Changelog

A big part of the app experience in Qlik Sense is the navigation between sheets. With the new navigation menu, you can style it as you prefer.

For more information, refer to:

• Foundational knowledge
• Creating navigation menu objects
• Reference documentation

The Roles API manages tenant-level security roles and user default customization.

New endpoints allow you to create, update, and delete custom roles, as well as configure the default scopes assigned to all users in a tenant via userDefault.

For more information:

• Review the Manage custom roles tutorial.
• See all available custom role and user default scopes.
• Review the Roles API specification.

The selection bar can now be styled using custom themes. Style the selection bar and listboxes with custom definitions for the dataColors properties. These properties can be configured in the top-level theme definition, and at the chart level for the listBox object.

For more information, refer to:

• Basic styling of apps using custom themes
• Extended object styling
• Theme JSON properties

qlik-cli 2.26.0

A new release of qlik-cli has been published.

Change summary:

• Republished qlik-cli documentation to remove deprecated commands and update with improved API specifications.
• Updated command help to match the updated API specifications.
• Deprecated the collection change-visibility command as the supporting API is no longer published.
• Renamed the flag webhook ls --eventType to --eventTypes to align with the operation of the API. This flag now takes multiple event types, separated by commas, to support more precise queries. The old flag still works and is ported to the new one for backwards compatibility.

Notes on deprecation of collection change-visibility command

The supported method for changing the visibility of a collection is to use collection patch, for example:

qlik collection patch COLLECTION_ID --body='[{"op":"replace","path":"/type", "value": "publicgoverned"}]'

Support for the anonymous OAuth type has been added to qlik-embed, which allows you to leverage the Anonymous Access capability for embedding Qlik Sense components with qlik-embed.

Review the Anonymous Access with qlik-embed tutorial to learn more.

The Brands API, initially launched for use by Qlik OEM customers, is now available to all Qlik customers. You can find the original release in this changelog. This API helps improve alignment with your corporate branding and reduces friction for your end users as they switch between experiences.

For more information, review the Brands API reference, or take a look at the Apply branding to a tenant tutorial to learn how to call the API using code.

For no-code developers, native blocks are available in the Qlik Platform Operations connector in Qlik Application Automation.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without any code.

New blocks:

• Create Webhook: Creates a new webhook for the specified events and filters.
• Update Webhook: Updates an existing webhook.
• List Webhooks: Retrieves a list of all webhooks in the tenant accessible by the OAuth client.
• Get Webhook: Retrieves information about a specific webhook.
• Delete Webhook: Removes a specific webhook.
• List Webhook Event Types: Retrieves a list of all event types against which a webhook can be configured.
• List Automation Connections: Retrieves a list of all automation connections in the tenant accessible by the OAuth client.
• Get Automation Connection: Retrieves information about a specific automation connection.
• Update Automation Connection Space: Moves a specific automation connection to a new space.
• Delete Automation Connection: Removes a specific automation connection.

Updated blocks:

• Create Reload Task: Updated parameters to match the API specification for creating a reload task.
• Update Reload Task: Updated parameters to match the API specification for creating a reload task.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

The Reloads API is used to start and monitor the refresh of Qlik Cloud Analytics apps.

To better support programmatic external task management of reloads, the rate limit for POST /api/v1/reloads has been increased from 10 requests per minute to 50 requests per minute.

Requests to this POST endpoint are metered over a 5-minute window. This means you can make up to 250 requests within that window before you are rate limited.

Learn more about reloads and system concurrency in manage analytics reloads, or delve into how rate limiting works for REST APIs in Qlik Cloud.

A new tutorial is available with example code for exporting data from a chart embedded with qlik-embed.

In this tutorial, you will learn how to use qlik-embed and qlik-api to set up an export button that connects to the reports and temporary contents APIs to request and retrieve data exports in Microsoft Excel (xlsx) format.

View the tutorial here.

Qlik is enhancing security and data protection for the Extensions API and Themes API. These APIs allow customization of experiences in Qlik Sense by adding custom visualization objects, colors, and styling.

Currently, any user in the tenant can download the full archive of an extension or theme from the following endpoints:

• GET /v1/extensions/{id}/file for extensions
• GET /v1/themes/{id}/file for themes

To improve security, only users with the TenantAdmin or AnalyticsAdmin roles will be allowed to download the full archive. This brings these endpoints in line with the permissions for import endpoints.

This change will take effect no sooner than 60 days from the date on this changelog, on, or after October 21, 2024.

Endpoints affected:

• GET /v1/extensions/{id}/file
• GET /v1/themes/{id}/file

The reloads API allows for triggering data refreshes in Qlik Sense applications in Qlik Cloud.

The query log default value is being changed from true to false. This will reduce response size for the majority of queries where the log attribute in the response is not required.

The query parameter log can have a true or false value that controls whether the log attribute is sent in the response. Today, the default value of this log parameter is true, when not specified - hence the log is returned by default.

To continue receiving this attribute after the notice period, you should specify log=true in your request.

This change will take effect no sooner than 30 days from the date on this changelog, on, or after September 19, 2024.

Endpoints affected:

• GET /v1/reloads

The current response, when no log query parameter is included in the request, returns the log field.

{
    "data": [
            {
                "id": "65ad4a0df4bd1ffb55555a51",
                "appId": "349216c2-5555-5555-5555-5555379f68bb",
                "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct",
                "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO",
                "type": "chronos",
                "status": "SUCCEEDED",
                "log": "ReloadID: 65ad4a0df4bd1ffb55555a51\nStarted loading data\n(A detailed script progress log can be downloaded when the reload is finished)\nreload-result-join-22-23 \u003c\u003c reload-result-join-22-23 446,756 Lines fetched\n\nApp saved\nFinished successfully\n",
                "partial": false,
                "creationTime": "2024-01-21T16:45:01Z",
                "startTime": "2024-01-21T16:45:02.766Z",
                "endTime": "2024-01-21T16:45:10.125Z",
                "engineTime": "2024-01-21T16:45:07.915Z",
                "links": {
                    "self": {
                        "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51"
                    }
                }
            },
        ]
}

In future, if the query param log=true is not specified, or is false, the log attribute will be omitted from the response:

{
    "data": [
            {
                "id": "65ad4a0df4bd1ffb55555a51",
                "appId": "349216c2-5555-5555-5555-5555379f68bb",
                "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct",
                "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO",
                "type": "chronos",
                "status": "SUCCEEDED",
                "partial": false,
                "creationTime": "2024-01-21T16:45:01Z",
                "startTime": "2024-01-21T16:45:02.766Z",
                "endTime": "2024-01-21T16:45:10.125Z",
                "engineTime": "2024-01-21T16:45:07.915Z",
                "links": {
                    "self": {
                        "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51"
                    }
                }
            },
        ]
}

Add query parameter log=true to return the log attribute in the response, such as in /reloads?appId=349216c2-5555-5555-5555-5555379f68bb&log=true:

{
    "data": [
            {
                "id": "65ad4a0df4bd1ffb55555a51",
                "appId": "349216c2-5555-5555-5555-5555379f68bb",
                "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct",
                "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO",
                "type": "chronos",
                "status": "SUCCEEDED",
                "log": "ReloadID: 65ad4a0df4bd1ffb55555a51\nStarted loading data\n(A detailed script progress log can be downloaded when the reload is finished)\nreload-result-join-22-23 \u003c\u003c reload-result-join-22-23 446,756 Lines fetched\n\nApp saved\nFinished successfully\n",
                "partial": false,
                "creationTime": "2024-01-21T16:45:01Z",
                "startTime": "2024-01-21T16:45:02.766Z",
                "endTime": "2024-01-21T16:45:10.125Z",
                "engineTime": "2024-01-21T16:45:07.915Z",
                "links": {
                    "self": {
                        "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51"
                    }
                }
            },
        ]
}

For more information on this API, review the Reloads API specification.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without any coding.

New blocks:

• List Tags: List all tags (collections where type=public) in the tenant.
• List Items By Tag Name: List all items (apps, automations, data sets, etc) which have a tag matching the provided tag name.
• Create Tag If Not Existing: If a tag doesn’t exist, create it. If it exists, return the tag definition.
• Delete Tag By Name: Deletes a tag by name if found.
• Add Tag To Item By Name: Add a tag to an item by specifying the tag name. If the tag doesn’t exist, create it.
• Remove Tag From Item By Name: Remove a tag from an item by specifying the tag name.
• List Automation Runs: Retrieve the most recent run information for an automation.
• List Reload Tasks: Retrieve all reload tasks configured in the tenant.
• Get Reload Task: Retrieve an individual reload task definition.

Updated blocks:

• List Data Files: Added all API params as inputs to block to support in-block filtering and sorting.
• List Data Files From Space: Added all API params as inputs to block to support in-block filtering and sorting.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

The AI assistant component brings you the Qlik Answers experience in embedded format, with the following tag:

<qlik-embed
  ui="ai/assistant"
  assistant-id="<assistant-id>"
></qlik-embed>

Review the ai/assistant parameters, or learn more about the other UIs and params in qlik-embed.

The DCaaS API provides the ability to create analytics data connections in your Qlik Cloud tenant.

In response to customer feedback, the functionalities of DCaaS were merged into the data-connections and data-sources APIs in March 2024, as announced in this changelog.

This post serves as notice that DCaaS will be deprecated no sooner than 120 days from the date of this changelog, on or after November 23, 2024.

Migrating from POST /v1/dcaas/actions/data-connections

You must move from POST /v1/dcaas/actions/data-connections to POST /v1/data-connections.

To prevent breaking changes for current users of POST /v1/data-connections, some parameter names have changed to incorporate the capabilities from POST /v1/dcaas/actions/data-connections. Namely:

• The parameter for passing the name of the connection is qName rather than connectionName.
• The parameter for passing the ID of the space to create the connection in is space rather than spaceId.

With POST /v1/dcaas/actions/data-connections, you sent:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections" ^
--header "Content-Type: application/json" ^
--header "Authorization: <ACCESS_TOKEN>" ^
--data "{
    \"dataSourceId\": \"DG_mysql\",
    \"connectionName\": \"<CONNECTION_NAME>\",
    \"spaceId\": \"<SPACE_ID>\",
    \"connectionProperties\": {
        \"gatewayInstance\": \"<GATEWAY_ID>\",
        \"host\": \"<HOST>\",
        \"port\": \"3306\",
        \"database\": \"<DATABASE_NAME>\",
        \"username\": \"<USERNAME>\",
        \"password\": \"<PASSWORD>\"
    }
}"

With POST /v1/data-connections, you should send:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-connections" ^
--header "Content-Type: application/json" ^
--header "Authorization: <ACCESS_TOKEN>" ^
--data "{
    \"dataSourceId\": \"DG_mysql\",
    \"qName\": \"<CONNECTION_NAME>\",
    \"space\": \"<SPACE_ID>\",
    \"connectionProperties\": {
        \"gatewayInstance\": \"<GATEWAY_ID>\",
        \"host\": \"<HOST>\",
        \"port\": \"3306\",
        \"database\": \"<DATABASE_NAME>\",
        \"username\": \"<USERNAME>\",
        \"password\": \"<PASSWORD>\"
    }
}"

Migrating from GET /v1/dcaas/actions/data-connections/{connectionId}

You must move from GET /v1/dcaas/actions/data-connections/{connectionId} to GET /v1/data-connections/{qID}.

Changes:

• The qName property is used instead of connectionName.
• The space property is used instead of spaceId.
• The qID property is used instead of connectionId.
• The legacy response of the data-connections API will be returned along with the DCaaS style response.

You must pass the parameter parseConnection=true to return the DCaaS style response.

With GET /v1/dcaas/actions/data-connections/{connectionId}, you sent:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections/{connectionId}" ^
--header "Authorization: <ACCESS_TOKEN>" 

With GET /v1/data-connections/{qID}, you should send:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-connections/{qID}?parseConnection=true" ^
--header "Authorization: <ACCESS_TOKEN>" 

Migrating from GET /v1/dcaas/actions/data-connections/api-specs

You must move from GET /v1/dcaas/actions/data-connections/api-specs to GET /v1/data-sources/{dataSourceId}/api-specs.

With GET /v1/dcaas/actions/data-connections/api-specs, the dataSourceId was a query parameter, and you sent:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections/api-specs?dataSourceId={dataSourceId}" ^
--header "Authorization: Bearer <API-key>"

With GET /v1/data-sources/{dataSourceId}/api-specs, you pass the dataSourceId in the path, so you should send:

curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-sources/{dataSourceId}/api-specs" ^
--header "Authorization: Bearer <API-key>"

Consider reviewing the guides on how to create data connections.

Qlik is making changes to the recently updated Automation Connections API to improve developer experience on this API. The change is being made to the response from three endpoints, to return all attributes at the root object, rather than in the data object. No changes are being made to payloads or parameters.

This change will take effect no sooner than sixty days from the date on this changelog entry.

Endpoints affected:

• GET /v1/automation-connections/{id}
• PUT /v1/automation-connections/{id}
• POST /v1/automation-connections

Current response, with data returned in data object:

{
    "data": {
        "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
        "name": "Qlik Cloud Services",
        "spaceId": "",
        "ownerId": "645a73ad73599192614c03c3",
        "isConnected": true,
        "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
        "oauthAccountName": null,
        "redirect": null,
        "params": [],
        "createdAt": "2024-07-09T08:42:43.000000Z",
        "updatedAt": "2024-07-09T08:42:43.000000Z"
    }
}

From today through to the removal date in 60 days, the API will return both the new and old structures:

{
    "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
    "name": "Qlik Cloud Services",
    "spaceId": "",
    "ownerId": "645a73ad73599192614c03c3",
    "isConnected": true,
    "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
    "oauthAccountName": null,
    "redirect": null,
    "params": [],
    "createdAt": "2024-07-09T08:42:43.000000Z",
    "updatedAt": "2024-07-09T08:42:43.000000Z",
    "data": {
        "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
        "name": "Qlik Cloud Services",
        "spaceId": "",
        "ownerId": "645a73ad73599192614c03c3",
        "isConnected": true,
        "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
        "oauthAccountName": null,
        "redirect": null,
        "params": [],
        "createdAt": "2024-07-09T08:42:43.000000Z",
        "updatedAt": "2024-07-09T08:42:43.000000Z"
    }
}

After the removal date in 60 days, the API will return:

{
    "id": "bf96da21-b36f-40d0-ad36-3322e95d218f",
    "name": "Qlik Cloud Services",
    "spaceId": "",
    "ownerId": "645a73ad73599192614c03c3",
    "isConnected": true,
    "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
    "oauthAccountName": null,
    "redirect": null,
    "params": [],
    "createdAt": "2024-07-09T08:42:43.000000Z",
    "updatedAt": "2024-07-09T08:42:43.000000Z"
}

Review the Automation Connections API specification for more information about this API.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without requiring any coding.

