Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW

Qlik Sense Enterprise SaaS deployments - What if I need to delete my IDP configuration?

No ratings
cancel
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

Qlik Sense Enterprise SaaS deployments - What if I need to delete my IDP configuration?

Last Update:

May 10, 2022 3:03:11 PM

Updated By:

Jamie_Gregory

Created date:

Jun 12, 2020 8:27:38 AM

In case of accidentally deleting or other service side changes that require the recreation of the IDP configuration for Qlik Enterprise SaaS deployments, you can recreate the IDP side application settings generating a new client secret and apply that to your existing setup.
 
 

Environment:

 

Resolution:

 

Recreate the 'Application' in Auth0 or Okta. This should generate new values for the below Help sections.

NOTE: You must be logged in as the original Admin account that was sent the configuration the first time. If you do not know who was sent this information, contact Qlik Customer Support.

Fill in the fields in the Application credentials section:

  1. OpenID configuration (Auth0)/ OpenID Connect metadata URI (Okta): This is the URL to the endpoint that provides configuration information for the OAuth clients to interface with the IdP using the OpenID Connectprotocol.
  2. Client ID (only for interactive): ID of the configured client at the IdP for interactive user authentication.
  3. Client secret (only for interactive): Secret for the client configured at the IdP.
  4. Realm (optional): Name to associate with the IdP. This is the same as the domain name in Windows and it is used for naming consistency in multi-cloud.

Fill in the fields in the Claims mapping section.

Claims are statements (name/value pairs) about the entity (in many cases the user) and metadata about the OpenID Connect service. For each claim, you can use multiple values, separated by commas.

sub, name, groups, email, client_id, picture for interactive, and sub and client_id for Machine-to-Machine.
Groups claim is needed to receive groups.

 

Temporary Process Change Process:


However, if you would like to CHANGE to a different IDP type this is NOT CURRENTLY POSSIBLE . However, we can manually do this work prior to March 31st 2020. There is some information that is needed.

  • Name of Sell-To Contact: This would be the person originally configured to get the Setup Email.
  • Tenant name: CustomerName.us.qlikcloud.com where Customer Name is the name of the tenant.
  • A Screenshot for Proof that the customer has logged into the tenant via their Qlik IdP (Qlik Account) credentials and navigated to the Management Console. This is required because if you cannot login to the tenet with the Qlik Account credentials of the original user OR an additional added user, we can not restore the tenant and your information will be lost.

​​​​With this information, we can manually change the IDP to another kind of vendor. Please contact Support and be prepared to provide the information and reference this article. 


Additional Resources:

Managing identity providers 
Setting up identity providers
Switching from Qlik Account to a corporate IdP configuration 
Changing corporate IdP configurations 

Labels (1)
Version history
Last update:
‎2022-05-10 03:03 PM
Updated by: