Build web solutions
Leveraging the Qlik platform in web solutions is an increasingly popular thing to do. Often it revolved around using analytics, in others about managing deployments.
Some example use cases suitable for web applications:
- Rendering visualizations from the Qlik Sense client on websites
- Connect to the Qlik Associative Engine and create custom analytics
- Create custom administration pages to for example trigger reloads
Note: You need to have a web integration configured, see more about what this is and how to set one up on the Web integrations page.
Before you can utilize the Qlik platform in your web solution, your web application user must be signed in. This is how that works:
- Validate that your user is signed in to your tenant: in your web application,
do a request to for example
https://your-tenant.us.qlikcloud.com/api/v1/users/me. If this succeeds, your user has a valid session and you may now interact with the platform.
- If the previous step failed (non-200 HTTP status code), you need to redirect
your user to
https://your-tenant.us.qlikcloud.com/login?returnto=<full address to your web application>&qlik-web-integration-id=xyzwhere they need to log in using the configured identity provider for the tenant. When it succeeds, they're redirected back to the
returntoURL (your web application).
The Qlik platform has counter-measures against Cross-Site Request Forgery (CSRF). Any web solution interacting with the platform needs to provide a valid CSRF token on all non-GET REST calls, including websocket connections.
Once a user is signed it, the CSRF token can be fetched by doing a request to
> GET /api/v1/csrf-token > content-type: application/json > cookie: ... < HTTP/1.1 204 < qlik-csrf-token: xyz
Note: The CSRF token is returned as a header, not in the body of the HTTP response.
Once you have retrieved a CSRF token, it's valid until the user session ends.
This token must be passed in as a header when doing REST calls
qlik-csrf-token: xyz), and in websocket connections it's passed in as a query
When the terminology "web apps" is used in the context of Qlik Sense, it means a web-based applications in which you want to use the various Qlik backend APIs.
Generally this means:
- where you as the implementor may use any technology of your choice to build your solution
- wants to build custom visualizations, analytical interfaces, or perhaps administration UIs
In the Qlik world, "mashups" usually means to use the Qlik Sense capability APIs and other various front-end files that's hosted by a Qlik deployment, by using those files you also get things like require.js, angular.js, and other dependencies which may not always be optimal for your use case. However, using the mashup approach enables you to embed existing Qlik Sense visualizations (or create new ones on the fly). Mashups are a subset of "web apps."