New blocks:

• Import And Replace App In Shared Space By Name: Use the Import And Replace App In Shared Space By Name block to simplify importing apps to a shared space for deployments where the goal of importing the app is to then publish or republish that imported copy into a managed space. The block will first identify and delete any other apps in the shared space with the same name (using an exact case-sensitive match on the provided name), then import the app and return an object containing the imported app and the IDs of any deleted apps.

Updated blocks:

• Create Space If Not Existing: Added the ability to set and update the space description.
• Deactivate Tenant: Fixed an issue with the example output.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

qlik-cli 2.25.0

A new release of qlik-cli has been published.

Change summary:

• Added oauth-client command for the oauth-clients API
• Added automation-connections command for the automation-connections API
• Updated app properties exported on qlik app unbuild command
• Added CSRF support for Qlik Sense Enterprise client-managed
• Tidied up various descriptions
• Removed deprecated qlik catwalk commands
• Removed deprecated qlik csp-header commands

Added oauth-client command for the oauth-clients API

The oauth-clients API allows you to create and manage OAuth clients, used for authentication in Qlik Cloud. These are designed to support use cases such as embedding, automation, orchestration, and more.

Explore the new commands under:

qlik oauth-client

If you’re new to OAuth in Qlik Cloud, explore the OAuth2 overview.

Added automation-connections command for the automation-connections API

Automations are the primary resource for Qlik Application Automation, which provide no-code methods for integrating with Qlik and third-party services.

The recently released Automation-connections API allows you to create and manage connectivity to services. These connections can be used by one or more automations.

Explore the new commands under:

qlik automation-connection

Updated app properties exported on qlik app unbuild command

Added missing app properties to the unbuild command, to ensure a more complete unbuild of the app.

Added CSRF support for Qlik Sense Enterprise client-managed

An upcoming change in Qlik Sense Enterprise client managed will make it a requirement to include a CSRF-token when establishing websocket connections. This adds a forwards-compatible fix for that.

Removed deprecated qlik csp-header commands

This deprecated endpoint has now been removed. It was replaced by qlik csp-origin generate-header.

The Qlik Platform Operations connector for Qlik Application Automation enables the deployment and management of Qlik Cloud tenants without requiring any coding.

New blocks:

• Deallocate All Licenses From User: This block removes any licenses assigned to the specified user subject.
• Delete User And Deallocate All Licenses: This block removes any licenses assigned to the specified user ID and deallocates any licenses assigned to the user subject associated with that user ID.

Updated blocks:

• Run Automation: Now supports providing the input payload for the automation within the block.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

Qlik Application Automation provides you with the ability to create workflows in a no-code interface. Most Application Automation connectors require a connection to a data source, containing information on where the data source is, connection credentials, and more.

The updated automation-connections API endpoints provide capabilities for users to manage automation connections in personal and shared spaces, including, but not limited to, retrieving, creating, updating and deleting an automation connection, as well as changing its owner and moving it to a different space. This is useful for collaborations and administration, and also when programmatically deploying, backing up, and restoring automations.

In the initial release, you could retrieve a list of connections:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections" \
 -H "Authorization: Bearer <API-key>"

Now with the updated API, you could retrieve a single connection:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections/{id}" \
 -H "Authorization: Bearer <API-key>"

An example response, returning a single connection for the Qlik Cloud Services connector.

{
    "data": {
    "id": "1968b1a0-1a75-11ee-9e04-976916adf99b",
    "name": "Qlik Cloud Services",
    "spaceId": "",
    "ownerId": "64a428976c47a6c39e592159",
    "isConnected": true,
    "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
    "oauthAccountName": null,
    "redirect": null,
    "params": [],
    "createdAt": "2023-07-04T14:14:33.000000Z",
    "updatedAt": "2024-03-14T11:32:10.000000Z"
    }
}

The API now also supports connection creation and updates, for example, creating a new connection:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{"name":"connection","params":[{"name":"username","value":"string"}],"spaceId":"5f0f78b239ff4f0001234567","connectorId":"3004e850-1985-11ee-b6df-8d800b305320"}'

An example response, returning details of a created connection.

{
  "id": "e0e720d0-4947-11ec-a1d2-9559fa35801d",
  "name": "connection",
  "params": [
    {
      "id": "39a90780-8874-11ee-b16c-89512345678",
      "meta": [],
      "name": "region",
      "order": 1,
      "value": "string",
      "fieldType": "enum",
      "isOptional": "false",
      "exampleValue": "string",
      "paramOptions": [
        {
          "id": "39a90780-8874-11ee-b16c-89512345678",
          "value": "string"
        }
      ],
      "documentation": "string"
    }
  ],
  "ownerId": "sWYAHxZxhtcmBT7Ptc5xJ5I6N7HxwnEy",
  "spaceId": "5f0f78b239ff4f0001234567",
  "redirect": "string",
  "createdAt": "2021-12-23T12:28:21.000000Z",
  "updatedAt": "2021-12-23T12:28:21.000000Z",
  "connectorId": "e0e720d0-4947-11ec-a1d2-9559fa35801d",
  "isConnected": "true",
  "oauthAccountName": "oauth"
}

Note that the connectorId value isn’t currently available via published API. For now, retrieve this value by viewing the ID of a previously created connection of the type you require.

Review the Automation Connections API specification for more information about this API.

Qlik has added the com.qlik.v1.analytics.analytics-app-client.sheet-view.opened event to the audit service in Qlik Cloud. This event is triggered whenever a sheet is displayed in Qlik Sense, allowing for detailed analysis of how many times a sheet in an app has been viewed and by which user.

The audit entry structure is as follows:

{
  "id": "auditEntryId",
  "data": {
    "appId": "appId",
    "sheetId": "sheetId",
    "sheetState": "analysis|edit|simpleEdit"
  },
  "eventId": "eventId",
  "eventTime": "2024-05-01T01:13:16.000Z",
  "eventType": "com.qlik.v1.analytics.analytics-app-client.sheet-view.opened",
  "source": "com.qlik/analytics",
  "tenantId": "tenantId",
  "userId": "userId"
}

A view will be recorded each time the sheet is navigated to by users accessing via the Qlik Sense client, via iFrame, or via the classic/app interface with qlik-embed. Events are not generated for any other embedding approaches. Actions such as toggling between edit and view mode without changing sheet will not register as additional views of the sheet.

The value of sheetState details the consumption mode active when the user opened the sheet:

• analysis when in view only mode.
• simpleEdit when in edit mode.
• edit when in the advanced options edit mode.

This event is available via the Audits API and can also be viewed in the Events section of the Management Console.

charts on the fly

qlik-embed 1.2.0 adds the popular charts on the fly feature to the analytics/chart ui. This allows you to generate charts from data in a Qlik Sense app, without the chart existing in the app. You pass a definition, and the chart is created as requested by your web app.

Here’s an example using qlik-embed web components:

<qlik-embed
  id="visualization"
  ui="analytics/chart"
  app-id="<appid>"
  type="barchart"
  dimensions='["Dimension1"]'
  measures='["Measure1", "=Sum(Expression2)", "=Avg(Expression2)"]'
  properties='{ orientation: "horizontal", barGrouping: { grouping: "stacked" } }'
></qlik-embed>

Note: charts on the fly works only with charts available in the analytics/chart ui in qlik-embed. Please consult the chart compatibility table for a list of compatible charts. Use the Viz on the fly ID for the type property.

Update for using context property

Previously an html attribute to the <qlik-embed /> tag could include :json or :number to indicate which type the string in the attribute should be parsed to. In some environments the : is not allowed as a html parameter so it is now possible to also use ___ (triple underscore) as a delimiter.

This means you can now set context like this: <qlik-embed context___json='{ theme: "Breeze" }' ... /> and it will be parsed as json.

Qlik is removing the com.qlik.user-identity.impersonation event from the audits service in Qlik Cloud. Events of this type will no longer appear in the Events panel in your tenant’s management console and responses from the audits API will no longer include this event.

This change is a result of analysis which found the event added little customer value, with a better solution being to add the actor attribute to service events to indicate when a user was impersonated. This reduces audit complexity for customers, as well as the volume of events a customer needs to process to determine the actions their users are generating in the platform.

Note: The com.qlik.user-identity.impersonation is not deprecated, it is simply being removed from a service that aggregates and surfaces events for external consumption.

This change will take effect no sooner than sixty days from the date on this changelog entry.

qlik-embed web components script src attribute changes

A change to the latest release of qlik-embed web components requires references to the index.min.js file be specified for the library to run.

If you are using qlik-embed web components it is recommended you update the src property of the script element declaring the full path to the library.

Update the attribute to include /dist/index.min.js in the path. Here is an example of the new path for the src attribute: src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1/dist/index.min.js".

Note: If you do not want to use the latest version of qlik-embed web components, it is possible to set the version in the path.

Here is an example of the src attribute referencing a pinned version of qlik-embed web components: src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1.1.1/dist/index.min.js".

qlik-embed oauth callback page src attribute changes

Update the oauth-callback page used to handle connectivity between qlik-embed web components and your Qlik Cloud tenant. Set the src attribute to use oauth-callback.min.js.

The resulting src attribute should look something like this: src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1/dist/oauth-callback.min.js".

You can learn more about qlik-embed on the Why qlik-embed page.

The nebula.js extension and mashup library has been updated to version 5, the next major version.

Users of versions prior to 5.0.0 should be aware of important changes to:

• Type updates which align nebula with other Qlik tools
• Expanded support for multi-app mashups and web apps
• Updated OAuth support for Qlik Cloud

Type updates

To improve compatibility with other Qlik tools, simplify developer onboarding, and enhance the TypeScript experience, Nebula now uses the @qlik/api typings for QIX and Engine entities.

Multi-app support fix

This update changes how Nebula handles its cache. Building mashups using multiple app connections at the same time now works without interference. Previously, a common cache was used between instances, which could cause issues if apps shared a data model or if they where duplicates of each other.

Nebula serve updates

The connection setup in nebula serve was updated to improve compatibility with the Qlik Cloud OAuth setup. If you’ve used this capability before, you need to update the redirect URL to http://localhost:8000/auth/login/callback.

See nebula.js on npm.

Introducing classic/chart

classic/chart is a new UI for qlik-embed. classic/chart renders visualizations that have not been converted to nebula.js or use the classic extension API.

Using classic/chart

Like other UIs available through qlik-embed, when you want to use classic/chart in an embedded analytics context, set the ui property to classic/chart. If you use qlik-embed web-components it will look something like this:

<qlik-embed
    ui="classic/chart"
    app-id="<appId>"
    object-id="<objectId>"
></qlik-embed>

classic/chart compatibility

classic/chart will render supported visualizations from Qlik Sense applications. For a full support matrix, refer to the supported charts page.

Third-party extensions

Third-party extensions may not render properly within embedded contexts compared to the native Qlik Sense experience if the extension manipulates private code such as CSS. Manipulating CSS in the native experience is not supported by Qlik, therefore, it’s not supported in qlik-embed.

Additionally, for best compatibility, it is suggested to enable iframe mode when working with extensions:

<qlik-embed
    ui="classic/chart"
    app-id="<appId>"
    object-id="<objectId>"
    iframe="true"
></qlik-embed>

To learn more about third-party extension compatibility with qlik-embed, please contact the extension author.

Limitations

classic/chart does not support the following features:

• Right-click context menu
• Export data

You can learn more about qlik-embed on the Why qlik-embed page, or review the classic/chart example.

The Qlik Platform Operations connector is a connector for Qlik Application Automation that enables deployment and management of Qlik Cloud tenants without coding.

The following blocks have been added:

• Publish or Republish App to Managed Space: a convenience block which rolls together the capabilities in Publish App to Managed Space and Republish App to Managed Space to automatically replace apps if they already exist with the same name in the managed space.
• Allocate Or Update User License: a convenience block for tenants on the user (professional/analyzer) license model, supporting automated assignment or update of user licenses in a single block.
• RAW API List Request: a block which supports list API calls to RAW endpoints, removing the requirement for handling looped calls when making RAW calls.

The following blocks have been renamed to improve consistency:

• Create Interactive Identity Provider: renamed to Create Interactive OIDC Identity Provider in preparation for updates to blocks for additional OIDC and SAML configuration options.
• Update Interactive Identity Provider: renamed to Update Interactive OIDC Identity Provider in preparation for updates to blocks for additional OIDC and SAML configuration options.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

When you embed Qlik Cloud into your web applications, you likely require an authentication strategy that mitigates the blocking of third-party cookies by browsers.

Qlik is introducing support for OAuth impersonation tokens, which can be generated using a confidential OAuth machine-to-machine client for users in your Qlik Cloud tenant. Impersonation tokens are ideal for scenarios where:

• The identity provider for your web application does not match the one configured for your Qlik Cloud tenant.
• You wish to handle authentication on your backend.
• You wish to avoid client-side redirects in the browser.

If you intend to implement a client-side (front-end) authentication strategy or if your web application does not have a back-end component, you should leverage OAuth SPA for your application.

Considerations if moving from JWT

This capability provides a comparable experience to using JWT to authenticate from a web application to Qlik Cloud, with the benefit of not being blocked by third-party cookie restrictions.

The key difference is that OAuth impersonation requires that users already exist in the tenant and uses pre-existing user group mappings, rather than supporting update of groups on the fly during token requests. This means that:

• Users must exist in the tenant prior to requesting an impersonation token. You can accomplish this with qlik-api as part of the login flow.
• You cannot update user-to-group mappings when requesting the impersonation token. If you wish to leverage groups for your security model, you should first impersonate a user login on the backend using JWT to associate the required groups with your user.

Learn more about OAuth impersonation

To discover more:

• Review the guiding principles for using OAuth impersonation in Qlik Cloud.
• Learn how to create a new client for requesting impersonation tokens.
• Explore how to retrieve impersonation tokens.

The OAuth clients API is now published and generally available for use in programmatic use cases, including automation, orchestration, embedded analytics, and more.

