Changelog

The Qlik Platform Operations and Qlik Cloud Services connectors for Qlik Application Automation enable the deployment and management of Qlik Cloud tenants without any code.

New blocks in the Qlik Platform Operations connector:

• Create Space Share: Creates a space share to share a resource to a specific user, group, or link.
• List Space Shares: Lists all space shares for a space.
• Get Space Share: Retrieves a specific space share.
• Update Space Share: Updates an existing space share.
• Delete Space Share: Removes a specific space share.

No blocks were updated in the Qlik Platform Operations connector this release.

New blocks in the Qlik Cloud Services connector:

• Create Group: Supports creation of either IdP or custom groups.
• Update Group: Updates existing IdP or custom groups.
• Add Or Remove User From Custom Group: Adds or removes the specified user from the provided custom group.
• Add Role To Group By Name: Adds a role to a group using the role and group name.
• Remove Role From Group By Name: Removes a role from a group using the role and group name.
• Create Multiple Pinned Links: Permits bulk creation of pinned links.
• Create Pinned Link: Creates a pinned link.
• List Pinned Links: Retrieves a list of all pinned links.
• Get Pinned Link: Retrieves a pinned link.
• Update Pinned Link: Updates a pinned link.
• Delete All Pinned Links: Bulk deletes all pinned links.
• Delete Pinned Link: Deletes a pinned link.

Updated blocks in the Qlik Cloud Services connector:

• List Groups: Added filter on provider type to select from IdP or custom groups.
• List Data Assets By Data Store: Pagination bug has been fixed.
• List Data Stores: Pagination bug has been fixed.
• List Datasets By Data Asset: Pagination bug has been fixed.
• Raw API Request: Added support for ui-config API.
• Raw API List Request: Added support for ui-config API.

Following the deprecation notice of March 26, 2024, the TypeScript Platform SDK will reach end-of-life and end-of-support on March 27, 2025.

Starting from March 27, 2025, this SDK will no longer receive updates or releases, and may be removed at any time. Please use qlik-api instead.

Qlik is announcing a change in behavior for the Users API, which will take effect no sooner than March 31, 2025.

The Users API currently allows you to create a new user with an email that is already associated with a disabled user in the tenant, and to update a user’s email to the same address already associated to another invited or disabled user in the tenant.

The Users API will be updated to enforce email uniqueness across all user statuses (including: active, invited, provisioned, disabled).

Endpoints affected:

• POST /v1/users
• PATCH /v1/users/{id}

The new Tab container chart object offers improved styling settings for labels, tabs, and icons compared to the deprecated Container object.

While existing Container objects still work, you can no longer create new ones. The Tab container is now the go-to replacement.

For more information, refer to Foundational knowledge.

The Data Integration Projects API has been updated with new endpoints that allow users to validate and prepare their projects and tasks programmatically.

Using these new API endpoints, users can programmatically:

• Validate and prepare tasks at the project level, using the internal project orchestration logic:
  • Validate all tasks in a project: POST /api/v1/di-projects/{ProjectID}/actions/validate
  • Prepare all tasks in a project: POST /api/v1/di-projects/{ProjectID}/actions/prepare
• Validate and prepare tasks at the task level:
  • Validate a task: POST /api/v1/di-projects/{ProjectID}/di-tasks/{dataTaskID}/actions/validate
  • Prepare a task: POST /api/v1/di-projects/{ProjectID}/di-tasks/{dataTaskID}/actions/prepare
• Monitor the status of validate and prepare operations to ensure they are completed successfully before running tasks:
  • Get status: GET /api/v1/di-projects/actions/{ActionID}

These new endpoints can be leveraged alongside the existing Export and Import endpoints to fully automate deployment use cases programmatically.

For more information, review the reference documentation for the Data Integration Projects API.

The Spaces API has been updated to include new endpoints to manage space shares.

This supports two tasks:

• Sharing a resource (for example, a Qlik Sense application) to specific users or groups in a tenant without giving them access to other content in that space.
• Managing analytic links for Qlik Sense apps in a tenant with the anonymous capability enabled.

The new endpoints are:

• POST /api/v1/spaces/{spaceId}/shares - Share a resource in a space with specific users or groups, or create a link share in an anonymous tenant.
• GET /api/v1/spaces/{spaceId}/shares - Get a list of shares for a space.
• GET /api/v1/spaces/{spaceId}/shares/{shareId} - Get a share by ID.
• PATCH /api/v1/spaces/{spaceId}/shares/{shareId} - Update a share by ID.
• DELETE /api/v1/spaces/{spaceId}/shares/{shareId} - Delete a share by ID.

For more information on this API, review the Spaces API specification.

The Qlik Platform Operations and Qlik Cloud Services connectors for Qlik Application Automation enable the deployment and management of Qlik Cloud tenants without any code.

New blocks in the Qlik Platform Operations connector:

• Create Group: A replacement for the renamed Create Multiple IdP Groups block. Supports creation of either IdP or custom groups.
• Update Group: Updates existing IdP or custom groups.
• Add Or Remove User From Custom Group: Adds or removes the specified user from the provided custom group.
• Create Multiple Pinned Links: Permits bulk creation of pinned links.
• Create Pinned Link: Creates a pinned link.
• List Pinned Links: Retrieves a list of all pinned links.
• Get Pinned Link: Retrieves a pinned link.
• Update Pinned Link: Updates a pinned link.
• Delete All Pinned Links: Bulk deletes all pinned links.
• Delete Pinned Link: Deletes a pinned link.
• List Analytics App Media Files: Retrieves a list of media files from a Analytics app.
• Get Analytics App Media File: Retrieves the specified media file from a Analytics app.
• Get Analytics App Thumbnail Media File: Retrieves the thumbnail image for a Analytics app.
• Upload Analytics App Media File: Uploads a media file to a Analytics app.
• Delete Analytics App Media File: Deletes the specified media file from a Analytics app.

Updated blocks in the Qlik Platform Operations connector:

• List Members From Space: Added new inputs to filter directly on the ID of a user or group, assignee type, and querystring.
• Create Group has been renamed to Create Multiple IdP Groups following the launch of custom groups. Use the replacement Create Group block if you wish to leverage custom groups.
• Update Group has been renamed to Update Group Roles following the launch of custom groups. Use the replacement Update Group block if you wish to update properties of custom groups.
• Add Role To Group By Name: has been updated to support custom groups. Note that the default behavior is to add roles to IdP groups. If you wish to add roles to custom groups, you must specify the group type as custom in the block configuration.
• Remove Role From Group By Name: has been updated to support custom groups. Note that the default behavior is to add roles to IdP groups. If you wish to add roles to custom groups, you must specify the group type as custom in the block configuration.

New blocks in the Qlik Cloud Services connector:

• Copy Data File: Duplicates the specified data file.
• Get Analytics App Media File: Retrieves the specified media file from a Analytics app.
• Get Analytics App Thumbnail Media File: Retrieves the thumbnail image for a Analytics app.
• Upload Analytics App Media File: Uploads a media file to a Analytics app.
• Delete Analytics App Media File: Deletes the specified media file from a Analytics app.

Updated blocks in the Qlik Cloud Services connector:

• List Members From Space: Added new inputs to filter directly on the ID of a user or group, assignee type, and querystring.
• List Analytics App Media Files: Renamed from List Media Files In App to align with naming of new media file handling blocks.

Pinned links are now available in the Qlik Cloud navigation menu. Pinned links allow you to create and manage your own links which appear under the More section in the navigation menu, providing a way of surfacing important links to your users via the global navigation controls.

This feature can only be set via the Pinned Links API. By default, your tenant contains no links, and the More section will not be shown. When the first link is added, it will be visible to all users in the tenant.

For example, to create a link to qlik.dev and qlik.com:

curl -L "https://<TENANT>/api/v1/ui-config/pinned-links/actions/bulk-create-pinned-links" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-d "{
    \"type\": \"custom-link\",
    \"scope\": \"tenant\",
    \"links\": [
        {
            \"name\": \"Qlik Developer Portal\",
            \"link\": \"https://qlik.dev\"        },
        {
            \"name\": \"Qlik.com\",
            \"link\": \"https://qlik.com\"        }
    ]
}"

Successful requests will return an HTTP 201 status code along with the details of the created links.

For more information, review the specification for the Pinned Links API.

Qlik Cloud leverages an event-driven architecture to communicate between the services in the platform. As part of an ongoing project to standardize event formats, the event com.qlik.v1.reporting-service.audit is being replaced by com.qlik.v1.report.finished. Users who consume this event via the Audits API should migrate to the new event immediately.

As of this changelog, both events will be emitted until May 5, 2025. On or after this date, the com.qlik.v1.reporting-service.audit event will no longer be captured. Events already stored by the Audits API will remain available.

The new event is identical to the existing event, with the exception of the eventType field. The eventType field will be updated from com.qlik.v1.reporting-service.audit to com.qlik.v1.report.finished.

Note: The com.qlik.v1.reporting-service.audit event is experimental and unpublished. In general, Qlik does not post deprecation notices for experimental and/or unpublished events. An exception has been made in this case due to the external usage of this event. Qlik reserves the right to deprecate without notice experimental and/or unpublished events.

For more information, review the Audits API specification.

Custom Groups are a powerful new capability designed to give enterprise customers greater flexibility and control over user and group management.

With Custom Groups, organizations that do not rely on Identity Provider (IdP) groups for access control can now create and maintain user-to-group relationships directly in Qlik Cloud. This enables seamless group-based provisioning for both administrative access and product feature controls.

Use Cases Solved

• Public Sector Flexibility: Manage group memberships within Qlik Cloud to streamline resource access without relying on IdP-provided groups, simplifying integration with third-party applications.
• Enterprise Autonomy: Gain full control over user and group assignments without being tied to IT-managed Active Directory groups, empowering teams to adapt quickly to evolving needs.
• Embedded Analytics: With qlik-embed and OAuth2 Machine-to-Machine impersonation, use Custom Groups to handle user group membership using only REST APIs and the qlik-api framework, reducing complexity.

Custom Groups offer enhanced usability and autonomy, making access management easier and more aligned with your unique organizational structure.

API example: Create a custom group

Here’s an example of how to create a custom group and assign a role to it using the Groups API:

curl -L "https://<TENANT>/api/v1/groups" ^
-X POST ^
-H "Content-Type: application/json" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-d "{\"name\": \"<GROUP_NAME>\", \"status\": \"active\", \"providerType\": \"custom\", \"assignedRoles\": [{\"name\": \"<ROLE_NAME>\"}]}"

Note: This is a non-breaking addition to the Groups API. Group creation requests sent without a providerType will continue to be created as an IdP group.

For more information, see Managing groups.

Updated on January 16, 2025: Paths to the invoke and stream endpoints were corrected.

