these can not be fetched by subject as there will have several certificates with subject QlikClient and that script will fail as it will return as array of certificates instead of a single certificate. In that case, fetch the certificate by thumbprint. This required more Powershell knowledge, but an example can be found here: How to find certificates by thumbprint or name with powershell
Collaborate with over 60,000 Qlik technologists and members around the world to get answers to your questions, and maximize success.