One common scenario for using this API is OEM embedded use cases. When OEMs provision new tenants for end customers, this API can be used to create an OAuth client to support specific use cases, such as OAuth single-page applications and OAuth impersonation.

You can learn more about this API and how to use it by following this tutorial.

To discover more about OAuth in Qlik Cloud:

• See OAuth2 Overview for support details and use cases in Qlik Cloud.
• Visit the oauth-client API reference to learn about the API.

The admin.apps scope has additional permissions granting OAuth tokens with this scope applied non-interactive access to the personal and private resources end users in tenants can create and curate.

This update helps administrators address several management use cases involving resources in personal spaces and unpublished content in Qlik Sense applications.

Situations where this new ability is helpful include:

• Access orphaned resources and content when users are removed from the tenant.
• Change ownership from one user’s personal space to another.
• Programmatically publish content in Qlik Sense applications located in shared or managed spaces.
• Extract private content from Qlik Sense applications in managed spaces for app lifecycle management, such as promoting content to base-level.
• Backup and version control resource metadata, such as Qlik Sense applications, automations, data pipeline definitions, and more.
• Migrating resources and content from client-managed Qlik Sense to Qlik Cloud Analytics, or between Qlik Cloud tenants.

You can use this capability with qlik-cli, qlik-api, or calling tenant REST apis directly. This capability is not available in Qlik Cloud graphical user interfaces.

To learn more about how to configure and use this capability, please see the tutorial on managing personal and private content.

@qlik/api is a collection of javascript modules which each exposes an api built to make the integration process for javascript solutions as easy as possible. The library is built for both browser and NodeJS usage and will seamlessly integrate with qlik-embed libraries.

@qlik/api provides Qlik Cloud REST endpoints and access to the Qlik Analytics Engine (QIX).

REST

@qlik/api REST interfaces are generated from open-api specifications released from those Qlik Cloud services that exposes a restful API. The code generation tool runs using the specs, building typescript for all api calls documented in the specification. One module per api is generated.

You can learn more about the available modules in the REST section of the typescript types repository on Qlik Open Source.

QIX

Qlik’s Analytics Engine Service (QIX) is the runtime service for Qlik Sense applications and several analytics services in Qlik Cloud. @qlik/api offers a fully typed api for connecting to and consuming Qlik Sense Applications including “Qlik Sense mixins” which previously only was used internally by in-house Qlik developers.

More info about QIX can be found in the qix section.

Learn more about @qlik/api in the toolkits section.

This changelog provides 60 days’ deprecation notice of the Typescript version of the Platform SDK. The library is being replaced with the Qlik API.

The Qlik API offers the same capabilities and access to Qlik Cloud REST APIs and the Analytics engine, with the addition of officially supported Typescript types.

Switching from the Platform SDK to the Qlik API is straightforward, requiring only a few modifications to your code. The major change is in handling authentication when connecting to your Qlik Cloud tenant.

Authentication with @qlik/api:

//Backend applications
import { auth } from "@qlik/api";
auth.setDefaultHostConfig({
    authType: "oauth2",
    host: "<hostname>.<region>.qlikcloud.com",
    clientId: "<OAuth2_Client_ID>",
    clientSecret: "<OAuth2_Client_Secret>",    
  });

Authentication with Typescript Platform SDK:

const Qlik = require('@qlik/sdk').default;
const { AuthType } = require("@qlik/sdk");

const config =  {
  authType: AuthType.OAuth2,
  host: "<hostname>.<region>.qlikcloud.com",
  clientId: "<OAuth2_Client_ID>",
  clientSecret: "<OAuth2_Client_Secret>",
};

(async () => {
  const qlik = new Qlik(config);
  await qlik.auth.authorize();
})();

For more information about @qlik/api, refer to the release changelog for @qlik/api or visit the toolkit page at qlik-api.

Qlik is announcing a change in behavior for the Roles API. This API currently returns a list of all available roles on the tenant, and a change is being made to who can access this API.

As of April 9, 2024, only users assigned the Tenant Admin role will be able to access the roles API. All other users will be denied access with a http 403 error.

How to access role information for non-Tenant Admin users

Today, any user can retrieve role records as shown below. Once the change is made, any user without the TenantAdmin role will receive a http 403 forbidden response.

curl "https://<TENANT>/api/v1/roles" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
    "data": [
        {
            "id": "<ROLE_ID>",
            "tenantId": "<TENANT_ID>",
            "name": "<ROLE_NAME>",
        },
        ...
    ],
    "links": {
        "self": {
          "href": "https://<TENANT>/api/v1/roles"
        }
    }
}

Although users without the Tenant Admin role will not be able to return all roles in the tenant, they remain able to list the roles that they are assigned either directly, or via group membership. They can do this via the /api/v1/users/me endpoint.

curl "https://<TENANT>/api/v1/users/me?fields=assignedGroups,assignedRoles" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
  "id": "<USER_ID>",
  "assignedRoles": [
      {
        "id": "<ROLE_ID>",
        "name": "<ROLE_NAME>",
        "type": "default",
        "level": "user"
      },
      ...
  ],
  "assignedGroups": [
    {
      "id": "<GROUP_ID>",
      "name": "<GROUP_NAME>",
      "assignedRoles": [
        {
          "id": "<ROLE_ID>",
          "name": "<ROLE_NAME>",
          "type": "default",
          "level": "user"
        },
        ...
      ]
    },
    ...
  ],
  "links": {
      "self": {
        "href": "https://<TENANT>/api/v1/users/me?fields=assignedGroups,assignedRoles"
      }
  }
}

The Qlik Platform Operations connector is a connector for Qlik Application Automation that enables deployment and management of Qlik Cloud tenants without coding.

Note: Some of the block updates below feature breaking changes. Your existing automations will remain unaffected unless you choose to upgrade by clicking “Upgrade to latest version” on the block.

The following blocks have been added:

• Get Analytics Data Connection: retrieves the definition for a specific analytics data connection.
• Create Analytics Data Connection: enables creation of analytics data connections using the recently updated data-connections API.
• List Analytics Data Sources: lists all data sources available on the tenant against which data connections can be created.
• Get Analytics Data Source Properties: retrieves the properties of a specific data source for use when determining which connectionProperties to pass into a Create New Analytics Data Connection block.
• List Analytics Data Source Property Mapping: similar to Get Analytics Data Source Properties but formats the possible connectionProperties for easier programmatic use.
• List Analytics Data Source Gateways: lists available Qlik Direct Access Data Gateways on the tenant for a specific data source.
• Add Member To Space If Not Existing, Update If Existing: adds a user or group to a space if they are not already a member, or updates their roles if they are a member. Does not update users who are owners of a space.
• Count Remaining API Keys: returns the number of API keys that the requesting user is able to create on the tenant. This is a function of the maximum number of API keys per user, minus the number of keys the user currently has.
• Import Base 64 Encoded File To Temporary Contents: supports importing a base64-encoded file to the temporary contents service for downstream consumption in another service, such as report-templates.
• Export Base 64 Encoded File From Temporary Contents: supports exporting a base64-encoded file from the temporary contents service.
• Copy Analytics App: copies an analytics app on the same tenant.
• Generate Automation Schedule Definition: helps to create a valid automation schedule for use in the Create automation or Update automation blocks.

The following blocks have been updated:

• RAW API Request: breaking change - removed the key value entry input mode for this block due to incorrect translation of certain data types, leading to API errors. If you are using this block, make sure to create a copy before upgrading its version to avoid corrupting the input.
• RAW API Request With Headers: breaking change - removed the key value entry input mode for this block due to incorrect translation of certain data types, leading to API errors. If you are using this block, make sure to create a copy before upgrading its version to avoid corrupting the input.
• List Analytics Data Connections: additional input parameters have been added to align with available options on the API.
• List API Keys: additional input parameters have been added to align with available options on the API.
• Create API Keys: an example output has been added.
• List Collections: a new enum has been added for collection type.
• Create Collection If Not Existing: a new enum has been added for collection type.
• Create Automation: an input for the automation schedule has been added to the block.
• Update Automation: an input for the automation schedule has been added to the block.
• Create Group: block output has been updated to return the created group or groups.
• Update Roles Of Member From Space: removed unused required input assigneeId.
• Update User: added enums for user status.
• Publish App To Managed Space: an example output has been added.
• Republish App To Managed Space: an example output has been added.
• List Users: added information on how to list non-active users.
• List Collections: added enum for public collections (publicgoverned).

The following blocks have been renamed to improve consistency:

• List Data Connections: renamed to List Analytics Data Connections.
• Delete Data Connections: renamed to Delete Analytics Data Connections.

Review Qlik Platform Operations connector overview for information on how to get started using the connector.

Qlik Sense applications running in Qlik Cloud rely on Analytics Data Connections to load data from external sources. The first API to support the creation of these connections was the Data Connectivity as a Service (DCaaS) API released in September 2023 (see the DCaaS changelog), and this and additional capabilities have now been merged into the data-connections API.

This release of the data-connections API supports creation of standard analytics connections, as well as connections via the direct access gateway, to all analytics data sources.

An example creation request for a MySQL connection via a direct access Data Gateway:

curl --location "https://<TENANT>/api/v1/data-connections" ^
--header "Content-Type: application/json" ^
--header "Authorization: <ACCESS_TOKEN>" ^
--data "{
    \"dataSourceId\": \"DG_mysql\",
    \"qName\": \"<CONNECTION_NAME>\",
    \"space\": \"<SPACE_ID>\",
    \"connectionProperties\": {
        \"gatewayInstance\": \"<GATEWAY_ID>\",
        \"host\": \"<HOST>\",
        \"port\": \"3306\",
        \"database\": \"<DATABASE_NAME>\",
        \"username\": \"<USERNAME>\",
        \"password\": \"<PASSWORD>\"
    }
}"

If you are currently using the /api/v1/dcaas paths, you should transition to using the updated /api/v1/data-connections endpoints.

There are some differences between the parameters the two APIs accept, with data-connections maintaining legacy naming to remove the need for breaking changes in the API:

• The parameter for passing the name of the connection is qName rather than connectionName.
• The parameter for passing the ID of the space to create the connection in is space rather than spaceId.

Learn more about Analytics Data Connection APIs

To discover more about how to create Analytics Data Connections:

• Review the data connections topic to learn about the overall capability.
• Visit the create a connection tutorial to begin creating new connections.
• Understand how to create connections via the direct access data gateway.
• Review example connection creation requests.

To support customers in managing their users, groups, and tenants via API, Qlik has added the fields parameter to the Users API. This gives customers total control over the data returned when retrieving an individual user record.

Get user record

You can now specify which user attributes to include in the response. The following example illustrates how to request the “groups” field to be returned.

curl "https://<TENANT>/api/v1/users/xxxxxxxxxxxxxxxxxxxxxxxx?fields=groups" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

 # alternatively
curl "https://<TENANT>/api/v1/users/me?fields=groups" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
  "id": "xxxxxxxxxxxxxxxxxxxxxxxx",
  "groups": [
    "accounting",
    "developer"
  ]
}

Note: The “groups” field will not return system groups such as the “Everyone” group.

Qlik is announcing a 30-day deprecation window for an unpublished endpoint on the Groups API.

No sooner than 30 days from the date of this notice, GET /api/v1/groups/user-claims/:userID will be removed from the Groups API.

To migrate to a published endpoint, use GET /api/v1/users/:id.

curl "https://<TENANT>/api/v1/users/<USER_ID>?fields=groups" \
 -H "Authorization: Bearer <ACCESS_TOKEN>"

# Http 200 - Ok
{
  "id": "<USER_ID>",
  "groups": [
    "accounting",
    "developer"
  ]
}

Note: This changelog was updated on February 20, 2024 to clarify the customer impact of this change.

Qlik regularly reviews the resources offered to platform developers to help them build better solutions with Qlik Products, and has identified low usage of the open source nebula.js and mobile visualization libraries.

These libraries were originally published to foster collaboration and engagement with developers as they customized or developed visualizations, but due to customer feedback and usage data, these will be moved back to closed source. Moving these projects back to closed source will support better integration with internal build and test tooling, and free up resources for investment in these and other visualizations.

No sooner than 30 days from the date of this notice, Qlik will stop updates to the following repositories, and set them as archived:

• carbon-core
• dist-flow
• react-native-carbon
• react-native-helium
• react-native-simple-grid
• sn-action-button
• sn-container
• sn-list-objects
• sn-map
• sn-mekko-chart
• sn-network-chart
• sn-org-chart
• sn-scatter-plot
• sn-treemap
• sn-word-cloud

The following repositories were previously archived:

• sn-pivot-table
• sn-table

Although Qlik will no longer accept community contributions to these repositories, the consumption of these libraries and components remains unchanged. Customers should continue to leverage the NPM packages for each component for use in their web apps. Existing integrations using these NPM packages will not be impacted by this change.

Any issues found while using the NPM packages should be raised via Qlik Support.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

The following blocks have been added:

• Get Current Tenant Hostname: returns the hostname for the tenant the automation is running on.
• List Analytics Reloads: returns results from the Reloads API to list analytics reload information.
• Add Role To User By Name: supports addition of individual roles to users by the name of the role.
• Remove Role From User By Name: supports removal of individual roles from users by the name of the role.
• Create collection If Not Existing: checks to see if a collection exists, if so, returns the collection, if not, creates the collection.
• Get Sharing Settings: retrieves the current configuration of the sharing service for various reporting and sharing features in the tenant.
• Update Sharing Settings: changes the configuration of the sharing service to turn on or off various reporting and sharing features in the tenant.
• RAW API Request With Headers: similar to the RAW API Request block, but appends the response headers to the response body, since some Qlik Cloud APIs return information in the header.

The following blocks have been updated:

• Get API Key Settings: removed the need to pass the tenantId as a block input, since you can only make requests for the tenant you pass the request to.
• Update API Key Settings: removed the need to pass the tenantId as a block input, since you can only make requests for the tenant you pass the request to.
• Update Collection: added support for changing collection type from private to publicgoverned to support managing public collections.

The following blocks have been renamed to improve consistency:

• Enable Data Alerts: renamed to Update Data Alert Settings.
• Get Auto Create Group Setting: renamed to Get Auto Create Group Settings.
• Update Auto Create Group Setting: renamed to Update Auto Create Group Settings.
• Trigger Enable Notes Settings: renamed to Update Notes Settings.

