Skip to main content

Qlik

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2025! Join us in Orlando join us for 3 days of immersive learning: REGISTER TODAY

Qlik Sense : "Qlik Sense G3 Broker API" error on the hub when the SAML response or ticket request contains a big number of groups in June 2019

100% helpful (1/1)
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Damien_V
Support

Qlik Sense : "Qlik Sense G3 Broker API" error on the hub when the SAML response or ticket request contains a big number of groups in June 2019

Last Update:

Feb 2, 2024 9:13:40 AM

Updated By:

Alan_Slaughter

Created date:

Oct 22, 2019 4:43:44 AM

When using SAML or ticket authentication which started in Qlik Sense June 2019, some users belonging to a big number of groups see the error "Qlik Sense G3 Broker API" on the hub and cannot proceed further.

You may receive the following error when setting up the SAML virtual proxy: cachebust pending 

Environments:

Resolution/Workaround

The only known workaround in the above versions is to reduce the number of groups sent in the SAML response or ticket request.

The fix for this defect is included in the following versions, but additional steps may be necessary:

All Versions

The default setting will still be a header size of 8192 bytes. The fix adds support for a configurable MaxHttpHeaderSize.

Steps:

  1. To configure add it at the top section of the file under [globals] (C:\Program Files\Qlik\Sense\ServiceDispatcher\service.conf) 
    [globals]
LogPath="${ALLUSERSPROFILE}\Qlik\Sense\Log"
MigrationPort=4545
(...)
MaxHttpHeaderSize=65534
  2. Once the change is done, save the file and restart the Qlik Service Dispatcher service.

Note: Above value (16384) is an example. You may potentially need to put more depending of the total number of characters of all the AD groups to which the user belongs. The max value is 65534.

 

Other Related Articles:
https://community.qlik.com/t5/Official-Support-Articles/Error-431-when-trying-to-access-the-Qlik-Sen... 

Internal Investigation ID(s):

QB-234.

Labels (1)
7,091 Views
Was this article helpful? Yes No
Comments
AgilentQlik
Partner - Contributor
‎2024-01-26 01:25 AM

hello damien,

The above solution fix suitable for Feb 2023 patch1 version, what is the use of updating header size in service dispatcher.conf file .

How it will prevent the resolution fix for the error.

Sonja_Bauernfeind
Digital Support
‎2024-02-01 04:56 AM

Hello @AgilentQlik 

The solution to increase the header size ensures a large number of AD groups can be included in the request.

Filippo_Nicolussi_P
Support
‎2024-12-05 09:57 AM

This option is also fixing a loading forever hub, while in the developer tools of the browser you find the 431 http error like:  

https://your_server/api/about/v1/language?cachebust=1733308268272 431 (Request Header Fields Too Large). 

Language-431-header-size.png

 

mgranillo
Specialist
‎2025-02-20 11:28 AM

@Sonja_Bauernfeind Rather than increase the header size, is there a way to limit the AD groups coming across with the user? Obviously, I can't remove the user from the groups as they drive access to other applications. 

Version history
Last update:
‎2024-02-02 09:13 AM
Updated by:
Top