Qlik Answers leverages two services - Knowledgebases and Assistants - to first build the data leveraged by an assistant and then configure the assistant. The Knowledgebases API and Assistants API are now published and generally available for programmatic use cases.

These APIs support both the configuration of Qlik Answers, as well as asking questions to an Assistant by using the /api/v1/assistants/{assistantId}/threads/{threadId}/actions/invoke or /api/v1/assistants/{assistantId}/threads/{threadId}/actions/stream endpoints, allowing you to create your own embedded version of Qlik Answers.

This release complements the previously available qlik-embed support for Qlik Answers, which allows you to embed the native user interface into your web applications and portals.

For more information:

• Learn how to use Qlik Answers.
• Review the specifications for the Assistants API and Knowledgebase API.

The Machine Learning API is now available. This public API allows you to train, deploy, and make predictions with machine learning models using Qlik AutoML. You can use this API to integrate the power of Qlik AutoML and predictive analytics into your own software applications.

With the Machine Learning API, you can:

• Start the automated machine learning process by creating machine learning experiment and training models.
• Deploy the trained models to make predictions on the outcome of your business problems.
• Explore the variables that impact the predicted outcome, and gain a thorough understanding of your data.

For more information about the new Machine Learning API:

• Explore the API reference documentation.
• Follow the end-to-end tutorial to get started.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without any code.

This release adds native file handling support, which allows for files up to 100 MB in size and works with a larger selection of connectors.

New blocks:

• Import App: A version of the Import App From Base 64 Encoded File block which uses native file handling.
• Export App: A version of the Export App To Base 64 Encoded File block which uses native file handling.
• Import File From Temporary Contents: A version of the Import Base 64 Encoded File To Temporary Contents block which uses native file handling.
• Export File From Temporary Contents: A version of the Export Base 64 Encoded File From Temporary Contents block which uses native file handling.
• Import And Replace App In Shared Space By Name: A version of the Import And Replace Base 64 Encoded App In Shared Space block which uses native file handling.

Renamed blocks:

• Import And Replace Base 64 App In Shared Space By Name: This block was formerly Import And Replace App In Shared Space, and has been renamed for consistency with other file handling blocks.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

The Data Integration Projects API manages Qlik Talend Cloud Pipeline projects.

New export/import APIs for Qlik Talend Cloud Pipelines offer a programmatic way to export and import projects across tenants and spaces for deployment purposes.

They allow programmers to export projects as a .zip file. They also include creating projects and reading or updating the project variables (referred to as bindings) before importing project contents.

5 new API endpoints are available:

• Export the project contents as a .zip file
• Retrieve the bindings for a specified project
• Create a project
• Update bindings for a specified project
• Import project contents from a .zip file

For more information, review the reference documentation for the Data Integration Projects API.

A big part of the app experience in Qlik Sense is the navigation between sheets. With the new navigation menu, you can style it as you prefer.

For more information, refer to:

• Foundational knowledge
• Creating navigation menu objects
• Reference documentation

The Roles API manages tenant-level security roles and user default customization.

New endpoints allow you to create, update, and delete custom roles, as well as configure the default scopes assigned to all users in a tenant via userDefault.

For more information:

• Review the Manage custom roles tutorial.
• See all available custom role and user default scopes.
• Review the Roles API specification.

The selection bar can now be styled using custom themes. Style the selection bar and listboxes with custom definitions for the dataColors properties. These properties can be configured in the top-level theme definition, and at the chart level for the listBox object.

For more information, refer to:

• Basic styling of apps using custom themes
• Extended object styling
• Theme JSON properties

qlik-cli 2.26.0

A new release of qlik-cli has been published.

Change summary:

• Republished qlik-cli documentation to remove deprecated commands and update with improved API specifications.
• Updated command help to match the updated API specifications.
• Deprecated the collection change-visibility command as the supporting API is no longer published.
• Renamed the flag webhook ls --eventType to --eventTypes to align with the operation of the API. This flag now takes multiple event types, separated by commas, to support more precise queries. The old flag still works and is ported to the new one for backwards compatibility.

Notes on deprecation of collection change-visibility command

The supported method for changing the visibility of a collection is to use collection patch, for example:

qlik collection patch COLLECTION_ID --body='[{"op":"replace","path":"/type", "value": "publicgoverned"}]'

Support for the anonymous OAuth type has been added to qlik-embed, which allows you to leverage the Anonymous Access capability for embedding Qlik Sense components with qlik-embed.

Review the Anonymous Access with qlik-embed tutorial to learn more.

The Brands API, initially launched for use by Qlik OEM customers, is now available to all Qlik customers. You can find the original release in this changelog. This API helps improve alignment with your corporate branding and reduces friction for your end users as they switch between experiences.

For more information, review the Brands API reference, or take a look at the Apply branding to a tenant tutorial to learn how to call the API using code.

For no-code developers, native blocks are available in the Qlik Platform Operations connector in Qlik Application Automation.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without any code.

New blocks:

• Create Webhook: Creates a new webhook for the specified events and filters.
• Update Webhook: Updates an existing webhook.
• List Webhooks: Retrieves a list of all webhooks in the tenant accessible by the OAuth client.
• Get Webhook: Retrieves information about a specific webhook.
• Delete Webhook: Removes a specific webhook.
• List Webhook Event Types: Retrieves a list of all event types against which a webhook can be configured.
• List Automation Connections: Retrieves a list of all automation connections in the tenant accessible by the OAuth client.
• Get Automation Connection: Retrieves information about a specific automation connection.
• Update Automation Connection Space: Moves a specific automation connection to a new space.
• Delete Automation Connection: Removes a specific automation connection.

Updated blocks:

• Create Reload Task: Updated parameters to match the API specification for creating a reload task.
• Update Reload Task: Updated parameters to match the API specification for creating a reload task.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

The Reloads API is used to start and monitor the refresh of Qlik Cloud Analytics apps.

To better support programmatic external task management of reloads, the rate limit for POST /api/v1/reloads has been increased from 10 requests per minute to 50 requests per minute.

Requests to this POST endpoint are metered over a 5-minute window. This means you can make up to 250 requests within that window before you are rate limited.

Learn more about reloads and system concurrency in manage analytics reloads, or delve into how rate limiting works for REST APIs in Qlik Cloud.

A new tutorial is available with example code for exporting data from a chart embedded with qlik-embed.

In this tutorial, you will learn how to use qlik-embed and qlik-api to set up an export button that connects to the reports and temporary contents APIs to request and retrieve data exports in Microsoft Excel (xlsx) format.

View the tutorial here.

Qlik is enhancing security and data protection for the Extensions API and Themes API. These APIs allow customization of experiences in Qlik Sense by adding custom visualization objects, colors, and styling.

Currently, any user in the tenant can download the full archive of an extension or theme from the following endpoints:

• GET /v1/extensions/{id}/file for extensions
• GET /v1/themes/{id}/file for themes

To improve security, only users with the TenantAdmin or AnalyticsAdmin roles will be allowed to download the full archive. This brings these endpoints in line with the permissions for import endpoints.

This change will take effect no sooner than 60 days from the date on this changelog, on, or after October 21, 2024.

Endpoints affected:

• GET /v1/extensions/{id}/file
• GET /v1/themes/{id}/file

The reloads API allows for triggering data refreshes in Qlik Sense applications in Qlik Cloud.

The query log default value is being changed from true to false. This will reduce response size for the majority of queries where the log attribute in the response is not required.

The query parameter log can have a true or false value that controls whether the log attribute is sent in the response. Today, the default value of this log parameter is true, when not specified - hence the log is returned by default.

To continue receiving this attribute after the notice period, you should specify log=true in your request.

This change will take effect no sooner than 30 days from the date on this changelog, on, or after September 19, 2024.

Endpoints affected:

• GET /v1/reloads

The current response, when no log query parameter is included in the request, returns the log field.

{
    "data": [
            {
                "id": "65ad4a0df4bd1ffb55555a51",
                "appId": "349216c2-5555-5555-5555-5555379f68bb",
                "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct",
                "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO",
                "type": "chronos",
                "status": "SUCCEEDED",
                "log": "ReloadID: 65ad4a0df4bd1ffb55555a51\nStarted loading data\n(A detailed script progress log can be downloaded when the reload is finished)\nreload-result-join-22-23 \u003c\u003c reload-result-join-22-23 446,756 Lines fetched\n\nApp saved\nFinished successfully\n",
                "partial": false,
                "creationTime": "2024-01-21T16:45:01Z",
                "startTime": "2024-01-21T16:45:02.766Z",
                "endTime": "2024-01-21T16:45:10.125Z",
                "engineTime": "2024-01-21T16:45:07.915Z",
                "links": {
                    "self": {
                        "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51"
                    }
                }
            },
        ]
}

In future, if the query param log=true is not specified, or is false, the log attribute will be omitted from the response:

{
    "data": [
            {
                "id": "65ad4a0df4bd1ffb55555a51",
                "appId": "349216c2-5555-5555-5555-5555379f68bb",
                "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct",
                "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO",
                "type": "chronos",
                "status": "SUCCEEDED",
                "partial": false,
                "creationTime": "2024-01-21T16:45:01Z",
                "startTime": "2024-01-21T16:45:02.766Z",
                "endTime": "2024-01-21T16:45:10.125Z",
                "engineTime": "2024-01-21T16:45:07.915Z",
                "links": {
                    "self": {
                        "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51"
                    }
                }
            },
        ]
}

Add query parameter log=true to return the log attribute in the response, such as in /reloads?appId=349216c2-5555-5555-5555-5555379f68bb&log=true:

{
    "data": [
            {
                "id": "65ad4a0df4bd1ffb55555a51",
                "appId": "349216c2-5555-5555-5555-5555379f68bb",
                "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct",
                "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO",
                "type": "chronos",
                "status": "SUCCEEDED",
                "log": "ReloadID: 65ad4a0df4bd1ffb55555a51\nStarted loading data\n(A detailed script progress log can be downloaded when the reload is finished)\nreload-result-join-22-23 \u003c\u003c reload-result-join-22-23 446,756 Lines fetched\n\nApp saved\nFinished successfully\n",
                "partial": false,
                "creationTime": "2024-01-21T16:45:01Z",
                "startTime": "2024-01-21T16:45:02.766Z",
                "endTime": "2024-01-21T16:45:10.125Z",
                "engineTime": "2024-01-21T16:45:07.915Z",
                "links": {
                    "self": {
                        "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51"
                    }
                }
            },
        ]
}

For more information on this API, review the Reloads API specification.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without any coding.