Review how to get started with the Platform Operations connector.

This changelog provides 30 days’ notice of the deprecation and removal of two attributes in the POST /v1/sharing-tasks endpoint. This endpoint is used to create new sharing tasks. Other methods are not affected.

Previously, the attributes allowed you to provide a different name for an asset than the system name. With the upcoming changes, the service will no longer apply user-provided values, instead, it will use the system name of the asset.

The attributes are:

• root>appName - the name of the source Qlik Sense application
• root>excelData>name - the name of the report template used to generate output

No changes are needed to your code, as the API will continue to accept payloads with these attributes, but it will ignore any provided values.

Changes will be made no fewer than 30 days from the date of this notice.

For more information on Qlik’s API policies, please refer to the API policy page.

For more information on this API, please review the Sharing tasks API specification.

Qlik Cloud Data Integration is a powerful data integration fabric that helps data engineers deliver, transform, and unify enterprise data in real-time via automated, governed, and reusable data pipelines.

The new di-projects APIs can be leveraged by your usual API tooling, or via the Qlik Application Automation connector, providing a way to:

• List Projects: Retrieves a list of data projects which belong to a given data space
• List Data Tasks: Retrieves a list of data tasks that belong to a given data project
• Get Project: retrieves a data project’s information using its ID
• Get Data Task: Retrieves a single data task, using the project and task IDs
• Start Data Task: Starts a data task run, using the project and task IDs
• Stop Data Task: Stops a data task run, using the project and task IDs
• Get Data Task Runtime State: Retrieves the runtime state of a data task, using the project and task Ids returning the list of data integration

With this first iteration, users are able to create workflows that run Qlik Cloud Data Integration tasks, such as:

• Starting a data task, waiting for it to finish, and proceeding to start another data task.
• Implementing conditions in an automation which are not implemented yet in Qlik Cloud Data Integration, like running a task only after all the sources have been updated.
• Building a workflow that stops CDC tasks before running some backend maintenance and then starting the CDC task again.

You can leverage Qlik Application Automation to do this without code:

Example API call to retrieve tasks for a project via your own API tooling:

curl "https://your-tenant.us.qlikcloud.com/api/v1/di-projects/{projectId}/di-tasks/{dataTaskId}" \
 -H "Authorization: Bearer <API-key>"

If the task exists, and you have access to it, you will receive a 200 response with details of the task:

{
 "id": "sqlserver_data_landing-5h5M",
 "name": "SQLServer-data_Landing",
 "type": "LANDING",
 "ownerId": "64ff3381259ad349da2046a9",
 "spaceId": "6502c7c2562be31c8343bbd4",
 "description": "This is the landing task for SQL server"
}

Now that you have the task, you can start it:

curl "https://your-tenant.us.qlikcloud.com/api/v1/di-projects/{projectId}/di-tasks/{dataTaskId}/runtime/actions/start" \
-X POST \
-H "Authorization: Bearer <API-key>"

If successful, you will receive a 204 response with no body.

Review the DI projects API specification for more information about this API.

Qlik offers customers the ability to encrypt their tenants with their own key. The Encryption API provides you with the ability to deploy, manage, and cycle encryption keys on one or more Qlik Cloud tenants via supported providers.

In the initial release of the Encryption API, the API supported both single and multi-region Key Management Service (KMS) keys.

Multi-region keys support Disaster Recovery Processes. Tenants configured with a single-region key will not operate if Qlik Cloud is cut over to a DR region, therefore Qlik is removing support for single-region keys for new CMK providers. If you are currently using a single-region key, Qlik recommends that you create a multi-region key to seamlessly use your tenant in a back-up region in case of an outage in your primary region.

In no sooner than 30 days from the date of this post, new CMK provider configurations will require a multi-region key. Existing single-region CMK configurations will not be impacted.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Following on from the addition of space type filtering to the items API, the Space Type filter has been added to the following blocks:

• List items
• List apps

The deprecated Shared filter has been removed from new and updated blocks. This does not impact blocks which are already in use in running automations.

Review how to get started with the Platform Operations connector.

Tabular reporting enables Qlik Cloud customers to address common operational report distribution requirements, such as providing:

• Custom and highly formatted Excel documents from Qlik data and Qlik visualizations
• Paginated tables of sales/transactional data
• Repeated sheets of departmental analysis

Qlik has published APIs and endpoints to support programmatically managing, deploying, and maintaining this capability:

• The Sharing Tasks API supports the creation and management of Report Tasks.
• The Report Templates API gives you access to the Excel templates used to generate tabular reporting output.
• The Report Filters endpoints provide access to filters used when configuring Report Tasks.
• The Reports API can now be used to trigger tabular report generation via the sense-excel-template-1.0 template type.

Learn more about:

• How to use these APIs to programmatically deploy tabular reports between apps, spaces, and tenants
• How to create and configure reports with the tabular reporting capability in your Qlik Cloud tenant

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Previously, the Qlik Platform Operations connector supported cross-tenant API calls only to the domain *.qlikcloud.com.

This update brings support for calling any Qlik Cloud tenant, including those in Qlik Cloud Government regions. Due to differences in Qlik Cloud Government, it is not yet possible to use the tenant create, deactivate, or reactivate blocks on Qlik Cloud Government tenants.

Additionally, the connector now supports passing a full tenant hostname. This means that you can now use either of these formats to connect to a tenant:

• tenantname.region.qlikcloud.com - the full tenant hostname (recommended)
• tenantname.region - the legacy, reduced path

It is now recommended that you use the full tenant hostname on all blocks for any new automations you create with the Platform Operations connector, by using the generic Variable block to define the hostname at the automation level.

Review how to get started with the Platform Operations connector.

qlik-embed is Qlik’s new library for embedding data and analytics UI with confidence and ease. Browsers like Chrome and Safari are making it more complex to embed content from one software application to another, and you are encouraged to use qlik-embed to keep pace with evolving privacy and security standards.

With a simple script defining how you want to connect to Qlik, you can embed content from Qlik applications using web-components as easily as this:

<qlik-embed
  id="visualization"
  ui="analytics/chart"
  app-id="<Qlik Sense Application ID>"
  object-id="<Chart object ID>"
></qlik-embed>

You can also take advantage of a framework like React:

import { QlikEmbed } from "@qlik/embed-react";
<QlikEmbed ui="analytics/chart" appId={appId} objectId={objectId} />

Learn more about embedded analytics for the modern web here, or explore the reorganised embed section, which makes it easier to find content for your framework of choice.

If you’d like to jump into a real example, check out this quickstart.

Qlik is implementing guardrails on uploads to the Extensions and Themes APIs. These APIs enable the addition of third-party visualizations and third-party formatting and color schemes for use in Qlik Sense applications.

These changes will take effect no later than 30 days from the date of this notice.

Planned changes:

• Maximum archive size: 30 MB - this is larger than any theme currently deployed to Qlik Cloud, and it is recommended to make themes as small as possible to ensure that they do not impact the load time in Qlik Sense.
• Maximum individual file size: 30 MB - this is linked to the maximum archive size.
• Maximum total size of files in ZIP: 100 MB - this value is based on the uncompressed size of items in the archive, hence in most cases users will be limited based on the maximum archive size of 30 MB.
• Maximum number of files: 500 - if your theme or extension has more files than this, consider leveraging a bundler to build similar file types together.

Review the Extensions API and Themes API specifications for further information on these APIs.

The PATCH method has been added to the Collections API, giving you the ability to update more collection metadata, with greater flexibility.

The Collections API is the engine behind public and private collections, but also tags assigned to content in the Items API.

With the PATCH method, you no longer need to send a full PUT payload when updating collections, simplifying the calls, and reducing access control complexity.

To make a private collection public (assuming you have the appropriate access rights, and at least one item in the collection), you must change the type of the collection from private to publicgoverned:

curl "https://your-tenant.us.qlikcloud.com/api/v1/collections/{collectionId}" ^
 -X PATCH ^
 -H "Authorization: Bearer <API-key>" ^
 -H "Content-type: application/json" ^
 -d '[{"op":"replace","path":"/type","value":"publicgoverned"}]'

Example response:

{
    "name": "My Public Collection",
    "description": "A logical grouping of content for a business unit or team, which still respects space permissions.",
    "type": "publicgoverned",
    "id": "{collectionId}",
    ...
}

To unpublish the collection, change the type back to private.

The PATCH operation can also be used on the name and description of the collection.

Review the Collections API specification for further information.

Qlik Application Automation provides you with the ability to create workflows in a no-code interface. Most Application Automation connectors require a connection to a data source, containing information on where the data source is, connection credentials, and more.

The automation-connections API provides a way of returning the list of connections that the user has access to. This is useful for audits, and also when programmatically deploying, backing up, and restoring automations.

To retrieve a list of connections:

curl "https://your-tenant.us.qlikcloud.com/api/v1/automation-connections" \
 -H "Authorization: Bearer <API-key>"

An example response, returning a single connection for the Qlik Cloud Services connector.

{
    "links": {
        "prev": {
            "href": null
        },
        "next": {
            "href": null
        }
    },
    "data": [
        {
            "id": "78dc7c00-7af0-11ed-bb39-bd3b23861504",
            "name": "Qlik Cloud Services",
            "isConnected": true,
            "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c",
            "createdAt": "2022-12-13T14:14:35.000000Z",
            "updatedAt": "2022-12-13T14:14:35.000000Z",
            "ownerId": "637390ec6541614d3a88d6c1"
        }
    ]
}

Note that some connections returned via this API will not be visible in the user interface. In this example, the Qlik Cloud Services connector automatically generates and manages its connection on behalf of any user who uses the connector. This means that the API will return the connection, but users will not be able to manage it. Review the documentation for each connector for connection details.

Review the Automation Connections API specification for more information about this API.

The query parameter orphans has been added to the Licenses API to help identify licenses assigned to users who do not exist in the tenant upon which the call is made.

Assignment of licenses is keyed on the user subject, which is a unique string provided by the Identity Provider. These assignments are handled separately to users in the tenant, since a single entitlement can support more than one Qlik Cloud tenant, or Qlik Sense Enterprise Client-managed site. This means that calls to the users API on a tenant will return only users on that tenant, while a call to licenses/assignments returns all global assignments to that entitlement.

In use cases where you have only 1 tenant, and want to track down and remove assignments not linked to users, you can leverage the below API call, or automation snippet to return a list of these assignments.

To call via code:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/licenses/assignments?orphans=true' ^
--header 'Authorization: Bearer <API_KEY>'

To call via an automation, and output a table of assignments, review the find orphaned assignments example.

Review the license assignments endpoint specification for further information.

The format for OAuth 2.0 access tokens issued by Qlik Cloud has changed to remove private data about the access token for security purposes. With this change access tokens no longer include information about the tenant or user.

Do not inspect access tokens. They are to be treated as opaque values. Qlik Cloud access token format is not documented and is subject to change.

Client applications can use the access token to obtain data from Qlik Cloud using published APIs. For example, the client can request user information from the api/v1/users/me endpoint with the access token.

For change purposes, here is the new format of the access token compared to the old format.

New format

{
  "subType": "user",
  "purpose": "accessToken",
  "jti": "KF_xLCfjmaJJCNx0X4mT_oBsAfFiUb6g",
  "iat": 1701174495,
  "exp": 1701196095,
  "aud": "https://tenant.us.example.com",
  "iss": "qlik.api"
}

Old format

{
  "sub": "8o0raWkhGS6J9Psgu03j6av-hrffhhu1",
  "subType": "user",
  "tenantId": "J5XP4G7osoRlVjbj3oL_rYgZU3GAWmV6",
  "userId": "8o0raWkhGS6J9Psgu03j6av-hrffhhu1",
  "clientId": "45ab6571f94d9e6dc507ea976f67e780",
  "origin": "http://localhost:5000",
  "grantId": "64550d07a1c5c8c91f43c3a1",
  "scope": "user_default",
  "allowedLocations": [
    "header"
  ],
  "jti": "BF-Tl8CvHn6kFjUEttXDLp1Yhzu5wD7p",
  "iat": 1683295522,
  "exp": 1683317122,
  "aud": "https://tenant.us.example.com",
  "iss": "qlik.api"
}

The query parameter spaceType has been added to the Items API to help better support programmatic CICD workflows where you need to deploy and manage content across different space types.

Supported space types for the filter:

• shared
• managed
• data
• personal

This new query parameter is useful for listing items within just one specific space type or within a couple of selected space types.

Note: The query parameter shared is now deprecated in favor of the new query parameter spaceType,which provides support for all space types as opposed to just shared spaces. shared will be removed no sooner than 60 days from the date of this notice.

Example:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/items?spaceType=shared,personal' \
--header 'Authorization: Bearer <API_KEY>'

Review the Items API specification for further information.

Qlik offers customers the ability to encrypt their tenants with their own key. The new encryption API provides you with the ability to deploy, manage, and cycle encryption keys on one or more Qlik Cloud tenants via supported providers.

Create & migrate to a new key provider

Here’s an example of a cURL command that creates a new key provider:

curl --location "<TENANT>/api/v1/encryption/keyproviders" ^
--header "Authorization: Bearer <ACCESS_TOKEN>" ^
--header "Content-Type: application/json" ^
--data "{\"name\": \"<KEY_PROVIDER_NAME>\", \"arn\": \"<KMS_KEY_ARN>\", \"keyprovider\": \"AWS-KMS\" }"

The result is a JSON object that shows the details of the newly created KMS key provider.

{
    "name": "<KEY_PROVIDER_NAME>",
    "tenantId": "<TENANT_ID>",
    "arn": "<KMS_KEY_ARN>",
    "arnFingerPrint": "<ARN_FINGERPRINT>",
    "keyprovider": "AWS-KMS",
    "createdAt": "2023-07-14T18:17:23Z",
    "promotedToCurrentAt": "0001-01-01T00:00:00Z",
    "demotedFromCurrentAt": "0001-01-01T00:00:00Z"
}

You can then migrate from the currently active key provider to the new key provider specified by <ARN_FINGERPRINT>. Upon successful migration, the migrated key provider becomes active.

curl -L "https://<TENANT>/api/v1/encryption/keyproviders/<ARN_FINGERPRINT>/actions/migrate" ^
-X POST ^
--header "Content-Type: application/json" ^
--header "Authorization: Bearer <ACCESS_TOKEN>"

The result is a JSON object that shows the details of the key provider migration.

