Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE

Qlik Sense: Modify REST connections for Monitoring Apps to use JWT authentication

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

Qlik Sense: Modify REST connections for Monitoring Apps to use JWT authentication

Last Update:

Feb 23, 2021 4:05:33 AM

Updated By:

Sonja_Bauernfeind

Created date:

Nov 23, 2020 7:04:08 AM

This describes how to modify REST connections for Monitoring Apps to use JWT authentication.
This is useful when Windows authentication cannot be used, for example, if Kerberos is enabled on the proxy service, Windows authentication will fail as the REST connector does not support Kerberos.

Environments:

  • Qlik Sense Enterprise for Windows June 2018 and later

 

Step 1: First of all, a virtual proxy with JWT authentication needs to be set up.
Please refer to below article for the setup:
Qlik Sense: How to set up JWT authentication

Step 2: Then a JWT token needs to be generated, it can be generated with custom code, or by using directly the debugger on jwt.io.
This is as well described in the above article.
The JWT token needs to be issued to a user that is a RootAdmin in Qlik Sense.

Warning: JWTs are credentials, which can grant access to resources. Be careful that your security rules are correctly set so that other users do not have "Update" rights on the monitoring apps REST connection where you have pasted your JWT token.

Example of JWT token:

eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJBZG1pbmlzdHJhdG9yIiwidXNlckRpcmVjdG9yeSI6IkRPTUFJTiIsImV4cCI6MTU5MDc1ODg0N30.eEgQ8WLL3dLxmjuDcxaCig9CKKXd0HVgnOH6CG0qGYyA_uhKChSFyZwDF7w5R0MpquBviipEt-lMLr4rwxP5xJ8KN01HATbJK0UHrBWx_RUiEeItkDtALNn-Iq5JdEqk6UjNN0VH8UrRdU01k1jguIQNYCILvpS_klcTkbWc0_Qd_PkH3zf_96FNGRM-h3M2alHYEytGW2Tl46K-hp3jDLWViICANPWgJHwlIqeuA8o8Ejbg0UzGy3OKpiKpzDF07zPcwPIqNEAr3B-gfVEiO1KqtapWJhQqecxCH2WvucDc9zHimhPNCLmi4RQ4oeaG0iaYTEtBtkbJDGY8eYf7Hw


PAYLOAD:

{
  "userId": "Administrator",
  "userDirectory": "DOMAIN",
  "exp":1590758847
}




Step 3: Modify each of the REST connection:

Before

CUSTOM CONNECT TO "provider=QvRestConnector.exe;url=https://localhost/qrs/app/full;timeout=900;method=GET;autoDetectResponseType=true;keyGenerationStrategy=0;authSchema=ntlm;skipServerCertificateValidation=true;useCertificate=No;certificateStoreLocation=LocalMachine;certificateStoreName=My;trustedLocations=qrs-proxy%2https://localhost:4244;queryParameters=xrfkey%20000000000000000;addMissingQueryParametersToFinalRequest=false;queryHeaders=X-Qlik-XrfKey%20000000000000000%1User-Agent%2Windows;PaginationType=None;"


After:

CUSTOM CONNECT TO "provider=QvRestConnector.exe;url=https://localhost/jwt/qrs/app/full;timeout=900;method=GET;autoDetectResponseType=true;keyGenerationStrategy=0;authSchema=anonymous;skipServerCertificateValidation=true;useCertificate=No;certificateStoreLocation=LocalMachine;certificateStoreName=My;trustedLocations=qrs-proxy%2https://localhost:4244;queryParameters=xrfkey%20000000000000000;addMissingQueryParametersToFinalRequest=false;queryHeaders=X-Qlik-XrfKey%20000000000000000%1Authorization%2Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJBZG1pbmlzdHJhdG9yIiwidXNlckRpcmVjdG9yeSI6IkRPTUFJTiJ9.kimatrXjNq_O765XOgfOs4XgZLLObtv50rnexT2IvxxPGTdhzxabcsp0Dg0MMRkH_Rzs129dnY_Ec5guIYqJYItbe_azm7adKsCFfO2pEF9qLY7dLp25WB3EQwk0VKxp7pC-sEMydSHME1EdWjCe24pISJco-N2-3yGCFb9uAgu2Q86jq41KRb-To4XOCLxiLWYCe1YJc0wa86F4Yzs4ryflauYevQT9UeE3gYJBHadrocAVFM2D6is5rmGnjfRzVQFY-jxLBccRNOSpfhNnvPZ56CpzkMAR93Abf-Uobda8GYyMdkVoQLxRFYP7r7mLbGaamCwUIApcHtUc7b3LEg;PaginationType=None;"
3,069 Views
Was this article helpful? Yes No
Version history
Last update:
‎2021-02-23 04:05 AM
Updated by:
Digital Support