New blocks:

• List Tags: List all tags (collections where type=public) in the tenant.
• List Items By Tag Name: List all items (apps, automations, data sets, etc) which have a tag matching the provided tag name.
• Create Tag If Not Existing: If a tag doesn’t exist, create it. If it exists, return the tag definition.
• Delete Tag By Name: Deletes a tag by name if found.
• Add Tag To Item By Name: Add a tag to an item by specifying the tag name. If the tag doesn’t exist, create it.
• Remove Tag From Item By Name: Remove a tag from an item by specifying the tag name.
• List Automation Runs: Retrieve the most recent run information for an automation.
• List Reload Tasks: Retrieve all reload tasks configured in the tenant.
• Get Reload Task: Retrieve an individual reload task definition.

Updated blocks:

• List Data Files: Added all API params as inputs to block to support in-block filtering and sorting.
• List Data Files From Space: Added all API params as inputs to block to support in-block filtering and sorting.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

The AI assistant component brings you the Qlik Answers experience in embedded format, with the following tag:

<qlik-embed
  ui="ai/assistant"
  assistant-id="<assistant-id>"
></qlik-embed>

Review the ai/assistant parameters, or learn more about the other UIs and params in qlik-embed.

Updated on December 6, 2024: The DCaaS API has now been unpublished from qlik.dev.

The DCaaS API provides the ability to create analytics data connections in your Qlik Cloud tenant.

In response to customer feedback, the functionalities of DCaaS were merged into the data-connections and data-sources APIs in March 2024, as announced in this changelog.

This post serves as notice that DCaaS will be deprecated no sooner than 120 days from the date of this changelog, on or after November 23, 2024.

Migrating from POST /v1/dcaas/actions/data-connections

You must move from POST /v1/dcaas/actions/data-connections to POST /v1/data-connections.

To prevent breaking changes for current users of POST /v1/data-connections, some parameter names have changed to incorporate the capabilities from POST /v1/dcaas/actions/data-connections. Namely:

• The parameter for passing the name of the connection is qName rather than connectionName.
• The parameter for passing the ID of the space to create the connection in is space rather than spaceId.

With POST /v1/dcaas/actions/data-connections, you sent:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections" ^
--header "Content-Type: application/json" ^
--header "Authorization: <ACCESS_TOKEN>" ^
--data "{
    \"dataSourceId\": \"DG_mysql\",
    \"connectionName\": \"<CONNECTION_NAME>\",
    \"spaceId\": \"<SPACE_ID>\",
    \"connectionProperties\": {
        \"gatewayInstance\": \"<GATEWAY_ID>\",
        \"host\": \"<HOST>\",
        \"port\": \"3306\",
        \"database\": \"<DATABASE_NAME>\",
        \"username\": \"<USERNAME>\",
        \"password\": \"<PASSWORD>\"
    }
}"

With POST /v1/data-connections, you should send:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-connections" ^
--header "Content-Type: application/json" ^
--header "Authorization: <ACCESS_TOKEN>" ^
--data "{
    \"dataSourceId\": \"DG_mysql\",
    \"qName\": \"<CONNECTION_NAME>\",
    \"space\": \"<SPACE_ID>\",
    \"connectionProperties\": {
        \"gatewayInstance\": \"<GATEWAY_ID>\",
        \"host\": \"<HOST>\",
        \"port\": \"3306\",
        \"database\": \"<DATABASE_NAME>\",
        \"username\": \"<USERNAME>\",
        \"password\": \"<PASSWORD>\"
    }
}"

Migrating from GET /v1/dcaas/actions/data-connections/{connectionId}

You must move from GET /v1/dcaas/actions/data-connections/{connectionId} to GET /v1/data-connections/{qID}.

Changes:

• The qName property is used instead of connectionName.
• The space property is used instead of spaceId.
• The qID property is used instead of connectionId.
• The legacy response of the data-connections API will be returned along with the DCaaS style response.

You must pass the parameter parseConnection=true to return the DCaaS style response.

With GET /v1/dcaas/actions/data-connections/{connectionId}, you sent:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections/{connectionId}" ^
--header "Authorization: <ACCESS_TOKEN>"

With GET /v1/data-connections/{qID}, you should send:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-connections/{qID}?parseConnection=true" ^
--header "Authorization: <ACCESS_TOKEN>"

Migrating from GET /v1/dcaas/actions/data-connections/api-specs

You must move from GET /v1/dcaas/actions/data-connections/api-specs to GET /v1/data-sources/{dataSourceId}/api-specs.

With GET /v1/dcaas/actions/data-connections/api-specs, the dataSourceId was a query parameter, and you sent:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections/api-specs?dataSourceId={dataSourceId}" ^
--header "Authorization: Bearer <API-key>"

With GET /v1/data-sources/{dataSourceId}/api-specs, you pass the dataSourceId in the path, so you should send:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-sources/{dataSourceId}/api-specs" ^
--header "Authorization: Bearer <API-key>"

Consider reviewing the guides on how to create data connections.

Qlik is making changes to the recently updated Automation Connections API to improve developer experience on this API. The change is being made to the response from three endpoints, to return all attributes at the root object, rather than in the data object. No changes are being made to payloads or parameters.

This change will take effect no sooner than sixty days from the date on this changelog entry.

Endpoints affected:

• GET /v1/automation-connections/{id}
• PUT /v1/automation-connections/{id}
• POST /v1/automation-connections

Current response, with data returned in data object:

{
    "data": {
        "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
        "name": "Qlik Cloud Services",
        "spaceId": "",
        "ownerId": "645a73ad73599192614c03c3",
        "isConnected": true,
        "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
        "oauthAccountName": null,
        "redirect": null,
        "params": [],
        "createdAt": "2024-07-09T08:42:43.000000Z",
        "updatedAt": "2024-07-09T08:42:43.000000Z"
    }
}

From today through to the removal date in 60 days, the API will return both the new and old structures:

{
    "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
    "name": "Qlik Cloud Services",
    "spaceId": "",
    "ownerId": "645a73ad73599192614c03c3",
    "isConnected": true,
    "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
    "oauthAccountName": null,
    "redirect": null,
    "params": [],
    "createdAt": "2024-07-09T08:42:43.000000Z",
    "updatedAt": "2024-07-09T08:42:43.000000Z",
    "data": {
        "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
        "name": "Qlik Cloud Services",
        "spaceId": "",
        "ownerId": "645a73ad73599192614c03c3",
        "isConnected": true,
        "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
        "oauthAccountName": null,
        "redirect": null,
        "params": [],
        "createdAt": "2024-07-09T08:42:43.000000Z",
        "updatedAt": "2024-07-09T08:42:43.000000Z"
    }
}

After the removal date in 60 days, the API will return:

{
    "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
    "name": "Qlik Cloud Services",
    "spaceId": "",
    "ownerId": "645a73ad73599192614c03c3",
    "isConnected": true,
    "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
    "oauthAccountName": null,
    "redirect": null,
    "params": [],
    "createdAt": "2024-07-09T08:42:43.000000Z",
    "updatedAt": "2024-07-09T08:42:43.000000Z"
}

Review the Automation Connections API specification for more information about this API.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without requiring any coding.

New blocks:

• Import And Replace App In Shared Space By Name: Use the Import And Replace App In Shared Space By Name block to simplify importing apps to a shared space for deployments where the goal of importing the app is to then publish or republish that imported copy into a managed space. The block will first identify and delete any other apps in the shared space with the same name (using an exact case-sensitive match on the provided name), then import the app and return an object containing the imported app and the IDs of any deleted apps.

Updated blocks:

• Create Space If Not Existing: Added the ability to set and update the space description.
• Deactivate Tenant: Fixed an issue with the example output.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

qlik-cli 2.25.0

A new release of qlik-cli has been published.

Change summary:

• Added oauth-client command for the oauth-clients API
• Added automation-connections command for the automation-connections API
• Updated app properties exported on qlik app unbuild command
• Added CSRF support for Qlik Sense Enterprise client-managed
• Tidied up various descriptions
• Removed deprecated qlik catwalk commands
• Removed deprecated qlik csp-header commands

Added oauth-client command for the oauth-clients API

The oauth-clients API allows you to create and manage OAuth clients, used for authentication in Qlik Cloud. These are designed to support use cases such as embedding, automation, orchestration, and more.

Explore the new commands under:

qlik oauth-client

If you’re new to OAuth in Qlik Cloud, explore the OAuth2 overview.

Added automation-connections command for the automation-connections API

Automations are the primary resource for Qlik Application Automation, which provide no-code methods for integrating with Qlik and third-party services.

The recently released Automation-connections API allows you to create and manage connectivity to services. These connections can be used by one or more automations.

Explore the new commands under:

qlik automation-connection

Updated app properties exported on qlik app unbuild command

Added missing app properties to the unbuild command, to ensure a more complete unbuild of the app.

Added CSRF support for Qlik Sense Enterprise client-managed

An upcoming change in Qlik Sense Enterprise client managed will make it a requirement to include a CSRF-token when establishing websocket connections. This adds a forwards-compatible fix for that.

Removed deprecated qlik csp-header commands

This deprecated endpoint has now been removed. It was replaced by qlik csp-origin generate-header.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without requiring any coding.

New blocks:

• Deallocate All Licenses From User: This block removes any licenses assigned to the specified user subject.
• Delete User And Deallocate All Licenses: This block removes any licenses assigned to the specified user ID and deallocates any licenses assigned to the user subject associated with that user ID.

Updated blocks:

• Run Automation: Now supports providing the input payload for the automation within the block.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

Qlik Application Automation provides you with the ability to create workflows in a no-code interface. Most Application Automation connectors require a connection to a data source, containing information on where the data source is, connection credentials, and more.

The updated automation-connections API endpoints provide capabilities for users to manage automation connections in personal and shared spaces, including, but not limited to, retrieving, creating, updating and deleting an automation connection, as well as changing its owner and moving it to a different space. This is useful for collaborations and administration, and also when programmatically deploying, backing up, and restoring automations.

In the initial release, you could retrieve a list of connections:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections" \
 -H "Authorization: Bearer <API-key>"

Now with the updated API, you could retrieve a single connection:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections/{id}" \
 -H "Authorization: Bearer <API-key>"

An example response, returning a single connection for the Qlik Cloud Services connector.

{
    "data": {
    "id": "1968b1a0-1a75-11ee-9e04-976916adf99b",
    "name": "Qlik Cloud Services",
    "spaceId": "",
    "ownerId": "64a428976c47a6c39e592159",
    "isConnected": true,
    "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
    "oauthAccountName": null,
    "redirect": null,
    "params": [],
    "createdAt": "2023-07-04T14:14:33.000000Z",
    "updatedAt": "2024-03-14T11:32:10.000000Z"
    }
}

The API now also supports connection creation and updates, for example, creating a new connection:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{"name":"connection","params":[{"name":"username","value":"string"}],"spaceId":"5f0f78b239ff4f0001234567","connectorId":"3004e850-1985-11ee-b6df-8d800b305320"}'

An example response, returning details of a created connection.