{
    "migrationId": "c75088bc-cfba-410a-aeda-2a5dd797f528",
    "tenantId": "<TENANT_ID>",
    "migratingFrom": "v1:rTfjXBtXurvLxUJqE4dvgyXIm6zLiaIE:iiTaqy+LNXkmCVEBN9mOwKwsNQZ0UdNUWW7s5TptbOrU67qAALinKb+UZUKBHYgVGflHmp2t2CvtBK4G",
    "migratingTo": "<KMS_KEY_ARN>",
    "migratingToFingerPrint": "<ARN_FINGERPRINT>",
    "migratingToPrefix": "#BYOKv1#:<ARN_FINGERPRINT>",
    "state": "New",
    "initiatedAt": "2023-07-18T12:08:04.634711507Z",
    "completedAt": "0001-01-01T00:00:00Z"
}

Learn more about tenant encryption

To learn more:

• Review the encrypt tenants topic to learn how to send common requests.
• Visit the configuring tenant encryption documentation to learn about the overall capability.
• Read the no-code options for managing encryption to learn how to manage lifecycles in Qlik Application Automation.
• Access the encrypt tenants API specification to see the full specification.

This changelog provides 60 days notice of deprecation and removal of the /v1/automations/settings endpoints.

These endpoints turn on and off Qlik Application Automation on a tenant, and this capability was superceeded by the addition in July 2023 of a new role, Automation Creator. This new role provides much greater flexibility in who can use automations, including at tenant, group, and user level.

For more information on Qlik’s API policies, please refer to the API policy page.

Migrating to use the automation creator role

To provide all users in the tenant with access to create and run automations, you must add the AutomationCreator role to the Everyone group.

Assuming the Everyone group already had the PrivateAnalyticsContentCreator role assigned, you would send a request to replace the assignedRoles with the new list of PrivateAnalyticsContentCreator and AutomationCreator:

curl -L -X PATCH "https://<TENANT>/api/v1/groups/000000000000000000000001" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-H "Accept: application/json" ^
-d "[{\"op\": \"replace\", \"path\": \"/assignedRoles\", \"value\": [{\"name\": \"PrivateAnalyticsContentCreator\"}, {\"name\": \"SharedSpaceCreator\"}]}]"

If successful, an empty response with an http 204 code is returned.

In a similar way, you can also assign access to groups from your Identity Provider, or to individual users.

For more information, please review the configure application automation topic.

The query parameter “type” has been added to the Spaces API. Supported filter values: user or group.

This feature is useful for limiting the number of assignments returned from the endpoint in cases where only one of the assignment types is of interest.

Example:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/spaces/<id>/assignments?type=user' \
--header 'Authorization: Bearer <API_KEY>'

Review the Spaces API specification for further information.

Update: This changelog was updated to add information on the other services impacted by this change, and how to move to the new event on 2023-11-23. The event change was deployed on 2023-11-14.

Qlik Cloud leverages an event driven architecture to communicate between the services in the platform. To support customer use cases, Qlik surfaces some of these events. These events may be made accessible in several ways, via:

• The audits API, which provides visibility of events in your Qlik Cloud tenant. This data is also accessible in the Events page in the management console.
• As an event you can subscribe to from a third party application via the Webhook service.
• As an event you can subscribe to from Application Automation via the Qlik Cloud Services connector start block.

The event emitted when an analytics reload completes, com.qlik.app.reload.ended, will be replaced by com.qlik.v1.app.reload.finished no sooner than 30 days from this notice. The events presented in the webhooks service, and on the Qlik Cloud Services connector will also be updated to reflect the new format.

Note: The com.qlik.app.reload.ended event is experimental and unpublished. In general, Qlik does not post deprecation notices for experimental and/or unpublished events. An exception has been made in this circumstance because of the external usage of this event. Qlik reserves the right to deprecate without notice experimental and/or unpublished events.

The key differences for com.qlik.v1.app.reload.finished are:

• Layout and field name changes, such as:
  • The location of the app ID has changed from data>id to extensions>topLevelResourceId.
  • The location of the space ID has changed from data>spaceId to extensions>spaceId.
• The statements section will not return data, since more complex reloads can make the payload of the event too large. You can still access this information using the app reload metadata API endpoint, if required.
• The event is published, and stable

Review the Audits API specification, and the app reload finished event specification for further information.

Qlik Sense applications running in Qlik Cloud rely on Analytics Data Connections to load data from external sources. The new Data Connectivity as a Service (DCaaS) API provides you with the ability to provision new Analytics Data Connections to supported sources using any supported authentication type.

This release of the DCaaS API supports creation of direct connections to:

• REST
• Microsoft SQL Server
• Databricks
• Google Big Query
• Amazon S3 (Web Storage and Metadata, via either v1 or v2 connector)
• Google Cloud Storage (Web Storage and Metadata)
• SFTP
• SFDC

Note: Connections via the Direct Access or Data Movement Gateway are not supported in this release. Non-analytics data connections cannot be configured via DCaaS.

Additionally, support for calls to paths /api/v1/dcaas and /api/v1/data-credentials have been added to the Raw blocks in the Qlik Cloud Services connector in Qlik Application Automation (Qlik Platform Operations allows all endpoints by default).

Learn more about Analytics Data Connections

To discover more about how to create Analytics Data Connections:

• Review the data connections topic to learn about the overall capability.
• Visit the create a connection tutorial to begin creating new connections.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Block updates:

The following blocks have been added to the connector:

• Deactivate tenant
• Reactivate tenant

These blocks add support for the deactivation, and eventual deletion of tenants from Qlik Cloud. For further information, refer to the delete tenant changelog.

Review how to get started with the Platform Operations connector.

Minimum and maximum values have been added (which were already restricted in the implementation details) for the limit parameter in the /audits endpoint.

• minimum: 1 (minimum value can be set as limit parameter)
• maximum: 100 (maximum value can be set as limit parameter)
• default: 10 (default value of the limit parameter if not set)

Example:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/audits?limit=<LIMIT>' ^
--header 'Authorization: Bearer <API_KEY>'

Review the Audits API specification for further information.

New query parameters have been added to the Reloads API, giving you additional flexibility in monitoring and managing analytics reloads in your tenant.

Additions:

• filter - allows you to filter on status and partial with equals (eq).
• log - allows you to turn off the log that is usually returned with every API call to improve response time.

To filter on a single status (RELOADING),and exclude the logs:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/reloads' ^
--header 'Authorization: Bearer <ACCESS_TOKEN>' ^
--header 'Content-type: application/json' ^
--header 'Accept: application/json' ^
--data-urlencode 'filter=status eq "RELOADING"' ^
--data-urlencode 'log=false'

To filter on multiple statuses (QUEUED and RELOADING), and exclude the logs:

curl --get --location 'https://<TENANT>.<REGION>.qlikcloud.com/api/v1/reloads' ^
--header 'Authorization: Bearer <ACCESS_TOKEN>' ^
--header 'Content-type: application/json' ^
--header 'Accept: application/json' ^
--data-urlencode 'filter=(status eq "RELOADING") OR (status eq "QUEUED")' ^
--data-urlencode 'log=false'

Review the Reloads API specification for further information.

Tenants are the highest level of logical separation in Qlik Cloud available to Qlik customers. When using a multitenant entitlement, you can now programatically delete tenants via API.

If you are a customer with a single tenant entitlement, contact Qlik for assistance with deleting your tenant.

The most common use case for tenant deletion is in an OEM context where you create a tenant per end customer and need to offboard customers and delete their tenant as their contracts with you come to an end. To learn more the lifecycle of OEM in Qlik Cloud, review the Platform Operations tutorial series.

Important! Deleting a tenant is a permanent action. Neither you nor Qlik can restore data from the tenant after it has been purged from Qlik Cloud. Use this capability with caution.

Deactivate & reactivate a tenant

To deactivate a tenant and schedule it for deletion in 15 days, send this request:

curl -L "https://register.eu.qlikcloud.com/api/v1/tenants/TENANT_ID/actions/deactivate" ^
-H "Authorization: Bearer ACCESS_TOKEN" ^
-H "qlik-confirm-hostname: my-tenant.eu.qlikcloud.com" ^
-H "Content-Type: application/json" ^
-H "Accept: application/json"
-d "{\"purgeAfterDays\": 15}"

This response indicates that the tenant is in a deactivated state:

{
    "id": "zWbTyyJ5lzYLnm9taTD49ja4JVdNKBUM",
    "status": "disabled",
    "estimatedPurgeDate": "2023-07-30T14:01:22.000Z"
}

To reactivate a tenant before the estimated purge date, send this request:

curl -L "https://register.eu.qlikcloud.com/api/v1/tenants/TENANT_ID/actions/reactivate" ^
-H "Authorization: Bearer ACCESS_TOKEN" ^
-H "qlik-confirm-hostname: my-tenant.eu.qlikcloud.com" ^
-H "Content-Type: application/json" ^
-H "Accept: application/json"

This response indicates that the tenant is in an activated state:

{
    "id": "zWbTyyJ5lzYLnm9taTD49ja4JVdNKBUM",
    "status": "active"
}

Learn more

To discover more about tenant deletion:

• Review the delete tenants topic to learn about the overall capability.
• Visit the delete a tenant tutorial in the Platform Operation series to view this in context of a programmatic tenant deployment.
• Access the delete tenants API specification to see the full specification.

Typescript v0.24.0: New API Intakes and Maintainance

feat: Intake Brands API

The [brands] API supports the creation and management of brands in the tenant. This allows you to provide a custom logo and favicon to help you enhance the user experience for your users. Below is an example of how you can use the API.

Important: Use of the brands API is permitted for OEM use cases only.

const qlik = new Qlik({...});
// upload a new logo
const logo = fs.readFileSync(path.join(__dirname, 'assets/logo.png'));
const brand = await qlik.brands.create(logo, 'my_awesome_logo');
// activate/deactivate and delete
await qlik.brands.activate(brand.id);
await qlik.brands.deactivate(brand.id);
await qlik.brands.delete(brand.id);

See full API reference here

feat: Intake Tenants API

const { tenants, users } = new Qlik({...});
// checks tenant/me
const { id } = await tenants.getMe();
const { tenantId } = await users.getMe();

// get a tenant & update settings
let tenant = await tenants.get(id);
const orgEnableAnalyticCreationSettings = tenant.enableAnalyticCreation;
await tenant.patch([{ op: 'replace', path: '/enableAnalyticCreation', value: !orgEnableAnalyticCreationSettings }]);

See full API reference here

Bugfixes

• ⚠️ Breaking - fix: method name fixes in various APIs

// example method name changes:
app.recommendInsightAnalyses(...); // was previously app.recommend(...)
automation.retryRun(...); // was previously automation.retry(...)
// & some plural/singular fixes
collections.getFavorites(); // was previously collections.getFavorite()
webhook.getDelivery(...); // was previously webhook.getDeliverie(...)

Other Fixes

• fix: render inline response object
• fix: random nbr in group test by
• fix: bump spectacular.ts to latest

To get started with the Qlik Typescript SDK, clik here

Python v0.16.0: New API Intakes and Fixes

feat: Intake for Brands API

brands = Brands(config=config)
# create upload logo to your tenant
file_dir = os.path.dirname(os.path.abspath(__file__))
logo_path = os.path.join(file_dir, "logo.png")
with open(logo_path, "rb") as logo_file:
    brand = brands.create(logo=logo_file, name="my_awesome_logo")
# get / activate / deactivate
brands.get(brand_id=brand.id)
brands.activate(brand_id=brand.id)
brands.deactivate(brand_id=brand.id)

See full API reference here

feat: Tenants API

tenants = Tenants(config=config)
# fetch information about your tenant
my_tenant = tenants.get_me()

# change settings
tenant_analytic_creation_setting = my_tenant.enableAnalyticCreation
my_tenant.patch(
    data=[
        {
            "op": "replace",
            "path": "/enableAnalyticCreation",
            "value": True,
        }
    ]
)

See full API reference here

feat: Intake for Notes API

notes = Notes(config=config)
# fetch notes settings
notes_settings = notes.get_settings()
# set settings programatically
notes.set_settings(data={"toggledOn": True, "snapshotRelations": True})

fix: [breaking change] variouse plurals/singular method names fixes

# webhooks.get_deliverie(..) changed to:
webhooks.get_delivery(..)
# collections.get_favorite(..) is now:
collections.get_favorites(..)
# and more

See full API reference here

To get started with the Qlik Python SDK, clik here

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Block updates:

The following blocks have been added to the connector:

• Get tenant name
• Get tenant alias
• Create key provider (part of Customer Managed Keys release)
• Get key provider by fingerprint (part of Customer Managed Keys release)
• Get ongoing migration details (part of Customer Managed Keys release)
• Reset a migration to Qlik provider (part of Customer Managed Keys release)
• List key providers (part of Customer Managed Keys release)
• Trigger migration (part of Customer Managed Keys release)
• Validate key provider (part of Customer Managed Keys release)

The following blocks have been updated in the connector:

• Get tenant - this has been updated to use the new tenants endpoints
• List automations - additional filter options have been added
• Update tenant - made easier to use

Review how to get started with the Platform Operations connector.

Qlik-Cli v2.22.0

feat: Intake of the brands API

This API allows you to manage the branding of a tenant. For example, you can customize logos and favicons with your brand. You can activate this by using the command:

qlik brand create --name=<name> --file-logo=<logo.png> --file-favIcon=<icon.ico>
qlik brand activate <brand-id>

feat: Intake of group-create

The group-create command is a command used for creating groups. It can be used for managing access control for multiple users at the same time. For example, you can create a group called developers with the “Developer” role assigned.

qlik group create --name=developers --assignedRoles='[{"name":"Developer"}]'

You can get a complete list of roles using the command qlik role ls. --assignedRoles accepts either an ID or the name of a role.

feat: Tenant-edit command

The tenant-edit command now allows you to update your tenant-configuration in a command-line-editor of your choice.

• docs: Edit-commands are no longer experimental
• docs: The identity-provider commands are no longer experimental
• fix: Bug when providing required body parameters from a file using the --file flag.

Say hello to the new Example section on qlik.dev. This new section provides you with quick access to commonly used code snippets and scripts you can adapt and integrate into your projects.

Every example in this section will have a card providing a brief description and the language or tool you can use with it.

There are a lot of examples to share with you, and they’re being added to the gallery frequently, so make sure to subscribe to the changelog using the RSS link at the top of the page so you can stay up to date.

