This explains how to set up JWT authentication to call the NPrinting API.
This customization is provided as is. Qlik Support cannot provide continued support of the solution. For assistance, reach out to our Professional Services or engage in our active Integrations forum.
If you do not have a certificate, for testing purposes, it is possible to use certificates generated by default by NPrinting in C:\ProgramData\NPrinting\certificates:
cert.pem
key.pem
For production environments, for security purposes, we recommend that you use a certificate you have purchased or generated yourself.
Setting up JWT authentication in the NPrinting Console
- Go to Admin > Settings > Authentication
- Select "Enabled" for JWT authentication
- Open cert.pem in a text editor, copy the content and paste it in JWT certificate
- Choose "Authenticate user by email" and input a value for the attributes name, such as "mailaddress" (Authenticate user by Domain\Name can also be used if the user has a domain account filled in in his user information)
- Click on "Update authentication settings" in order to save.
Generate a JWT token
It is possible to use the debugger on https://jwt.io in order to generate a JWT token.
- Select algorithm: RS256
- In Payload, input the following:
{
"mailaddress":"youremailaddress@email.com"
}
The email address should be the email address of an NPrinting user.
- In "Verify signature", paste the content of cert.pem in the first field and the content of key.pem in the second field.
- The JWT token is now ready to use and appear on the left.
Use the JWT token to call the NPrinting API:
Below is a PowerShell script that is calling the API using JWT authentication. The JWT token needs to be passed in the "Authorization" header and be preceded by the "Bearer" keyword, the same method can also be used in the Qlik Rest Connector or Postman.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$hdrs = @{}
$hdrs.Add("Authorization","Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...3TOMbQPF2gCb5xnzB9mKumqldotYBH_2OjKZakYHQzNTRzMNRoH5eG6UovkPBA")
$url = "https://nprinting01.domain.local:4993/api/v1/connections"
Invoke-RestMethod -Uri $url -Method Get -ContentType 'application/json' -Headers $hdrs | ConvertTo-Json -Depth 10
For information about running script in PowerShell see Qlik Sense QRS API using Xrfkey header in PowerShell
This custom solution is limited to NPrinting API's only and does not apply to Qlik Sense and NPrinting On Demand reporting (NPrinting On Demand with Qlik Sense support NTLM only. JWT is not supported for use with supported Qlik Sense NPrinting On Demand report objects)