{
  "id": "e0e720d0-4947-11ec-a1d2-9559fa35801d",
  "name": "connection",
  "params": [
    {
      "id": "39a90780-8874-11ee-b16c-89512345678",
      "meta": [],
      "name": "region",
      "order": 1,
      "value": "string",
      "fieldType": "enum",
      "isOptional": "false",
      "exampleValue": "string",
      "paramOptions": [
        {
          "id": "39a90780-8874-11ee-b16c-89512345678",
          "value": "string"
        }
      ],
      "documentation": "string"
    }
  ],
  "ownerId": "sWYAHxZxhtcmBT7Ptc5xJ5I6N7HxwnEy",
  "spaceId": "5f0f78b239ff4f0001234567",
  "redirect": "string",
  "createdAt": "2021-12-23T12:28:21.000000Z",
  "updatedAt": "2021-12-23T12:28:21.000000Z",
  "connectorId": "e0e720d0-4947-11ec-a1d2-9559fa35801d",
  "isConnected": "true",
  "oauthAccountName": "oauth"
}

Note that the connectorId value isn’t currently available via published API. For now, retrieve this value by viewing the ID of a previously created connection of the type you require.

Review the Automation Connections API specification for more information about this API.

Qlik has added the com.qlik.v1.analytics.analytics-app-client.sheet-view.opened event to the audit service in Qlik Cloud. This event is triggered whenever a sheet is displayed in Qlik Sense, allowing for detailed analysis of how many times a sheet in an app has been viewed and by which user.

The audit entry structure is as follows:

{
  "id": "auditEntryId",
  "data": {
    "appId": "appId",
    "sheetId": "sheetId",
    "sheetState": "analysis|edit|simpleEdit"
  },
  "eventId": "eventId",
  "eventTime": "2024-05-01T01:13:16.000Z",
  "eventType": "com.qlik.v1.analytics.analytics-app-client.sheet-view.opened",
  "source": "com.qlik/analytics",
  "tenantId": "tenantId",
  "userId": "userId"
}

A view will be recorded each time the sheet is navigated to by users accessing via the Qlik Sense client, via iFrame, or via the classic/app interface with qlik-embed. Events are not generated for any other embedding approaches. Actions such as toggling between edit and view mode without changing sheet will not register as additional views of the sheet.

The value of sheetState details the consumption mode active when the user opened the sheet:

• analysis when in view only mode.
• simpleEdit when in edit mode.
• edit when in the advanced options edit mode.

This event is available via the Audits API and can also be viewed in the Events section of the Management Console.

charts on the fly

qlik-embed 1.2.0 adds the popular charts on the fly feature to the analytics/chart ui. This allows you to generate charts from data in a Qlik Sense app, without the chart existing in the app. You pass a definition, and the chart is created as requested by your web app.

Here’s an example using qlik-embed web components:

<qlik-embed
  id="visualization"
  ui="analytics/chart"
  app-id="<appid>"
  type="barchart"
  dimensions='["Dimension1"]'
  measures='["Measure1", "=Sum(Expression2)", "=Avg(Expression2)"]'
  properties='{ orientation: "horizontal", barGrouping: { grouping: "stacked" } }'
></qlik-embed>

Note: charts on the fly works only with charts available in the analytics/chart ui in qlik-embed. Please consult the chart compatibility table for a list of compatible charts. Use the Viz on the fly ID for the type property.

Update for using context property

Previously an html attribute to the <qlik-embed /> tag could include :json or :number to indicate which type the string in the attribute should be parsed to. In some environments the : is not allowed as a html parameter so it is now possible to also use ___ (triple underscore) as a delimiter.

This means you can now set context like this: <qlik-embed context___json='{ theme: "Breeze" }' ... /> and it will be parsed as json.

Qlik is removing the com.qlik.user-identity.impersonation event from the audits service in Qlik Cloud. Events of this type will no longer appear in the Events panel in your tenant’s management console and responses from the audits API will no longer include this event.

This change is a result of analysis which found the event added little customer value, with a better solution being to add the actor attribute to service events to indicate when a user was impersonated. This reduces audit complexity for customers, as well as the volume of events a customer needs to process to determine the actions their users are generating in the platform.

Note: The com.qlik.user-identity.impersonation is not deprecated, it is simply being removed from a service that aggregates and surfaces events for external consumption.

This change will take effect no sooner than sixty days from the date on this changelog entry.

qlik-embed web components script src attribute changes

A change to the latest release of qlik-embed web components requires references to the index.min.js file be specified for the library to run.

If you are using qlik-embed web components it is recommended you update the src property of the script element declaring the full path to the library.

Update the attribute to include /dist/index.min.js in the path. Here is an example of the new path for the src attribute: src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1/dist/index.min.js".

Note: If you do not want to use the latest version of qlik-embed web components, it is possible to set the version in the path.

Here is an example of the src attribute referencing a pinned version of qlik-embed web components: src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1.1.1/dist/index.min.js".

qlik-embed oauth callback page src attribute changes

Update the oauth-callback page used to handle connectivity between qlik-embed web components and your Qlik Cloud tenant. Set the src attribute to use oauth-callback.min.js.

The resulting src attribute should look something like this: src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1/dist/oauth-callback.min.js".

You can learn more about qlik-embed on the Why qlik-embed page.

The nebula.js extension and mashup library has been updated to version 5, the next major version.

Users of versions prior to 5.0.0 should be aware of important changes to:

• Type updates which align nebula with other Qlik tools
• Expanded support for multi-app mashups and web apps
• Updated OAuth support for Qlik Cloud

Type updates

To improve compatibility with other Qlik tools, simplify developer onboarding, and enhance the TypeScript experience, Nebula now uses the @qlik/api typings for QIX and Engine entities.

Multi-app support fix

This update changes how Nebula handles its cache. Building mashups using multiple app connections at the same time now works without interference. Previously, a common cache was used between instances, which could cause issues if apps shared a data model or if they where duplicates of each other.

Nebula serve updates

The connection setup in nebula serve was updated to improve compatibility with the Qlik Cloud OAuth setup. If you’ve used this capability before, you need to update the redirect URL to http://localhost:8000/auth/login/callback.

See nebula.js on npm.

Introducing classic/chart

classic/chart is a new UI for qlik-embed. classic/chart renders visualizations that have not been converted to nebula.js or use the classic extension API.

Using classic/chart

Like other UIs available through qlik-embed, when you want to use classic/chart in an embedded analytics context, set the ui property to classic/chart. If you use qlik-embed web-components it will look something like this:

<qlik-embed
    ui="classic/chart"
    app-id="<appId>"
    object-id="<objectId>"
></qlik-embed>

classic/chart compatibility

classic/chart will render supported visualizations from Qlik Sense applications. For a full support matrix, refer to the supported charts page.

Third-party extensions

Third-party extensions may not render properly within embedded contexts compared to the native Qlik Sense experience if the extension manipulates private code such as CSS. Manipulating CSS in the native experience is not supported by Qlik, therefore, it’s not supported in qlik-embed.

Additionally, for best compatibility, it is suggested to enable iframe mode when working with extensions:

<qlik-embed
    ui="classic/chart"
    app-id="<appId>"
    object-id="<objectId>"
    iframe="true"
></qlik-embed>

To learn more about third-party extension compatibility with qlik-embed, please contact the extension author.

Limitations

classic/chart does not support the following features:

• Right-click context menu
• Export data

You can learn more about qlik-embed on the Why qlik-embed page, or review the classic/chart example.

The Qlik Platform Operations connector is a connector for Qlik Application Automation that enables deployment and management of Qlik Cloud tenants without coding.

The following blocks have been added:

• Publish or Republish App to Managed Space: a convenience block which rolls together the capabilities in Publish App to Managed Space and Republish App to Managed Space to automatically replace apps if they already exist with the same name in the managed space.
• Allocate Or Update User License: a convenience block for tenants on the user (professional/analyzer) license model, supporting automated assignment or update of user licenses in a single block.
• RAW API List Request: a block which supports list API calls to RAW endpoints, removing the requirement for handling looped calls when making RAW calls.

The following blocks have been renamed to improve consistency:

• Create Interactive Identity Provider: renamed to Create Interactive OIDC Identity Provider in preparation for updates to blocks for additional OIDC and SAML configuration options.
• Update Interactive Identity Provider: renamed to Update Interactive OIDC Identity Provider in preparation for updates to blocks for additional OIDC and SAML configuration options.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

When you embed Qlik Cloud into your web applications, you likely require an authentication strategy that mitigates the blocking of third-party cookies by browsers.

Qlik is introducing support for OAuth impersonation tokens, which can be generated using a confidential OAuth machine-to-machine client for users in your Qlik Cloud tenant. Impersonation tokens are ideal for scenarios where:

• The identity provider for your web application does not match the one configured for your Qlik Cloud tenant.
• You wish to handle authentication on your backend.
• You wish to avoid client-side redirects in the browser.

If you intend to implement a client-side (front-end) authentication strategy or if your web application does not have a back-end component, you should leverage OAuth SPA for your application.

Considerations if moving from JWT

This capability provides a comparable experience to using JWT to authenticate from a web application to Qlik Cloud, with the benefit of not being blocked by third-party cookie restrictions.

The key difference is that OAuth impersonation requires that users already exist in the tenant and uses pre-existing user group mappings, rather than supporting update of groups on the fly during token requests. This means that:

• Users must exist in the tenant prior to requesting an impersonation token. You can accomplish this with qlik-api as part of the login flow.
• You cannot update user-to-group mappings when requesting the impersonation token. If you wish to leverage groups for your security model, you should first impersonate a user login on the backend using JWT to associate the required groups with your user.

Learn more about OAuth impersonation

To discover more:

• Review the guiding principles for using OAuth impersonation in Qlik Cloud.
• Learn how to create a new client for requesting impersonation tokens.
• Explore how to retrieve impersonation tokens.

The OAuth clients API is now published and generally available for use in programmatic use cases, including automation, orchestration, embedded analytics, and more.

One common scenario for using this API is OEM embedded use cases. When OEMs provision new tenants for end customers, this API can be used to create an OAuth client to support specific use cases, such as OAuth single-page applications and OAuth impersonation.

You can learn more about this API and how to use it by following this tutorial.

To discover more about OAuth in Qlik Cloud:

• See OAuth2 Overview for support details and use cases in Qlik Cloud.
• Visit the oauth-client API reference to learn about the API.

The admin.apps scope has additional permissions granting OAuth tokens with this scope applied non-interactive access to the personal and private resources end users in tenants can create and curate.

This update helps administrators address several management use cases involving resources in personal spaces and unpublished content in Qlik Sense applications.