If you experience an issue with a snippet, please open an issue at the Qlik Cloud examples repository on Qlik’s open source Github. Include a link to the example, the problem, and if you have one, your proposed solution.

You can peruse the examples section here.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Block updates:

The following blocks have been added to the connector:

• Get group
• Update group
• Add Role To Group By Name
• Remove Role From Group By Name
• Get tenant
• Update tenant
• Create space if not existing

The following blocks have been updated in the connector:

• Create group - this has been updated to leverage the recently released groups REST API

Review how to get started with the Platform Operations connector.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Change to ratelimit handling

When making API calls against Qlik’s APIs, you are subject to ratelimits as described on our ratelimits page.

Previously, hitting a ratelimit during an automation would cause a failure of the automation, but new handling has been added that has changed the behaviour to respect the retry-after header returned when the ratelimit is hit.

This addition means you can remove any custom ratelimit handling implemented within your automations. It should now result in automations, which were failing previously, running until completion.

This change applies to all blocks on the Platform Operations connector.

Block updates

The following blocks have been updated in the connector:

• Update auto create group settings - this has been updated to ensure that the value of both autoCreateGroups and syncIdpGroups are toggled on each call. This is to ensure parity with the behavior in the management console. If you wish to change these independently in future, use the Raw API call block.

Review how to get started with the Platform Operations connector.

This changelog provides 60 days notice of deprecation and removal of some undocumented attributes from the response of the /v1/licenses/assignments endpoint.

Qlik is making changes to ensure removal of user names and other identifiable information from APIs where the data is available via other, more appropriate APIs.

For more information on Qlik’s API policies, please refer to the API policy page.

Deprecation of response attributes

The attributes name and userId will be removed from the response from the /v1/licenses/assignments endpoint. These are optional, undocumented attributes that can be set when assigning a license. It will still be possible to use these attributes in the API filter.

Note: The endpoint will continue to return the user’s subject as their primary identifier. Qlik recommends not using personally identifiable information (PII) in the subject attribute in Qlik Cloud. A good practice is to use system generated GUIDs to uniquely identify users.

When set on a license assignment, the response currently looks like:

{
    "subject": "QLIKBOT\\f0e92f326ac77427df155940fec39e6b",
    "type": "professional",
    "userId": "637390ec6541614d3a88d6c1",
    "name": "EU OAuth Client",
    "excess": false,
    "created": "2023-06-29T12:24:34.639Z"
}

After deprecation, the endpoint will return:

{
    "subject": "QLIKBOT\\f0e92f326ac77427df155940fec39e6b",
    "type": "professional",
    "excess": false,
    "created": "2023-06-29T12:24:34.639Z"
}

If you need to look up the userId and name, you can retrieve these using the list users endpoint.

curl --get --location 'https://<tenant>.<region>.qlikcloud.com/api/v1/users' ^
--header 'Authorization: Bearer <token>' ^
--header 'Content-type: application/json' ^
--header 'Accept: application/json' ^
--data-urlencode 'filter=subject eq "QLIKBOT\\f0e92f326ac77427df155940fec39e6b"'

This will return the full user information for the user with that subject, including the most current name and userId (returned as id) attributes.

{
   "data":[
      {
         "id":"637390ec6541614d3a88d6c2",
         "tenantId":"BL4tTJ4S7xrHTcq0zQxQrJ5qB1_Q6cSo",
         "clientId":"f0e92f326ac77427df155940fec39e6b",
         "status":"active",
         "subject":"qlikbot\\f0e92f326ac77427df155940fec39e6a",
         "name":"EU OAuth Client",
         ...

For more information on the license assignment endpoint, please review the v1/licenses/assignments specification.

Qlik-Cli v2.21.0

• feat: Intake for note settings

qlik note settings update --toggledOn=true

• feat: Intake of the transports API

qlik transport email-config ls # list email configuration settings
qlik transport email-config validate # validate the config

• feat: Tenants API - updates

qlik tenant me # get current tenant information
qlik tenant patch <tenantId> 

• fix: make tcs default in data-file create and update by making resumable flag default true

# to set resumable to false
qlik data-file create  --name <fileName> --file <filePath>  --resumable=false

• docs: Explain quotes in body for Windows

• fix: remove deprecated app-evaluator endpoint

• fix: consistency in the data-file command now update use TCS like data-file create

• fix: checks if context already exists in init command

• fix: handle request bodies with a body property

Typescript 0.23.0: Browser friendly library

⚠️ Breaking - in this release all the data structures are now type aliases previously they were data classes

// previously
import { GenericSheetProperties } from '@qlik/sdk';
const sheetProperties = new GenericSheetProperties({...});

// now
import type { GenericSheetProperties } from '@qlik/sdk';
const sheetProperties: GenericSheetProperties = {...};

This change reduces drastically the bundle size of the library making it more optimized for browsers.

• feat: notes settings API

import { Notes } from '@qlik/sdk';
const notes = new Notes({...});
await notes.setSettings({ toggledOn: true });

• feat: transport API email-config

import { Transports } from '@qlik/sdk';
const transports = new Transports({...});
const emailConfig = await transports.getEmailConfig();
const validated = await transports.validate();

• feat: apps API - change-owner on objects

// create a sheet
const sheet = await app.createSheet({ qMetaDef:{ title: 'temp sheet' } });
// change owner of the sheet
await app.changeOwner(sheet.id, { ownerId: anotherUser.id });

• feat: groups API - create groups

You can now create groups using directly the groups API

import Qlik from '@qlik/cli';

const { roles, groups } = new Qlik({...});
// fetch the tenant admin role
const [ tenantAdminRole ] = await roles.getRoles({ filter: 'name eq "TenantAdmin"' });
// create group named avengers with tenant admin role
await groups.create({name: 'avengers', assignedRoles:[{id: tenantAdminRole.id}]})
// fetch the groups
const groups = await groups.getGroups({ filter: 'name eq "avengers"' });

• feat: users API - invite user

const users = new Users({...});
// resend an invitation in swedish
await users.invite({ invitees:[{ email: 'tom.hanks@qlik.com', resend: true, language: 'sv' }] });

• fix: allow using limit from query param for pagination

Python 0.15.0: API updates

• feat: users API - update

qlik = Qlik(config=config)
# resend an invite to a user in your teanant
qlik.users.invite(
    InviteRequest(
        invitees=[{email: "tom_hanks@qlik.com", language: "sv", resend: true}]
    )
)

• feat: groups API - updates

You can now create a groups:

qlik = Qlik(config=config)
tenant_admin_role = qlik.roles.get_roles(filter='name eq "TenantAdmin"')
# create group
data = GroupPostSchema(name="avengers", assignedRoles={ "id": tenant_admin_role[0].id})
new_group = qlik.groups.create(data=data)
# delete group
group = qlik.groups.get(groupId=new_group.id)
group.delete()

• feat: apps API - new features

insight analysis: you now can list ()app.get_insight_analyses()) and get recommandations (recommend) from insight advisor through APIs

change the ownership of generic objects

app.change_owner(objectId = 'objectId', data = { ownerId: 'userId' })

• feat: transport API email-config

config = Config(
    host=self.base_url, auth_type=AuthType.APIKey, api_key=self.api_key
)
q = Qlik(config=config)
email_config = q.transports.get_email_config()
validation = q.transports.validate()

• fix: handle properties with leading numbers
• fix: response type as requests.response

To support customers who wish to manage their users, groups, and tenants via API, Qlik is releasing new and updated APIs to support common tasks such as:

• Setting the tenant name or tenant alias
• Updating tenant auto assignment flags for new users joining the tenant
• Patching assigned roles by name to users and groups. Previously this could only be done for users, and required the use of the role ID
• Seeding groups to the tenant to set up access control prior to user logins. This is important when using Identity Providers other than Azure AD configured with SCIM

There are also important updates to group validation checks that any organization using groups via their Identity Provider should review.

New tenants endpoints

You’re now able to read and patch information about your tenant.

curl "https://your-tenant.us.qlikcloud.com/api/v1/tenants/xxxxx-xxxxx-xxxxxxxxxxxxxxxxxxxx" \
 -H "Authorization: Bearer <dev-api-key>"

# Http 200 - Ok
{
  "id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "status": "active",
  "name": "1234567890abcde",
  "hostnames": [
    "1234567890abcde.us.qlikcloud.com",
    "your-tenant-alias.us.qlikcloud.com"
  ],
  "createdByUser": "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy",
  "created": "2020-10-01T17:58:14.846Z",
  "lastUpdated": "2023-03-23T13:25:12.107Z",
  "autoAssignCreateSharedSpacesRoleToProfessionals": true,
  "autoAssignPrivateAnalyticsContentCreatorRoleToProfessionals": true,
  "autoAssignDataServicesContributorRoleToProfessionals": true,
  "enableAnalyticCreation": false,
  "datacenter": "us-east-1",
  "links": {
    "self": {
      "href": "https://your-tenant-alias.us.qlikcloud.com/api/v1/tenants/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
    }
  }
}

curl "https://your-tenant.us.qlikcloud.com/api/v1/tenants/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
 -X PATCH \
 -H "Authorization: Bearer <dev-api-key>" \
 -H "Content-type: application/json" \
 -d '[
    {
      "op": "replace",
      "path": "/name",
      "value": "Your Tenant Name"
    }
  ]'

# Http 204 - No Content

For the complete list of supported features, see the Tenants API specifications.

New users API feature

You’re now able to create or patch users with assigned roles by name, instead of by role ID.

curl "https://your-tenant.us.qlikcloud.com/api/v1/users" \
 -X POST \
 -H "Authorization: Bearer <api-dev-key>" \
 -H "Content-type: application/json" \
 -d '{
      "tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
      "subject": "my/subject",
      "name": "New Username",
      "email": "username@test.example",
      "assignedRoles": [
        { "name": "TenantAdmin" },
        { "name": "Developer" }
      ]
  }'

# Http 201 - Created
{
    "id": "6478e42bce55a79191a3ce8e",
    "tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "status": "active",
    "subject": "my/subject",
    "name": "New Username",
    "email": "username@test.example",
    "assignedRoles": [
        {
            "id": "6478e405b3558e25bf22bfaf",
            "name": "TenantAdmin",
            "type": "default",
            "level": "admin"
        },
        {
            "id": "6478e405b3558e25bf22bfb6",
            "name": "Developer",
            "type": "default",
            "level": "user"
        }
    ],
    "assignedGroups": [],
    "groups": [],
    "createdAt": "2023-06-01T18:32:11.509Z",
    "lastUpdatedAt": "2023-06-01T18:32:11.509Z",
    "links": {
        "self": {
            "href": "https://your-tenant.us.qlikcloud.com/api/v1/users/6478e42bce55a79191a3ce8e"
        }
    }
}

curl "https://your-tenant.us.qlikcloud.com/api/v1/users/6478e42bce55a79191a3ce8e" \
 -X PATCH \
 -H "Authorization: Bearer <api-dev-key>" \
 -H "Content-type: application/json" \
 -d '[
    {
      "op": "replace",
      "path": "/assignedRoles",
      "value": [
        { "name": "TenantAdmin" },
        { "name": "Developer" }
      ]
    }
  ]'

# Http 204 - No Content

For the complete list of supported features, see the Users API specifications.

New groups endpoints

You’re now able to create and patch information about your groups. This includes the ability to assign roles by name or by ID. Creation of groups is supported through the API for pre-seeding access to resources and role assignment prior to user login. Assignment of users to groups continues to be managed by your identity provider.

curl "https://your-tenant.us.qlikcloud.com/api/v1/groups" \
 -X POST \
 -H "Authorization: Bearer <api-dev-key>" \
 -H "Content-type: application/json" \
 -d '{
      "name": "admin group",
      "assignedRoles": [
          { "name": "TenantAdmin" }
      ]
  }'

# Http 201 - Created
{
    "id": "6478e535b778a912a1d543e6",
    "tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "createdAt": "2023-06-01T18:36:37.871Z",
    "lastUpdatedAt": "2023-06-01T18:36:37.871Z",
    "name": "admin group",
    "status": "active",
    "assignedRoles": [
        {
            "id": "6478e4b071aaa7f293fd71b0",
            "name": "TenantAdmin",
            "type": "default",
            "level": "admin"
        }
    ],
    "links": {
        "self": {
            "href": "https://your-tenant.us.qlikcloud.com/api/v1/groups/6478e535b778a912a1d543e6"
        }
    }
}

curl "https://your-tenant.us.qlikcloud.com/api/v1/groups/6478e535b778a912a1d543e6" \
 -X PATCH \
 -H "Authorization: Bearer <api-dev-key>" \
 -H "Content-type: application/json" \
 -d '[
    {
      "op": "replace",
      "path": "/assignedRoles",
      "value": [
        { "name": "TenantAdmin" },
        { "name": "Developer" }
      ]
    }
  ]'

# Http 204 - No Content

For the complete list of supported features, see the Groups API specifications.

Group validation updates

Maximum name length

Qlik Cloud now limits the length of group names to 256 characters. New groups with names that exceed the character limit will not be created in the tenant. Any pre-existing groups within Qlik Cloud are unaffected by this change.

Users attempting to log in with a group that exceeds the name length limit will be permitted but the new group will be ignored.

Maximum number of groups per tenant

Qlik Cloud now limits each tenant to 10,000 active groups. Upon reaching the limit, no new groups can be created in the tenant until existing groups are removed by an administrator.

Users attempting to log in with a new group that exceeds the maximum number of groups limit will be permitted but the new group will be ignored.

The Platform Operations connector is a connector for Qlik Application Automation that makes deploying and managing tenants in Qlik Cloud possible without code.

Blocks have been added or updated for the following APIs:

• API keys
• Apps
• Automations
• Brands
• Collections
• Content security policies
• Data alerts
• Data files
• Groups
• Licenses
• Identity providers
• Items
• Spaces
• Users

As a reminder, you can use the Raw API Request block to access any API in Qlik Cloud.

