Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
WhoAmI
Contributor II
Contributor II
‎2023-07-06 02:17 AM

(nebula.js) extension Auth0 integration

Hello,

I have written an extension based on the nebula.js framework. This calls an internal application, which in turn is technically secured by an internal Auth0 instance security. In Qlik SaaS the same Auth0 instance is used.

Now the question, is it possible to pass the token to the nebula.js extension, which should already be generated by using the Qlik application. My goal would be that I can pass the bearer token directly when communicating with my extension.

Currently I do a relatively awkward iframe in the Qlik Mashup application to log in with my application.

Labels (2)
Labels
519 Views
0 Likes
4 Replies
jprdonnelly
Employee
Employee
‎2023-07-07 01:49 PM

@WhoAmI - does the extension need to authenticate as the user who has logged into the Qlik Cloud tenant, and have you investigated OAuth2 yet?

- @jprdonnelly
487 Views
0 Likes
WhoAmI
Contributor II
Contributor II
‎2023-07-17 06:09 AM
Author

Hi @jprdonnelly , sorry for my late reply. Yes, the Qlik extension (especially the backend) needs the user currently logged in.

Since the extension is only for visualization, I can't specify redirect_uri or anything like that. Currently I don't know which flow I can use, or which API endpoint from Qlik.

469 Views
0 Likes
Jeffrey_Goldberg
Employee
Employee
‎2023-07-17 08:23 AM

In response to WhoAmI

@WhoAmI , You may need to allow the correct origins and callbacks in the auth0 configuration to support using the same auth.

2023-07-17_08-15-04.png

 

@jprdonnelly  is also correct. You could set up an OAuth application on Auth0 (because in this case Qlik is the client, not the resource server) that has a relationship to the identity provider application. In this case, you would be able to set up the extension as a public client. You would add the client_id from auth0 to your extension and then have it make a request for an authorization and access token on Auth0.

Because you're already authenticated to Auth0, it should see that when the request for the authorization token comes through from your extension and gives you what you need to take the next step.

 

This may be helpful as well: https://auth0.com/docs/quickstart/spa/vanillajs/interactive

 

457 Views
0 Likes
WhoAmI
Contributor II
Contributor II
‎2023-07-18 06:52 AM
Author

In response to Jeffrey_Goldberg

Do you mean to call one of the POST method /oauth/token https://qlik.dev/apis/rest/oauth

if yes, which body type should I use?

WhoAmI_0-1689677554152.png

 

 

444 Views
0 Likes