Situations where this new ability is helpful include:

• Access orphaned resources and content when users are removed from the tenant.
• Change ownership from one user’s personal space to another.
• Programmatically publish content in Qlik Sense applications located in shared or managed spaces.
• Extract private content from Qlik Sense applications in managed spaces for app lifecycle management, such as promoting content to base-level.
• Backup and version control resource metadata, such as Qlik Sense applications, automations, data pipeline definitions, and more.
• Migrating resources and content from client-managed Qlik Sense to Qlik Cloud Analytics, or between Qlik Cloud tenants.

You can use this capability with qlik-cli, qlik-api, or calling tenant REST apis directly. This capability is not available in Qlik Cloud graphical user interfaces.

To learn more about how to configure and use this capability, please see the tutorial on managing personal and private content.

@qlik/api is a collection of javascript modules which each exposes an api built to make the integration process for javascript solutions as easy as possible. The library is built for both browser and NodeJS usage and will seamlessly integrate with qlik-embed libraries.

@qlik/api provides Qlik Cloud REST endpoints and access to the Qlik Analytics Engine (QIX).

REST

@qlik/api REST interfaces are generated from open-api specifications released from those Qlik Cloud services that exposes a restful API. The code generation tool runs using the specs, building typescript for all api calls documented in the specification. One module per api is generated.

You can learn more about the available modules in the REST section of the typescript types repository on Qlik Open Source.

QIX

Qlik’s Analytics Engine Service (QIX) is the runtime service for Qlik Sense applications and several analytics services in Qlik Cloud. @qlik/api offers a fully typed api for connecting to and consuming Qlik Sense Applications including “Qlik Sense mixins” which previously only was used internally by in-house Qlik developers.

More info about QIX can be found in the qix section.

Learn more about @qlik/api in the toolkits section.

This changelog provides 60 days’ deprecation notice of the Typescript version of the Platform SDK. The library is being replaced with the Qlik API.

The Qlik API offers the same capabilities and access to Qlik Cloud REST APIs and the Analytics engine, with the addition of officially supported Typescript types.

Switching from the Platform SDK to the Qlik API is straightforward, requiring only a few modifications to your code. The major change is in handling authentication when connecting to your Qlik Cloud tenant.

Authentication with @qlik/api:

//Backend applications
import { auth } from "@qlik/api";
auth.setDefaultHostConfig({
    authType: "oauth2",
    host: "<hostname>.<region>.qlikcloud.com",
    clientId: "<OAuth2_Client_ID>",
    clientSecret: "<OAuth2_Client_Secret>",
  });

Authentication with Typescript Platform SDK:

const Qlik = require('@qlik/sdk').default;
const { AuthType } = require("@qlik/sdk");

const config =  {
  authType: AuthType.OAuth2,
  host: "<hostname>.<region>.qlikcloud.com",
  clientId: "<OAuth2_Client_ID>",
  clientSecret: "<OAuth2_Client_Secret>",
};

(async () => {
  const qlik = new Qlik(config);
  await qlik.auth.authorize();
})();

For more information about @qlik/api, refer to the release changelog for @qlik/api or visit the toolkit page at qlik-api.

Qlik is announcing a change in behavior for the Roles API. This API currently returns a list of all available roles on the tenant, and a change is being made to who can access this API.

As of April 9, 2024, only users assigned the Tenant Admin role will be able to access the roles API. All other users will be denied access with a http 403 error.

How to access role information for non-Tenant Admin users

Today, any user can retrieve role records as shown below. Once the change is made, any user without the TenantAdmin role will receive a http 403 forbidden response.

curl "https://<TENANT>/api/v1/roles" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
    "data": [
        {
            "id": "<ROLE_ID>",
            "tenantId": "<TENANT_ID>",
            "name": "<ROLE_NAME>",
        },
        ...
    ],
    "links": {
        "self": {
          "href": "https://<TENANT>/api/v1/roles"
        }
    }
}

Although users without the Tenant Admin role will not be able to return all roles in the tenant, they remain able to list the roles that they are assigned either directly, or via group membership. They can do this via the /api/v1/users/me endpoint.

curl "https://<TENANT>/api/v1/users/me?fields=assignedGroups,assignedRoles" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
  "id": "<USER_ID>",
  "assignedRoles": [
      {
        "id": "<ROLE_ID>",
        "name": "<ROLE_NAME>",
        "type": "default",
        "level": "user"
      },
      ...
  ],
  "assignedGroups": [
    {
      "id": "<GROUP_ID>",
      "name": "<GROUP_NAME>",
      "assignedRoles": [
        {
          "id": "<ROLE_ID>",
          "name": "<ROLE_NAME>",
          "type": "default",
          "level": "user"
        },
        ...
      ]
    },
    ...
  ],
  "links": {
      "self": {
        "href": "https://<TENANT>/api/v1/users/me?fields=assignedGroups,assignedRoles"
      }
  }
}

The Qlik Platform Operations connector is a connector for Qlik Application Automation that enables deployment and management of Qlik Cloud tenants without coding.

Note: Some of the block updates below feature breaking changes. Your existing automations will remain unaffected unless you choose to upgrade by clicking “Upgrade to latest version” on the block.

The following blocks have been added:

• Get Analytics Data Connection: retrieves the definition for a specific analytics data connection.
• Create Analytics Data Connection: enables creation of analytics data connections using the recently updated data-connections API.
• List Analytics Data Sources: lists all data sources available on the tenant against which data connections can be created.
• Get Analytics Data Source Properties: retrieves the properties of a specific data source for use when determining which connectionProperties to pass into a Create New Analytics Data Connection block.
• List Analytics Data Source Property Mapping: similar to Get Analytics Data Source Properties but formats the possible connectionProperties for easier programmatic use.
• List Analytics Data Source Gateways: lists available Qlik Direct Access Data Gateways on the tenant for a specific data source.
• Add Member To Space If Not Existing, Update If Existing: adds a user or group to a space if they are not already a member, or updates their roles if they are a member. Does not update users who are owners of a space.
• Count Remaining API Keys: returns the number of API keys that the requesting user is able to create on the tenant. This is a function of the maximum number of API keys per user, minus the number of keys the user currently has.
• Import Base 64 Encoded File To Temporary Contents: supports importing a base64-encoded file to the temporary contents service for downstream consumption in another service, such as report-templates.
• Export Base 64 Encoded File From Temporary Contents: supports exporting a base64-encoded file from the temporary contents service.
• Copy Analytics App: copies an analytics app on the same tenant.
• Generate Automation Schedule Definition: helps to create a valid automation schedule for use in the Create automation or Update automation blocks.

The following blocks have been updated:

• RAW API Request: breaking change - removed the key value entry input mode for this block due to incorrect translation of certain data types, leading to API errors. If you are using this block, make sure to create a copy before upgrading its version to avoid corrupting the input.
• RAW API Request With Headers: breaking change - removed the key value entry input mode for this block due to incorrect translation of certain data types, leading to API errors. If you are using this block, make sure to create a copy before upgrading its version to avoid corrupting the input.
• List Analytics Data Connections: additional input parameters have been added to align with available options on the API.
• List API Keys: additional input parameters have been added to align with available options on the API.
• Create API Keys: an example output has been added.
• List Collections: a new enum has been added for collection type.
• Create Collection If Not Existing: a new enum has been added for collection type.
• Create Automation: an input for the automation schedule has been added to the block.
• Update Automation: an input for the automation schedule has been added to the block.
• Create Group: block output has been updated to return the created group or groups.
• Update Roles Of Member From Space: removed unused required input assigneeId.
• Update User: added enums for user status.
• Publish App To Managed Space: an example output has been added.
• Republish App To Managed Space: an example output has been added.
• List Users: added information on how to list non-active users.
• List Collections: added enum for public collections (publicgoverned).

The following blocks have been renamed to improve consistency:

• List Data Connections: renamed to List Analytics Data Connections.
• Delete Data Connections: renamed to Delete Analytics Data Connections.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

Qlik Sense applications running in Qlik Cloud rely on Analytics Data Connections to load data from external sources. The first API to support the creation of these connections was the Data Connectivity as a Service (DCaaS) API released in September 2023 (see the DCaaS changelog), and this and additional capabilities have now been merged into the data-connections API.

This release of the data-connections API supports creation of standard analytics connections, as well as connections via the direct access gateway, to all analytics data sources.

An example creation request for a MySQL connection via a direct access Data Gateway:

curl --location "https://<TENANT>/api/v1/data-connections" ^
--header "Content-Type: application/json" ^
--header "Authorization: <ACCESS_TOKEN>" ^
--data "{
    \"dataSourceId\": \"DG_mysql\",
    \"qName\": \"<CONNECTION_NAME>\",
    \"space\": \"<SPACE_ID>\",
    \"connectionProperties\": {
        \"gatewayInstance\": \"<GATEWAY_ID>\",
        \"host\": \"<HOST>\",
        \"port\": \"3306\",
        \"database\": \"<DATABASE_NAME>\",
        \"username\": \"<USERNAME>\",
        \"password\": \"<PASSWORD>\"
    }
}"

If you are currently using the /api/v1/dcaas paths, you should transition to using the updated /api/v1/data-connections endpoints.

There are some differences between the parameters the two APIs accept, with data-connections maintaining legacy naming to remove the need for breaking changes in the API:

• The parameter for passing the name of the connection is qName rather than connectionName.
• The parameter for passing the ID of the space to create the connection in is space rather than spaceId.

Learn more about Analytics Data Connection APIs

To discover more about how to create Analytics Data Connections:

• Review the data connections topic to learn about the overall capability.
• Visit the create a connection tutorial to begin creating new connections.
• Understand how to create connections via the direct access data gateway.
• Review example connection creation requests.

To support customers in managing their users, groups, and tenants via API, Qlik has added the fields parameter to the Users API. This gives customers total control over the data returned when retrieving an individual user record.

Get user record

You can now specify which user attributes to include in the response. The following example illustrates how to request the “groups” field to be returned.

curl "https://<TENANT>/api/v1/users/xxxxxxxxxxxxxxxxxxxxxxxx?fields=groups" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

 # alternatively
curl "https://<TENANT>/api/v1/users/me?fields=groups" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
  "id": "xxxxxxxxxxxxxxxxxxxxxxxx",
  "groups": [
    "accounting",
    "developer"
  ]
}

Note: The “groups” field will not return system groups such as the “Everyone” group.

Qlik is announcing a 30-day deprecation window for an unpublished endpoint on the Groups API.

No sooner than 30 days from the date of this notice, GET /api/v1/groups/user-claims/:userID will be removed from the Groups API.

To migrate to a published endpoint, use GET /api/v1/users/:id.

curl "https://<TENANT>/api/v1/users/<USER_ID>?fields=groups" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
  "id": "<USER_ID>",
  "groups": [
    "accounting",
    "developer"
  ]
}

Note: This changelog was updated on February 20, 2024 to clarify the customer impact of this change.