Block listing

New blocks:

• Apps
  • Change app object owner
  • Change app owner
• Automations
  • Change automation owner
• Brands
  • Activate brand
  • Create brand
  • Deactivate brand
  • Get brand
  • Get brand file
  • Delete brand
  • List brands
• Collections
  • Create collection
  • Delete collection
  • Get collection
  • List collection items
  • List collections
  • Update collection
• Data alerts
  • Get data alert settings
• Data files
  • Change data file owner
  • Change data file space
  • Copy data file
  • Create data file
  • Delete data file
  • List data file connections
  • Copy data file in space
  • Create data file in space
  • List data files from space
• Identity providers
  • List identity providers
• Items
  • Get item
  • Get item settings
  • List item collections
  • Add item to collection
  • Remove item from collection
  • List items
  • List items for lookup
  • Update item settings
• Users
  • Invite user by email
  • Update user license

Updated blocks:

• Create API key
• List apps
• List content security policies
• List groups
• Update API key settings
• Add member to space with all roles
• Export app to base64 encoded file
• Find user assigned license

Review how to get started with the Platform Operations connector.

No-code Qlik Platform Operations tutorials

The Platform Operations tutorial series demonstrates how to create, configure, and hydrate tenants in Qlik Cloud using APIs and other pro-code tooling.

A new tutorial series shows how to use the Qlik Platform Operations connector for Qlik Application Automation to achieve similar tenant creation, configuration, and hydration activities using the Application Automation no-code experience.

This series introduces basic concepts related to the connector, it’s configuration, and some of the things it helps you to achieve in Qlik Cloud for single or multiple tenant deployments.

Review the tutorial series to get started.

Data files API tutorials

Qlik Cloud allows you to upload or create certain file types for storing data within spaces. These files will appear in the DataFiles data connection when using the data load editor or data manager, and will also appear in the Cloud Hub catalog.

This tutorial series is all about data files, how to create them, update them, and delete them in bulk. You’ll also learn how they relate to other assets in Qlik Cloud, such as Analytics apps, data connections, data stores, data assets, and data sets.

See the full API reference, or review the tutorial series.

Qlik-Cli (v2.20.4)

feat: Added qlik app insight-analyse command for Insight Advisor analyses. Documentation for the API can be found here

feat: Added command for changing owner of an object. Documentation for the API can be found here

# Change owner for a specific object
qlik app object change-owner --appId <app-id> --objectId <object-id> --ownerId <owner-id>

feat: add publish & unpublish commands for Bookmarks, Dimensions and Measures.

# Publish a bookmark
qlik app bookmark publish <bookmark-id> --app <app-id>
# Unpublish a bookmark
qlik app bookmark unpublish <bookmark-id> --app <app-id>
# Publish a dimension
qlik app dimension publish <dimension-id> --app <app-id>
# Unpublish a dimension
qlik app dimension unpublish <dimension-id> --app <app-id>
# Publish a measure
qlik app measure publish <measure-id> --app <app-id>
# Unpublish a measure
qlik app measure unpublish <measure-id> --app <app-id>

fix: qlik context commands are no longer experimental

fix: qlik-cli is now based on Golang v1.20.4 to resolve security vulnerabilities.

fix: added missing body parameters for qlik qrs commands. This issue was reported on qlik-oss here

v0.22.0: Sense Client Objects & Mixins

• feat: Sense Client Object Defaults support in the SDK

  Added support for Sense Client Objects, users can now easily do operations like:

// fetch the list sheets
const sheetList = await app.getSheets();
// get individual sheet and do operation on it
const sheet =  await app.getSheet(sheetList[0].id);
await sheet.publish()

and more:

// fetch the list fields
const fieldList = await app.getFields();
// fetch fthe list of fields (including system fields)
const fieldList = await app.getFields({ qFieldListDef: { qShowSystem: true } });
// listen to current selections
const currentSelectionsObj = await app.getCurrentSelectionsObject();
await currentSelectionsObj.getLayout();
currentSelectionsObj.on('changed', () => {
  // selections have been toggled
});
// create masterObjects & publish
const createdMasterObject = await app.createMasterobject({ qMetaDef: { title, description } });
// configure app properties
await app.setAppProperties({sheetTitleBgColor: '#ffcf03', sheetTitleColor: '#ffcf03'});
// list bookmarks easily etc...
const bookmarkList = await app.getBookmarks();

• feat: enigma mixins are now enabled by default non raw rpc calls

// ex: to disable the bandwidth-reducing delta protocol you now need to set it to false
await app.open( { delta: false} );

v0.21.1: Maintenance Release

• fix: Exclude nebula example from dep specs

  Excluding nebula example as it uses production non-approved dependencie parcel and nebula/stardust

v0.21.0: New Features and Bugfixes

• fix: Handle property number name

  Added leading underscore to property names starting with number This fixes the problem with groups blocking updating of specs

• fix: Throw engine message error Added a response error interceptor to throw a descriptive error message received from engine

• fix: Replaced Buffer to btoa in browser build

• chore: Refactor env_vars

• chore: Use apiResponseInterceptor and add nebula integration test

  added empty once function next to the on-listener function - this should be a proper once function set properties in the open function: id, handle, type, genericType use apiResponseInterceptor - to set properties on result throw error from apiResponseInterceptor similar to enigma, should this throw an enigma error? wrap constructor for loop in if-isArray because of a non array response - needs investigation add browser integration test for nebula app using cypress

• chore: Added once event listener Once event listeners are called only once on event and removed from listeners

hypercube.once('changed', () => {...});

• chore: Allow event listeners to be async

  Async functions can be added as event listeners

hypercube.on('changed', async () => {...});

• chore: Keep reserved keywords as class members (delete)

Language reserved words are modified only while using as formal parameters and kept as it is in class members which allows parsing request body with reserved words as keys to class object without loosing any fields from request body

Apps API

The apps API provides access to create and manage Qlik Sense and QlikView apps in Qlik Cloud.

To support Qlik customers migrating from Qlik Sense Enterprise Client-Managed to Qlik Cloud, a new endpoint at /v1/apps/{appId}/objects/{objectId}/actions/change-owner has been added. The new endpoint supports changing the owner of app objects in Qlik Sense apps.

This means that administrators can now migrate Qlik Sense apps with no loss of private or community content, ensuring that your users have no interruption in access to all of the objects from Client-Managed, including bookmarks, stories, sheets, snapshots, and more.

A full tutorial demonstrating the migration of an app and reassignment of object ownership is available here.

Note: You must own the object to change it’s ownership to another user.

• POST/v1/apps/{appId}/objects/{$objectId}/actions/change-owner : Change owner of object

curl "https://your-tenant.us.qlikcloud.com/api/v1/apps/{appId}/objects/{objectId}/actions/change-owner" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{"ownerId":"string"}'

See full API reference here, or review the full tutorial here.

Brands API

For Qlik customers deploying an OEM use case, Qlik Cloud can be branded to improve alignment with your own portal, software, or brand, reducing friction for your end users as they swap between experiences.

The brands API allows you to provide a custom logo and favicon to help enhance this user experience for your users.

The new API at brands supports the creation and management of brands in the tenant.

Important: Use of the brands API is permitted for OEM use cases only.

• POST/v1/brands : Create a new brand

curl "https://your-tenant.us.qlikcloud.com/api/v1/brands" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: multipart/form-data" \
 -F "logo=@/path/to/file" \
 -F "styles=@/path/to/file" \
 -F "favIcon=@/path/to/file"

See full API reference here, or review the full tutorial here.

Users API - Invite

The Users API provides you with the ability to create, manage, and delete users from Qlik Cloud tenants. Previously, you were only able to add existing Qlik Cloud users to the tenant using a POST request to users with a valid user subject.

The new endpoint at /v1/users/actions/invite supports the addition of new and existing users to your tenant using the email address of the new user.

Users new to Qlik Cloud will receive an email inviting them to register a Qlik Account, and existing users will be prompted to log in with their existing Qlik Account credentials.

Note: Inviting only works for Qlik Account logins. If you are using your own Identity Provider and wish to pre-load users into the tenant, you should leverage Qlik Cloud SCIM capabilities or send a POST request with the desired subject to create the user.

• POST/v1/users/actions/invite : Invites one or more users to Qlik Cloud using their email.

curl "https://your-tenant.us.qlikcloud.com/api/v1/users/actions/invite" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{"invitees":[{"name":"John Smith","email":"john.smith@example.com","resend":true,"language":"en"}]}'

See full API reference here.

Qlik-Cli (v2.19.0)

feat: commands for managing script versions in an app

# List script versions in an app
qlik app script version ls --appId=<appId>

# Create a version of a script
qlik app script version create --versionMessage="Version1" --script="Load RecNo() as N autogenerate(100);" --appId=<appId>

# Get the current version of a script
qlik app script version get current --appId=<appId>

# Get a specific version of a script. The scriptId is returned when listing script versions.
qlik app script version get <scriptId> --appId=<appId>

# Remove a specific version of a script
qlik app script version rm <scriptId> --appId=<appId>

feat: additional support for rows and json output for the qlik app eval command.

# By default the eval command will only return maximum 20 rows of data
qlik app eval <expression> --app=<appId>

# If additional data is wanted the number of rows can now be specified using the --rows parameter
qlik app eval <expression> --rows=5000 --appId=<appId>

# It is also possible to get the hypercube data pages in raw json
qlik app eval <expression> --rows=5000 --appId=<appId> --json

chore: Documentation updates:

• Qlik App Eval

• Qlik App Script

Typescript SDK (v0.19.1)

New APIs (Questions, Audits, App Scripts)

• feat: added support for the Questions API.

  // Ask question regarding the reloaded data
  const question = 'What is the count of Prime?';
  const answer = await qlik.questions.ask({ text: question, app: { id: app.attributes.id } });

• feat: added support for the Audits API.

  // Get the list of event sources
  const sources = await qlik.audits.getSources();

• feat added support for listing app script versions

  // saves a script with version called `v1`
  const script = 'Load RecNo() as N autogenerate(100);';
  await app.createScript({
    script,
    versionMessage: 'v1',
  });
  // retrieves all versions of the app script
  const { scripts } = await app.getScriptVersions();

Features

• feat: Added support for registering an event listener for object changed and closed events.

  If an object handle is invalidated for instance when the data model has changed, then the handle will be part of a change array in the response for the method that caused the change.

  It is now possible to register a listener for an object, where onChanged is a custom defined function.

  hypercube.on('changed', onChanged);

  Handles can also be closed in a session if they are no longer valid. This can happen if for instance you have a handle for a field and the data model is changed/reloaded.

  field.on('closed', onClosed);

Improvements

• fix: improvements for handling fetch depending on environment

  The global.fetch function is assumed to be available, and if not now an error will be returned. If it is not available then it can be added:

  1. For ES6-Modules and node-fetch you can use global.fetch = (args) => import('node-fetch').then(({default: fetch}) => fetch(args));
  2. For CommonJS and cross-fetch you can use global.fetch = require('cross-fetch');

• fix: Handling of websocket close errors. If an error code is set when the websocket is closed, the SDK will now return an error containing the code and reason for being closed.

  // in case of an socket error the err will contain a `closeCode` and a `closeMsg`
  session.on('socket-error', (data) => {
      err = data;
  });
  

⚠️ Breaking change

Operations on sub-resources ex: get_reloads_log were previously generated as class static methods and required you to have the resource Id as parameter - now fixed.

public async getReloadsLog(reloadId: string): Promise<ArrayBuffer> {...}
// previously requiring appId
public async getReloadsLog(appId: string, reloadId: string): Promise<ArrayBuffer> {...}

This change affects the following resources: Apps, Automations, Collections, Extensions, Spaces, Themes and Weebhooks.

Python SDK (v0.13.0)

New APIs and Maintenance Fixes

• feat: adding support for the Oauth-Tokens API

config = Config(
  host=self.base_url, auth_type=AuthType.APIKey, api_key=self.api_key
)
oauth_tokens = OauthTokens(config=config)
# fetch all tokens for user with <userId>
tokens = oauth_tokens.get_oauth_tokens(userId="<userId>")
# loop through tokens and revoke them
for token in tokens:
    oauth_tokens.delete(token.id)

• feat: added support for the Questions API

  # ask a question about the data
  answer = q.questions.ask(
    QueryCreate(
      app=QlikApp(id=app.attributes.id),
      text="What is the total sum of Prime?",
    )
  )

• feat: added support for Apps Scripts API

  # create a script
  app.create_script(ScriptVersion(script="Load RecNo() as N autogenerate(200);", versionMessage="v1"))
  # list the script versions in the app
  scriptMetaList = app.get_script_versions()
  # get a specific version of a script
  scriptObject = app.get_script_by_version(scriptMetaList.scripts[0].scriptId)
  # get the current script version (latest version)
  currentScriptObject = app.get_script_by_version("current")

• fix: Operations on sub-resources ex: get_reloads_log were previously generated as class static methods and required you to have the resource Id as parameter is now fixed.
• fix: clear all listeners on session and handles closed events
• fix: raise engine connection close error
• fix: pagination users

Here are the latest maintenance releases for the tools and SDKs. Those releases includes a number of bug fixes and security patches.

Python SDK v0.12.0

• fix: add event listener to the RPC session

from qlik_sdk import Auth, AuthType, Config

# custom function that should be called
def opened_listener():
    print("sesssion opened")

# register function for event "opened"
rpc_session.on("opened", opened_listener)

with rpc_session.open() as rpc_client:
...     # opened_listener function is called when "opened" event is received in session

• fix: readonly and allOf fields are now handled

• fix: render param string enums for typings

• fix: set type for the session property

• fix: various improvements in the generated code-structure

Typescript SDK v0.17.0

• feat: adding themes resource

const themes = new Themes({...});

const zipStream = fs.readFileSync(path.join(__dirname, 'assets/red-theme-extension.zip'));

// upload theme
const theme = await themes.create({ name: `red-theme-test-sdk-ts-${Date.now()}` }, zipStream);

• fix: readonly and allOf fields are now handled
• fix: improved typings for nested object types
• fix: bumping all dependencies security patch releases

qlik-cli v2.18.0

• feat: new resource added oauth-token

qlik oauth-token ls          # List OAuth tokens
qlik oauth-token rm <token>  # Revoke an OAuth token by ID

• fix: properly handle deprecated operations and commands

Since the release of the Qlik Cloud platform SDKs earlier this year, the packages have recently been updated. The idea with the Qlik Platform SDKs is to let developers extend solutions without the need to develop them from scratch.