Qlik regularly reviews the resources offered to platform developers to help them build better solutions with Qlik Products, and has identified low usage of the open source nebula.js and mobile visualization libraries.

These libraries were originally published to foster collaboration and engagement with developers as they customized or developed visualizations, but due to customer feedback and usage data, these will be moved back to closed source. Moving these projects back to closed source will support better integration with internal build and test tooling, and free up resources for investment in these and other visualizations.

No sooner than 30 days from the date of this notice, Qlik will stop updates to the following repositories, and set them as archived:

• carbon-core
• dist-flow
• react-native-carbon
• react-native-helium
• react-native-simple-grid
• sn-action-button
• sn-container
• sn-list-objects
• sn-map
• sn-mekko-chart
• sn-network-chart
• sn-org-chart
• sn-scatter-plot
• sn-treemap
• sn-word-cloud

The following repositories were previously archived:

• sn-pivot-table
• sn-table

Although Qlik will no longer accept community contributions to these repositories, the consumption of these libraries and components remains unchanged. Customers should continue to leverage the NPM packages for each component for use in their web apps. Existing integrations using these NPM packages will not be impacted by this change.

Any issues found while using the NPM packages should be raised via Qlik Support.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

The following blocks have been added:

• Get Current Tenant Hostname: returns the hostname for the tenant the automation is running on.
• List Analytics Reloads: returns results from the Reloads API to list analytics reload information.
• Add Role To User By Name: supports addition of individual roles to users by the name of the role.
• Remove Role From User By Name: supports removal of individual roles from users by the name of the role.
• Create collection If Not Existing: checks to see if a collection exists, if so, returns the collection, if not, creates the collection.
• Get Sharing Settings: retrieves the current configuration of the sharing service for various reporting and sharing features in the tenant.
• Update Sharing Settings: changes the configuration of the sharing service to turn on or off various reporting and sharing features in the tenant.
• RAW API Request With Headers: similar to the RAW API Request block, but appends the response headers to the response body, since some Qlik Cloud APIs return information in the header.

The following blocks have been updated:

• Get API Key Settings: removed the need to pass the tenantId as a block input, since you can only make requests for the tenant you pass the request to.
• Update API Key Settings: removed the need to pass the tenantId as a block input, since you can only make requests for the tenant you pass the request to.
• Update Collection: added support for changing collection type from private to publicgoverned to support managing public collections.

The following blocks have been renamed to improve consistency:

• Enable Data Alerts: renamed to Update Data Alert Settings.
• Get Auto Create Group Setting: renamed to Get Auto Create Group Settings.
• Update Auto Create Group Setting: renamed to Update Auto Create Group Settings.
• Trigger Enable Notes Settings: renamed to Update Notes Settings.

Review how to get started with the Platform Operations connector.

This changelog provides 30 days’ notice of the deprecation and removal of two attributes in the POST /v1/sharing-tasks endpoint. This endpoint is used to create new sharing tasks. Other methods are not affected.

Previously, the attributes allowed you to provide a different name for an asset than the system name. With the upcoming changes, the service will no longer apply user-provided values, instead, it will use the system name of the asset.

The attributes are:

• root>appName - the name of the source Qlik Sense application
• root>excelData>name - the name of the report template used to generate output

No changes are needed to your code, as the API will continue to accept payloads with these attributes, but it will ignore any provided values.

Changes will be made no fewer than 30 days from the date of this notice.

For more information on Qlik’s API policies, please refer to the API policy page.

For more information on this API, please review the Sharing tasks API specification.

Qlik Cloud Data Integration is a powerful data integration fabric that helps data engineers deliver, transform, and unify enterprise data in real-time via automated, governed, and reusable data pipelines.

The new di-projects APIs can be leveraged by your usual API tooling, or via the Qlik Application Automation connector, providing a way to:

• List Projects: Retrieves a list of data projects which belong to a given data space
• List Data Tasks: Retrieves a list of data tasks that belong to a given data project
• Get Project: retrieves a data project’s information using its ID
• Get Data Task: Retrieves a single data task, using the project and task IDs
• Start Data Task: Starts a data task run, using the project and task IDs
• Stop Data Task: Stops a data task run, using the project and task IDs
• Get Data Task Runtime State: Retrieves the runtime state of a data task, using the project and task Ids returning the list of data integration

With this first iteration, users are able to create workflows that run Qlik Cloud Data Integration tasks, such as:

• Starting a data task, waiting for it to finish, and proceeding to start another data task.
• Implementing conditions in an automation which are not implemented yet in Qlik Cloud Data Integration, like running a task only after all the sources have been updated.
• Building a workflow that stops CDC tasks before running some backend maintenance and then starting the CDC task again.

You can leverage Qlik Application Automation to do this without code:

Example API call to retrieve tasks for a project via your own API tooling:

curl "https://your-tenant.us.qlikcloud.com/api/v1/di-projects/{projectId}/di-tasks/{dataTaskId}" \
 -H "Authorization: Bearer <API-key>"

If the task exists, and you have access to it, you will receive a 200 response with details of the task:

{
 "id": "sqlserver_data_landing-5h5M",
 "name": "SQLServer-data_Landing",
 "type": "LANDING",
 "ownerId": "64ff3381259ad349da2046a9",
 "spaceId": "6502c7c2562be31c8343bbd4",
 "description": "This is the landing task for SQL server"
}

Now that you have the task, you can start it:

curl "https://your-tenant.us.qlikcloud.com/api/v1/di-projects/{projectId}/di-tasks/{dataTaskId}/runtime/actions/start" \
-X POST \
-H "Authorization: Bearer <API-key>"

If successful, you will receive a 204 response with no body.

Review the DI projects API specification for more information about this API.

Qlik offers customers the ability to encrypt their tenants with their own key. The Encryption API provides you with the ability to deploy, manage, and cycle encryption keys on one or more Qlik Cloud tenants via supported providers.

In the initial release of the Encryption API, the API supported both single and multi-region Key Management Service (KMS) keys.

Multi-region keys support Disaster Recovery Processes. Tenants configured with a single-region key will not operate if Qlik Cloud is cut over to a DR region, therefore Qlik is removing support for single-region keys for new CMK providers. If you are currently using a single-region key, Qlik recommends that you create a multi-region key to seamlessly use your tenant in a back-up region in case of an outage in your primary region.

In no sooner than 30 days from the date of this post, new CMK provider configurations will require a multi-region key. Existing single-region CMK configurations will not be impacted.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Following on from the addition of space type filtering to the items API, the Space Type filter has been added to the following blocks:

• List items
• List apps

The deprecated Shared filter has been removed from new and updated blocks. This does not impact blocks which are already in use in running automations.

Review how to get started with the Platform Operations connector.

Tabular reporting enables Qlik Cloud customers to address common operational report distribution requirements, such as providing:

• Custom and highly formatted Excel documents from Qlik data and Qlik visualizations
• Paginated tables of sales/transactional data
• Repeated sheets of departmental analysis

Qlik has published APIs and endpoints to support programmatically managing, deploying, and maintaining this capability:

• The Sharing Tasks API supports the creation and management of Report Tasks.
• The Report Templates API gives you access to the Excel templates used to generate tabular reporting output.
• The Report Filters endpoints provide access to filters used when configuring Report Tasks.
• The Reports API can now be used to trigger tabular report generation via the sense-excel-template-1.0 template type.

Learn more about:

• How to use these APIs to programmatically deploy tabular reports between apps, spaces, and tenants
• How to create and configure reports with the tabular reporting capability in your Qlik Cloud tenant

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Previously, the Qlik Platform Operations connector supported cross-tenant API calls only to the domain *.qlikcloud.com.

This update brings support for calling any Qlik Cloud tenant, including those in Qlik Cloud Government regions. Due to differences in Qlik Cloud Government, it is not yet possible to use the tenant create, deactivate, or reactivate blocks on Qlik Cloud Government tenants.

Additionally, the connector now supports passing a full tenant hostname. This means that you can now use either of these formats to connect to a tenant:

• tenantname.region.qlikcloud.com - the full tenant hostname (recommended)
• tenantname.region - the legacy, reduced path

It is now recommended that you use the full tenant hostname on all blocks for any new automations you create with the Platform Operations connector, by using the generic Variable block to define the hostname at the automation level.

Review how to get started with the Platform Operations connector.

qlik-embed is Qlik’s new library for embedding data and analytics UI with confidence and ease. Browsers like Chrome and Safari are making it more complex to embed content from one software application to another, and you are encouraged to use qlik-embed to keep pace with evolving privacy and security standards.

With a simple script defining how you want to connect to Qlik, you can embed content from Qlik applications using web-components as easily as this:

<qlik-embed
  id="visualization"
  ui="analytics/chart"
  app-id="<Qlik Sense Application ID>"
  object-id="<Chart object ID>"
></qlik-embed>

You can also take advantage of a framework like React:

import { QlikEmbed } from "@qlik/embed-react";
<QlikEmbed ui="analytics/chart" appId={appId} objectId={objectId} />

Learn more about embedded analytics for the modern web here, or explore the reorganised embed section, which makes it easier to find content for your framework of choice.

If you’d like to jump into a real example, check out this quickstart.

Qlik is implementing guardrails on uploads to the Extensions and Themes APIs. These APIs enable the addition of third-party visualizations and third-party formatting and color schemes for use in Qlik Sense applications.

These changes will take effect no later than 30 days from the date of this notice.

Planned changes:

• Maximum archive size: 30 MB - this is larger than any theme currently deployed to Qlik Cloud, and it is recommended to make themes as small as possible to ensure that they do not impact the load time in Qlik Sense.
• Maximum individual file size: 30 MB - this is linked to the maximum archive size.
• Maximum total size of files in ZIP: 100 MB - this value is based on the uncompressed size of items in the archive, hence in most cases users will be limited based on the maximum archive size of 30 MB.
• Maximum number of files: 500 - if your theme or extension has more files than this, consider leveraging a bundler to build similar file types together.

Review the Extensions API and Themes API specifications for further information on these APIs.

The PATCH method has been added to the Collections API, giving you the ability to update more collection metadata, with greater flexibility.

The Collections API is the engine behind public and private collections, but also tags assigned to content in the Items API.

With the PATCH method, you no longer need to send a full PUT payload when updating collections, simplifying the calls, and reducing access control complexity.