Python SDK (v0.11.0)

• Feat: Allow full path in RAW rest calls. This feature in combination with interceptors unlocks QRS communication, for example:

def inject_csrf_token(req):
    csrf_token = "".join(random.choices(string.ascii_letters + string.digits, k=16))
    req.headers["x-qlik-xrfkey"] = csrf_token
    req.params["xrfkey"] = csrf_token
    return req
win_auth_instance = Auth(config=Config(
    api_key=qseow_api_key, host=qseow_host, auth_type=AuthType.APIKey))
win_auth_instance.rest.interceptors["request"].use(inject_csrf_token)
apps = win_auth_instance.rest(path=f"{qseow_host}qrs/apps/full")

Feat: Added new APIs

• api-keys API

apiKeys = ApiKeys(config=config)
keys = apiKeys.get_api_keys()

• audits API

audits = Audits(config=config)
sources = audits.get_sources()

• Webhooks API

qlik = Webhooks(config=config)
name = "qlik-sdk-py-test"
url = "https://your-tenant.qlikcloud.com/api/v1/automations/{automationId}/actions/execute"
eventTypes = ["com.qlik.v1.app.created", "com.qlik.v1.app.reload.finished"]
headers = {
    "X-Execution-Token": "lXw9BRm1Ba1bb6MOcPDewNvk5WUmdre70bHljfv1KzNMuby9YXwkUExrCgapxoxn"
}
hook = webhooks.create(
    Webhook(name=name, url=url, eventTypes=eventTypes, headers=headers)
)

• Quotas API

quotas = Quotas(config=config)
data = quotas.get_quotas()

• Collections API

 qlik = Qlik(config=config)
# create collection
collection = qlik.collections.create({"name": col_name, "type": "public"})
app = qlik.apps.create({"attributes": {"name": app_name}})
items = qlik.items.get_items(resourceType="app", resourceId=app.attributes.id)
itemId = items[0].id
# add item to collection
collection.create_item({"id": itemId})

• Automations API

qlik = Qlik(config=config)
name = "test-sdk-py-" + str(uuid.uuid1())
# create
automation = automations.create(data=AutomationDetailRequestObject(name=name))
# run
automation.create_run(RunDetailRequestObject(context="detail"))
# list runs
runs = automation.get_runs()
# delete
automation.delete()

• Reload-Tasks API

qlik = Qlik(config=config)
app = qlik.apps.create({"attributes": {"name": "app name"}})
# create
task = qlik.reload_tasks.create(
    PostTaskBody(
        appId=app.attributes.id,
        timeZone="Europe/Zurich",
        recurrence=[
            "RRULE:FREQ=WEEKLY;INTERVAL=2;BYDAY=MO;BYHOUR=14;BYMINUTE=16;BYSECOND=0",
        ],
    )
)
# list reload tasks
tasks = qlik.reload_tasks.get_reload_tasks(appId=app.attributes.id)
# delete
task.delete()

Docs

• Cleaned up README and dded more dev documents
• New example for auth flows
• Added engima examples in README.md

Fixes

• Inline return objects are generated as dataclasses
• Allow sending dynamic properties for RPC
• Support nested array object

Typescript SDK (v0.16.0)

• Feat: Allow user to use full patch for RAW calls. This feature in combination with interceptors unlocks QRS communication, For example:

const injectXrfKey = ([url, config]) => {
  const _url = new URL(url);
  _url.searchParams.append("xrfkey", "ichBinEinBerlinR");
  const res = [
    _url.toString(),
    {
      ...config,
      headers: {
        "x-qlik-xrfkey": "ichBinEinBerlinR",
        ...config.headers,
      },
    },
  ];
  return res;
};
auth.rest.interceptors.request.use([injectXrfKey]);

const apps = await auth
  .rest(`https://win-server/jwt/qrs/app/full?filter=name eq '${appName}'`)
  .then((resp) => resp.json());

• Feat: Expose session events

const session = await auth.rpc(appId);
session.on("traffic:sent", onTrafficSent);
session.on("traffic:received", (data: any) => {
  /** ... */
});
session.on("opened", onOpened);
session.on("notification:*", onNotification);

• Feat: Added Relaod-Tasks API

const task = await reloadTasks.create({
  appId: app.attributes.id,
  timeZone: "Europe/Zurich",
  recurrence: [
    "RRULE:FREQ=WEEKLY;INTERVAL=2;BYDAY=MO;BYHOUR=14;BYMINUTE=16;BYSECOND=0",
  ],
});
// list
const tasks = await reloadTasks.getReloadTasks({ appId: app.id });

• Feat: Enum values in method and class props and parameters

• Docs: Added engine examples to README.md

• Fix: set session on Qix returned Object Classes

• Fix: allow initiated objects

• Fix: request and response interceptors promises

• Refactor: EnigmaSession renamed to the more generic RpcSession

For more information see the package links below:

• Typescript
• Python

Please note that the Platform SDK packages are early development releases. So, please expect breaking changes as it updates and stabilize.

OAuth 2.0 Authorization

OAuth is a standard security protocol for authorization and delegation. It allows third party applications to access API resources without disclosing the end-user credentials.

Qlik Cloud supports OAuth 2.0 Authorization Code and Client Credentials flows. The OAuth client can obtain an authorization code or send client credentials header to exchange it with an access token that can be used to access Qlik Cloud APIs.

• Create OAuth in client see tutorial here

Alongside this delivery you will also get OAuth support for tools and libraries.

• OAuth in Qlik-Cli To quickly get started, you can use the qlik-cli command qlik context init for more details, read the get started section in the Qlik-Cli overview page or the using OAuth clients with Qlik-Cli section in Get started with OAuth machine-to-machine tutorial.

• Platform SDKs Back-end application, front-end application, Python or Javascript? no problem. You can find a simple example using enigma.js in the Platform SDKs overview page or in the Using OAuth clients with Qlik Platform SDKs section

Full tutorial OAuth single page applications with nebula.js can be found here

• Capability APIs? Already have a Client Id? just switch the webIntegrationId config with the clientId instead, that’s it. See example code in the Build a simple mashup using capability APIs tutorial.

Transport API

The Transport API is the service responsible for managing notification channels and email configurations for the sending of system notifications, as well as updates from analytics services in the hub, such as data alerts and subscriptions.

These notifications provide users with information about events such as failed reloads, users being added to spaces, data alerts being triggered, and regular subscription snapshots being sent to subscribers. Note that any workflows running in application automation (including the report blocks) will use their own SMTP/ email configuration - only system notifications from application automation will be sent via the transport API.

The endpoints in this release provide the ability to configure and review the email server configuration for this service, including the following examples:

• GET/v1/transports/email-config : Returns the email configuration for a given tenant id.

curl "https://your-tenant.us.qlikcloud.com/api/v1/transports/email-config" \
 -H "Authorization: Bearer <API-key>"

• PATCH/v1/transports/email-config : Patch the email configuration for a given tenant id.

curl "https://your-tenant.us.qlikcloud.com/api/v1/transports/email-config" \
 -X PATCH \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d
 '{
    "op": "replace",
    "path": "/username",
    "value": "New name"
  }'

• DELETE/v1/transports/email-config: Deletes email configuration for a given tenant id.

curl "https://your-tenant.us.qlikcloud.com/api/v1/transports/email-config" \
 -X DELETE \
 -H "Authorization: Bearer <API-key>"

• POST/v1/transports/email-config/actions/send-test-email : Send a test mail with the supplied email info(subject, body, recipient).

curl "https://your-tenant.us.qlikcloud.com/api/v1/transports/email-config/actions/send-test-email" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{
     "body":"string",
     "subject":"string",
     "recipient":"string"
     }'

• POST/v1/transports/email-config/actions/validate : Returns the isValid value for the email configuration for the tenant. Will return false if no email configuration exists.

curl "https://your-tenant.us.qlikcloud.com/api/v1/transports/email-config/actions/validate" \
 -X POST \
 -H "Authorization: Bearer <API-key>"

• POST/v1/transports/email-config/actions/verify-connection: Verifies connection to email server for tenant provided via JWT.

curl "https://your-tenant.us.qlikcloud.com/api/v1/transports/email-config/actions/verify-connection" \
 -X POST \
 -H "Authorization: Bearer <API-key>"

See full API reference here, or read more about configuring SMTP providers for your tenant.

Beginning November 1, 2022, Qlik is enforcing rate limits to API requests on Qlik Cloud REST APIs. This means any API request originating to a REST API endpoint on Qlik Cloud is subject to rejection if the number of requests to an endpoint exceeds the allowed amount in a specified duration on that endpoint.

NOTE: Read on to learn more about how you may be impacted by API rate limits.

Learn more about API rate limiting at these resources:

• API rate limiting support blog

• API rate limiting details on qlik.dev

• Review the Qlik Cloud API policy

Nebula version 3.0

The 3.0 version of Nebula has been released. It contains bug fixes, dependency updates and a few new features. Below are select updates since version 2.0

v3.0

• Minor bugfixes and dependency updates.

• Updated to internally use material UI v5 and React 18.

  • Breaking change for users of stardust/core source repository In npm package npm package

  • Still compatible with React 17.

• Engima Mocker:

  • New experimental API that allows examples and tests to run without a Qlik Sense Engine You can see source and documentation here

• Improved support for qListObject in Nebula serve dev enviroment.

  • Supernovas/Extensions using qListObject data works better with automated property panel.

• Updated visualisations. New charts have been added and feature updates made to others. For instance:

  • See New Nebula Map
  • and Pivot table
  • See more here .

More Options

• v2.5: DisableCellPadding: reduces padding around visualistions see here

• Listbox: see here

  • v2.6: dense: reduces padding and text size
  • v2.7: frequencyMode: Shows frequency count of values
  • v2.9: checkboxes: Shows values as checkboxes.

Typescript Support

• v2.4: Typescript support
  • Nebula now comes with defined types and the build command now supports visualisations that use typescript.

Read more here

AutoML Dataset Predictions

This API allows the creation and manipulation of machine learning models, and generation of predictions.

With AutoML Dataset Predictions you can:

• GET/api/v1/automl-predictions/{predictionId}/coordinate-shap: Return a file containing the shapley values in coordinate form that are associated with a predictionId.

curl "https://your-tenant.us.qlikcloud.com/api/v1/automl-predictions/{predictionId}/coordinate-shap" \
 -H "Authorization: Bearer <API-key>"

• POST/api/v1/automl-predictions/{predictionId}/jobs : Retrieve jobs that are associated with a prediction.

curl "https://your-tenant.us.qlikcloud.com/api/v1/automl-predictions/{predictionId}/jobs" \
 -X POST \
 -H "Authorization: Bearer <API-key>"

• GET/api/v1/automl-predictions/{predictionId}/predictions: Return a file containing the predicted values that are associated with a predictionId.

curl "https://your-tenant.us.qlikcloud.com/api/v1/automl-predictions/{predictionId}/predictions" \
 -H "Authorization: Bearer <API-key>"

And more, see full API reference here

AutoML Real-time Predictions

With AutoML Real-time Predictions you can:

• POST/api/v1/automl-deployments/{deploymentId}/realtime-predictions: Generate predictions in a synchronous request and response.

curl "https://your-tenant.us.qlikcloud.com/api/v1/automl-deployments/{deploymentId}/realtime-predictions" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{"schema":{"rows":[],"schema":[{"name":"string"}]}}'

See API reference here.

Lineage

The Lineage API enables users to keep track of the origins and impacted content of the base objects on resource, table, and field levels.

Additionally, the Lineage API supports search, expansion, and overview on the nodes within input and output graphs.

With this API you can:

• GET/v1/lineage-graphs/nodes/{id}: Returns a lineage graph of a source node.

{id}is the QRI of the base node

curl "https://your-tenant.us.qlikcloud.com/api/v1/lineage-graphs/nodes/{id}" \
 -H "Authorization: Bearer <API-key>"

• GET/v1/lineage-graphs/impact/{id}/source : Returns all levels of the requested root node. {id}is the QRI of the base node

curl "https://your-tenant.us.qlikcloud.com/api/v1/lineage-graphs/impact/{id}/source" \
 -H "Authorization: Bearer <API-key>"

• POST/v1/lineage-graphs/nodes/{id}/overview: Update lineage flag for this request. {id}is the QRI of the base node

curl "https://your-tenant.us.qlikcloud.com/api/v1/lineage-graphs/nodes/{id}/overview" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{
        "":[]
    }'

• GET/v1/lineage-graphs/impact/{id}/overview: Returns all resource level nodes that are impacted by a change in the source node. {id}is the QRI of the base node

curl "https://your-tenant.us.qlikcloud.com/api/v1/lineage-graphs/impact/{id}/overview" \
 -H "Authorization: Bearer <API-key>"

And more, see full API reference here.

You can also read more in this tutorial.

Reload tasks

Reload-tasks are the resources of reload tasks. With this API you can:

• GET/v1/reload-tasks: Find and return the tasks that the user can access.

curl "https://your-tenant.us.qlikcloud.com/api/v1/reload-tasks" \
 -H "Authorization: Bearer <API-key>"

• POST/v1/reload-tasks : Create a task for a specified app.

curl "https://your-tenant.us.qlikcloud.com/api/v1/reload-tasks" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{
  "appId": "116dbfae-7fb9-4983-8e23-5ccd8c508722",
  "partial": true,
  "timeZone": "string",
  "autoReload": true,
  "recurrence":
  [
    "FREQ=DAILY;BYHOUR=8;BYMINUTE=0;BYSECOND=0",
    "FREQ=WEEKLY;BYHOUR=10;BYMINUTE=0;BYSECOND=0"
  ],
  "endDateTime": "2018-11-09 14:46:07.697 +0000 UTC",
  "startDateTime": "2018-11-09 14:46:07.697 +0000 UTC",
  "autoReloadPartial": true,
  "type": "scheduled_reload"
}'

• PUT/v1/reload-tasks/{taskId}: Update an existing task.

curl "https://your-tenant.us.qlikcloud.com/api/v1/reload-tasks/{taskId}" \
 -X PUT \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{
  "appId": "116dbfae-7fb9-4983-8e23-5ccd8c508722",
  "partial": true,
  "timeZone": "string",
  "autoReload": true,
  "recurrence":
  [
    "FREQ=DAILY;BYHOUR=8;BYMINUTE=0;BYSECOND=0",
    "FREQ=WEEKLY;BYHOUR=10;BYMINUTE=0;BYSECOND=0"
  ],
  "endDateTime": "2018-11-09 14:46:07.697 +0000 UTC",
  "startDateTime": "2018-11-09 14:46:07.697 +0000 UTC",
  "autoReloadPartial": true,
  "state": "Disabled"
}'

See full API reference here