To make a private collection public (assuming you have the appropriate access rights, and at least one item in the collection), you must change the type of the collection from private to publicgoverned:

curl "https://your-tenant.us.qlikcloud.com/api/v1/collections/{collectionId}" ^
 -X PATCH ^
 -H "Authorization: Bearer <API-key>" ^
 -H "Content-type: application/json" ^
 -d '[{"op":"replace","path":"/type","value":"publicgoverned"}]'

Example response:

{
    "name": "My Public Collection",
    "description": "A logical grouping of content for a business unit or team, which still respects space permissions.",
    "type": "publicgoverned",
    "id": "{collectionId}",
    ...
}

To unpublish the collection, change the type back to private.

The PATCH operation can also be used on the name and description of the collection.

Review the Collections API specification for further information.

Qlik Application Automation provides you with the ability to create workflows in a no-code interface. Most Application Automation connectors require a connection to a data source, containing information on where the data source is, connection credentials, and more.

The automation-connections API provides a way of returning the list of connections that the user has access to. This is useful for audits, and also when programmatically deploying, backing up, and restoring automations.

To retrieve a list of connections:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections" \
 -H "Authorization: Bearer <API-key>"

An example response, returning a single connection for the Qlik Cloud Services connector.

{
    "links": {
        "prev": {
            "href": null
        },
        "next": {
            "href": null
        }
    },
    "data": [
        {
            "id": "78dc7c00-7af0-11ed-bb39-bd3b23861504",
            "name": "Qlik Cloud Services",
            "isConnected": true,
            "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
            "createdAt": "2022-12-13T14:14:35.000000Z",
            "updatedAt": "2022-12-13T14:14:35.000000Z",
            "ownerId": "637390ec6541614d3a88d6c1"
        }
    ]
}

Note that some connections returned via this API will not be visible in the user interface. In this example, the Qlik Cloud Services connector automatically generates and manages its connection on behalf of any user who uses the connector. This means that the API will return the connection, but users will not be able to manage it. Review the documentation for each connector for connection details.

Review the Automation Connections API specification for more information about this API.

The query parameter orphans has been added to the Licenses API to help identify licenses assigned to users who do not exist in the tenant upon which the call is made.

Assignment of licenses is keyed on the user subject, which is a unique string provided by the Identity Provider. These assignments are handled separately to users in the tenant, since a single entitlement can support more than one Qlik Cloud tenant, or Qlik Sense Enterprise Client-managed site. This means that calls to the users API on a tenant will return only users on that tenant, while a call to licenses/assignments returns all global assignments to that entitlement.

In use cases where you have only 1 tenant, and want to track down and remove assignments not linked to users, you can leverage the below API call, or automation snippet to return a list of these assignments.

To call via code:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/licenses/assignments?orphans=true' ^
--header 'Authorization: Bearer <API_KEY>'

To call via an automation, and output a table of assignments, review the find orphaned assignments example.

Review the license assignments endpoint specification for further information.

The format for OAuth 2.0 access tokens issued by Qlik Cloud has changed to remove private data about the access token for security purposes. With this change access tokens no longer include information about the tenant or user.

Do not inspect access tokens. They are to be treated as opaque values. Qlik Cloud access token format is not documented and is subject to change.

Client applications can use the access token to obtain data from Qlik Cloud using published APIs. For example, the client can request user information from the api/v1/users/me endpoint with the access token.

For change purposes, here is the new format of the access token compared to the old format.

New format

{
  "subType": "user",
  "purpose": "accessToken",
  "jti": "KF_xLCfjmaJJCNx0X4mT_oBsAfFiUb6g",
  "iat": 1701174495,
  "exp": 1701196095,
  "aud": "https://tenant.us.example.com",
  "iss": "qlik.api"
}

Old format

{
  "sub": "8o0raWkhGS6J9Psgu03j6av-hrffhhu1",
  "subType": "user",
  "tenantId": "J5XP4G7osoRlVjbj3oL_rYgZU3GAWmV6",
  "userId": "8o0raWkhGS6J9Psgu03j6av-hrffhhu1",
  "clientId": "45ab6571f94d9e6dc507ea976f67e780",
  "origin": "http://localhost:5000",
  "grantId": "64550d07a1c5c8c91f43c3a1",
  "scope": "user_default",
  "allowedLocations": [
    "header"
  ],
  "jti": "BF-Tl8CvHn6kFjUEttXDLp1Yhzu5wD7p",
  "iat": 1683295522,
  "exp": 1683317122,
  "aud": "https://tenant.us.example.com",
  "iss": "qlik.api"
}

The query parameter spaceType has been added to the Items API to help better support programmatic CICD workflows where you need to deploy and manage content across different space types.

Supported space types for the filter:

• shared
• managed
• data
• personal

This new query parameter is useful for listing items within just one specific space type or within a couple of selected space types.

Note: The query parameter shared is now deprecated in favor of the new query parameter spaceType,which provides support for all space types as opposed to just shared spaces. shared will be removed no sooner than 60 days from the date of this notice.

Example:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/items?spaceType=shared,personal' \
--header 'Authorization: Bearer <API_KEY>'

Review the Items API specification for further information.

Qlik offers customers the ability to encrypt their tenants with their own key. The new encryption API provides you with the ability to deploy, manage, and cycle encryption keys on one or more Qlik Cloud tenants via supported providers.

Create & migrate to a new key provider

Here’s an example of a cURL command that creates a new key provider:

curl --location "<TENANT>/api/v1/encryption/keyproviders" ^
--header "Authorization: Bearer <ACCESS_TOKEN>" ^
--header "Content-Type: application/json" ^
--data "{\"name\": \"<KEY_PROVIDER_NAME>\", \"arn\": \"<KMS_KEY_ARN>\", \"keyprovider\": \"AWS-KMS\" }"

The result is a JSON object that shows the details of the newly created KMS key provider.

{
    "name": "<KEY_PROVIDER_NAME>",
    "tenantId": "<TENANT_ID>",
    "arn": "<KMS_KEY_ARN>",
    "arnFingerPrint": "<ARN_FINGERPRINT>",
    "keyprovider": "AWS-KMS",
    "createdAt": "2023-07-14T18:17:23Z",
    "promotedToCurrentAt": "0001-01-01T00:00:00Z",
    "demotedFromCurrentAt": "0001-01-01T00:00:00Z"
}

You can then migrate from the currently active key provider to the new key provider specified by <ARN_FINGERPRINT>. Upon successful migration, the migrated key provider becomes active.

curl -L "https://<TENANT>/api/v1/encryption/keyproviders/<ARN_FINGERPRINT>/actions/migrate" ^
-X POST ^
--header "Content-Type: application/json" ^
--header "Authorization: Bearer <ACCESS_TOKEN>"

The result is a JSON object that shows the details of the key provider migration.

{
    "migrationId": "c75088bc-cfba-410a-aeda-2a5dd797f528",
    "tenantId": "<TENANT_ID>",
    "migratingFrom": "v1:rTfjXBtXurvLxUJqE4dvgyXIm6zLiaIE:iiTaqy+LNXkmCVEBN9mOwKwsNQZ0UdNUWW7s5TptbOrU67qAALinKb+UZUKBHYgVGflHmp2t2CvtBK4G",
    "migratingTo": "<KMS_KEY_ARN>",
    "migratingToFingerPrint": "<ARN_FINGERPRINT>",
    "migratingToPrefix": "#BYOKv1#:<ARN_FINGERPRINT>",
    "state": "New",
    "initiatedAt": "2023-07-18T12:08:04.634711507Z",
    "completedAt": "0001-01-01T00:00:00Z"
}

Learn more about tenant encryption

To learn more:

• Review the encrypt tenants topic to learn how to send common requests.
• Visit the configuring tenant encryption documentation to learn about the overall capability.
• Read the no-code options for managing encryption to learn how to manage lifecycles in Qlik Application Automation.
• Access the encrypt tenants API specification to see the full specification.

This changelog provides 60 days notice of deprecation and removal of the /v1/automations/settings endpoints.

These endpoints turn on and off Qlik Application Automation on a tenant, and this capability was superseded by the addition in July 2023 of a new role, Automation Creator. This new role provides much greater flexibility in who can use automations, including at tenant, group, and user level.

For more information on Qlik’s API policies, please refer to the API policy page.

Migrating to use the automation creator role

To provide all users in the tenant with access to create and run automations, you must add the AutomationCreator role to the Everyone group.

Assuming the Everyone group already had the PrivateAnalyticsContentCreator role assigned, you would send a request to replace the assignedRoles with the new list of PrivateAnalyticsContentCreator and AutomationCreator:

curl -L -X PATCH "https://<TENANT>/api/v1/groups/000000000000000000000001" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-H "Accept: application/json" ^
-d "[{\"op\": \"replace\", \"path\": \"/assignedRoles\", \"value\": [{\"name\": \"PrivateAnalyticsContentCreator\"}, {\"name\": \"SharedSpaceCreator\"}]}]"

If successful, an empty response with an http 204 code is returned.

In a similar way, you can also assign access to groups from your Identity Provider, or to individual users.

For more information, please review the configure application automation topic.

The query parameter “type” has been added to the Spaces API. Supported filter values: user or group.

This feature is useful for limiting the number of assignments returned from the endpoint in cases where only one of the assignment types is of interest.

Example:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/spaces/<id>/assignments?type=user' \
--header 'Authorization: Bearer <API_KEY>'

Review the Spaces API specification for further information.

Update: This changelog was updated to add information on the other services impacted by this change, and how to move to the new event on 2023-11-23. The event change was deployed on 2023-11-14.

Qlik Cloud leverages an event driven architecture to communicate between the services in the platform. To support customer use cases, Qlik surfaces some of these events. These events may be made accessible in several ways, via:

• The audits API, which provides visibility of events in your Qlik Cloud tenant. This data is also accessible in the Events page in the management console.
• As an event you can subscribe to from a third party application via the Webhook service.
• As an event you can subscribe to from Application Automation via the Qlik Cloud Services connector start block.

The event emitted when an analytics reload completes, com.qlik.app.reload.ended, will be replaced by com.qlik.v1.app.reload.finished no sooner than 30 days from this notice. The events presented in the webhooks service, and on the Qlik Cloud Services connector will also be updated to reflect the new format.

Note: The com.qlik.app.reload.ended event is experimental and unpublished. In general, Qlik does not post deprecation notices for experimental and/or unpublished events. An exception has been made in this circumstance because of the external usage of this event. Qlik reserves the right to deprecate without notice experimental and/or unpublished events.

The key differences for com.qlik.v1.app.reload.finished are:

• Layout and field name changes, such as:
  • The location of the app ID has changed from data>id to extensions>topLevelResourceId.
  • The location of the space ID has changed from data>spaceId to extensions>spaceId.
• The statements section will not return data, since more complex reloads can make the payload of the event too large. You can still access this information using the app reload metadata API endpoint, if required.
• The event is published, and stable

Review the Audits API specification, and the app reload finished event specification for further information.

Updated on December 6, 2024: The API referenced in this changelog is now deprecated. For more information, review this changelog.

Qlik Sense applications running in Qlik Cloud rely on Analytics Data Connections to load data from external sources. The new Data Connectivity as a Service (DCaaS) API provides you with the ability to provision new Analytics Data Connections to supported sources using any supported authentication type.

This release of the DCaaS API supports creation of direct connections to:

• REST
• Microsoft SQL Server
• Databricks
• Google Big Query
• Amazon S3 (Web Storage and Metadata, via either v1 or v2 connector)
• Google Cloud Storage (Web Storage and Metadata)
• SFTP
• SFDC

Note: Connections via the Direct Access or Data Movement Gateway are not supported in this release. Non-analytics data connections cannot be configured via DCaaS.

Additionally, support for calls to paths /api/v1/dcaas and /api/v1/data-credentials have been added to the Raw blocks in the Qlik Cloud Services connector in Qlik Application Automation (Qlik Platform Operations allows all endpoints by default).

Learn more about Analytics Data Connections

To discover more about how to create Analytics Data Connections:

• Review the data connections topic to learn about the overall capability.
• Visit the create a connection tutorial to begin creating new connections.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Block updates:

The following blocks have been added to the connector:

• Deactivate tenant
• Reactivate tenant

These blocks add support for the deactivation, and eventual deletion of tenants from Qlik Cloud. For further information, refer to the delete tenant changelog.

Review how to get started with the Platform Operations connector.

Minimum and maximum values have been added (which were already restricted in the implementation details) for the limit parameter in the /audits endpoint.

• minimum: 1 (minimum value can be set as limit parameter)
• maximum: 100 (maximum value can be set as limit parameter)
• default: 10 (default value of the limit parameter if not set)

Example:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/audits?limit=<LIMIT>' ^
--header 'Authorization: Bearer <API_KEY>'

Review the Audits API specification for further information.

New query parameters have been added to the Reloads API, giving you additional flexibility in monitoring and managing analytics reloads in your tenant.

Additions:

• filter - allows you to filter on status and partial with equals (eq).
• log - allows you to turn off the log that is usually returned with every API call to improve response time.

To filter on a single status (RELOADING),and exclude the logs:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/reloads' ^
--header 'Authorization: Bearer <ACCESS_TOKEN>' ^
--header 'Content-type: application/json' ^
--header 'Accept: application/json' ^
--data-urlencode 'filter=status eq "RELOADING"' ^
--data-urlencode 'log=false'

To filter on multiple statuses (QUEUED and RELOADING), and exclude the logs:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/reloads' ^
--header 'Authorization: Bearer <ACCESS_TOKEN>' ^
--header 'Content-type: application/json' ^
--header 'Accept: application/json' ^
--data-urlencode 'filter=(status eq "RELOADING") OR (status eq "QUEUED")' ^
--data-urlencode 'log=false'

Review the Reloads API specification for further information.

Tenants are the highest level of logical separation in Qlik Cloud available to Qlik customers. When using a multiple tenant entitlement, you can now programmatically delete tenants via API.

If you are a customer with a single tenant entitlement, contact Qlik for assistance with deleting your tenant.

The most common use case for tenant deletion is in an OEM context where you create a tenant per end customer and need to offboard customers and delete their tenant as their contracts with you come to an end. To learn more the lifecycle of OEM in Qlik Cloud, review the Platform Operations tutorial series.

Important! Deleting a tenant is a permanent action. Neither you nor Qlik can restore data from the tenant after it has been purged from Qlik Cloud. Use this capability with caution.

Deactivate & reactivate a tenant

To deactivate a tenant and schedule it for deletion in 15 days, send this request:

curl -L "https://register.eu.qlikcloud.com/api/v1/tenants/TENANT_ID/actions/deactivate" ^
-H "Authorization: Bearer ACCESS_TOKEN" ^
-H "qlik-confirm-hostname: my-tenant.eu.qlikcloud.com" ^
-H "Content-Type: application/json" ^
-H "Accept: application/json"
-d "{\"purgeAfterDays\": 15}"

This response indicates that the tenant is in a deactivated state:

{
    "id": "zWbTyyJ5lzYLnm9taTD49ja4JVdNKBUM",
    "status": "disabled",
    "estimatedPurgeDate": "2023-07-30T14:01:22.000Z"
}

To reactivate a tenant before the estimated purge date, send this request:

curl -L "https://register.eu.qlikcloud.com/api/v1/tenants/TENANT_ID/actions/reactivate" ^
-H "Authorization: Bearer ACCESS_TOKEN" ^
-H "qlik-confirm-hostname: my-tenant.eu.qlikcloud.com" ^
-H "Content-Type: application/json" ^
-H "Accept: application/json"

This response indicates that the tenant is in an activated state:

{
    "id": "zWbTyyJ5lzYLnm9taTD49ja4JVdNKBUM",
    "status": "active"
}

Learn more

To discover more about tenant deletion:

• Review the delete tenants topic to learn about the overall capability.
• Visit the delete a tenant tutorial in the Platform Operation series to view this in context of a programmatic tenant deployment.
• Access the delete tenants API specification to see the full specification.

Typescript v0.24.0: New API Intakes and Maintenance

feat: Intake Brands API

The [brands] API supports the creation and management of brands in the tenant. This allows you to provide a custom logo and favicon to help you enhance the user experience for your users. Below is an example of how you can use the API.

Important: Use of the brands API is permitted for OEM use cases only.

const qlik = new Qlik({...});
// upload a new logo
const logo = fs.readFileSync(path.join(__dirname, 'assets/logo.png'));
const brand = await qlik.brands.create(logo, 'my_awesome_logo');
// activate/deactivate and delete
await qlik.brands.activate(brand.id);
await qlik.brands.deactivate(brand.id);
await qlik.brands.delete(brand.id);

See full API reference here

feat: Intake Tenants API

const { tenants, users } = new Qlik({...});
// checks tenant/me
const { id } = await tenants.getMe();
const { tenantId } = await users.getMe();

// get a tenant & update settings
let tenant = await tenants.get(id);
const orgEnableAnalyticCreationSettings = tenant.enableAnalyticCreation;
await tenant.patch([{ op: 'replace', path: '/enableAnalyticCreation', value: !orgEnableAnalyticCreationSettings }]);

See full API reference here

Bugfixes

• ⚠️ Breaking - fix: method name fixes in various APIs

// example method name changes:
app.recommendInsightAnalyses(...); // was previously app.recommend(...)
automation.retryRun(...); // was previously automation.retry(...)
// & some plural/singular fixes
collections.getFavorites(); // was previously collections.getFavorite()
webhook.getDelivery(...); // was previously webhook.getDeliverie(...)

Other Fixes

• fix: render inline response object
• fix: random nbr in group test by
• fix: bump spectacular.ts to latest

To get started with the Qlik Typescript SDK, clik here

Python v0.16.0: New API Intakes and Fixes

feat: Intake for Brands API

brands = Brands(config=config)
# create upload logo to your tenant
file_dir = os.path.dirname(os.path.abspath(__file__))
logo_path = os.path.join(file_dir, "logo.png")
with open(logo_path, "rb") as logo_file:
    brand = brands.create(logo=logo_file, name="my_awesome_logo")
# get / activate / deactivate
brands.get(brand_id=brand.id)
brands.activate(brand_id=brand.id)
brands.deactivate(brand_id=brand.id)

See full API reference here

feat: Tenants API

tenants = Tenants(config=config)
# fetch information about your tenant
my_tenant = tenants.get_me()

# change settings
tenant_analytic_creation_setting = my_tenant.enableAnalyticCreation
my_tenant.patch(
    data=[
        {
            "op": "replace",
            "path": "/enableAnalyticCreation",
            "value": True,
        }
    ]
)

See full API reference here

feat: Intake for Notes API

notes = Notes(config=config)
# fetch notes settings
notes_settings = notes.get_settings()
# set settings programmatically
notes.set_settings(data={"toggledOn": True, "snapshotRelations": True})

fix: [breaking change] variouse plurals/singular method names fixes

# webhooks.get_deliverie(..) changed to:
webhooks.get_delivery(..)
# collections.get_favorite(..) is now:
collections.get_favorites(..)
# and more

See full API reference here

To get started with the Qlik Python SDK, clik here

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Block updates:

The following blocks have been added to the connector:

• Get tenant name
• Get tenant alias
• Create key provider (part of Customer Managed Keys release)
• Get key provider by fingerprint (part of Customer Managed Keys release)
• Get ongoing migration details (part of Customer Managed Keys release)
• Reset a migration to Qlik provider (part of Customer Managed Keys release)
• List key providers (part of Customer Managed Keys release)
• Trigger migration (part of Customer Managed Keys release)
• Validate key provider (part of Customer Managed Keys release)

The following blocks have been updated in the connector:

• Get tenant - this has been updated to use the new tenants endpoints
• List automations - additional filter options have been added
• Update tenant - made easier to use

Review how to get started with the Platform Operations connector.

Qlik-Cli v2.22.0

feat: Intake of the brands API

This API allows you to manage the branding of a tenant. For example, you can customize logos and favicons with your brand. You can activate this by using the command:

qlik brand create --name=<name> --file-logo=<logo.png> --file-favIcon=<icon.ico>
qlik brand activate <brand-id>

feat: Intake of group-create

The group-create command is a command used for creating groups. It can be used for managing access control for multiple users at the same time. For example, you can create a group called developers with the “Developer” role assigned.

qlik group create --name=developers --assignedRoles='[{"name":"Developer"}]'

You can get a complete list of roles using the command qlik role ls. --assignedRoles accepts either an ID or the name of a role.

feat: Tenant-edit command

The tenant-edit command now allows you to update your tenant-configuration in a command-line-editor of your choice.

• docs: Edit-commands are no longer experimental
• docs: The identity-provider commands are no longer experimental
• fix: Bug when providing required body parameters from a file using the --file flag.

Say hello to the new Example section on qlik.dev. This new section provides you with quick access to commonly used code snippets and scripts you can adapt and integrate into your projects.

Every example in this section will have a card providing a brief description and the language or tool you can use with it.

There are a lot of examples to share with you, and they’re being added to the gallery frequently, so make sure to subscribe to the changelog using the RSS link at the top of the page so you can stay up to date.

If you experience an issue with a snippet, please open an issue at the Qlik Cloud examples repository on Qlik’s open source Github. Include a link to the example, the problem, and if you have one, your proposed solution.

You can peruse the examples section here.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Block updates:

The following blocks have been added to the connector:

• Get group
• Update group
• Add Role To Group By Name
• Remove Role From Group By Name
• Get tenant
• Update tenant
• Create space if not existing

The following blocks have been updated in the connector:

• Create group - this has been updated to leverage the recently released groups REST API

Review how to get started with the Platform Operations connector.