For the Qlik Cloud feature changelog, visit What's new in Qlik Cloud.
Following the deprecation notice of March 26, 2024, the TypeScript Platform SDK will reach end-of-life and end-of-support on March 27, 2025.
Starting from March 27, 2025, this SDK will no longer receive updates or releases, and may be removed at any time. Please use qlik-api instead.
Qlik is announcing a change in behavior for the Users API, which will take effect no sooner than March 31, 2025.
The Users API currently allows you to create a new user with an email that is
already associated with a disabled user in the tenant, and to update a user’s
email to the same address already associated to another invited or disabled user
in the tenant.
The Users API will be updated to enforce email uniqueness across all
user statuses (including: active, invited, provisioned, disabled).
Endpoints affected:
/v1/users/v1/users/{id}The Spaces API has been updated to include new endpoints to manage space shares.
This supports two tasks:
The new endpoints are:
POST /api/v1/spaces/{spaceId}/shares - Share a resource in a space with specific users
or groups, or create a link share in an anonymous tenant.GET /api/v1/spaces/{spaceId}/shares - Get a list of shares for a space.GET /api/v1/spaces/{spaceId}/shares/{shareId} - Get a share by ID.PATCH /api/v1/spaces/{spaceId}/shares/{shareId} - Update a share by ID.DELETE /api/v1/spaces/{spaceId}/shares/{shareId} - Delete a share by ID.For more information on this API, review the Spaces API specification.
Pinned links are now available in the Qlik Cloud navigation menu. Pinned links
allow you to create and manage your own links which appear under the More
section in the navigation menu, providing a way of surfacing important links to
your users via the global navigation controls.
This feature can only be set via the Pinned Links API. By
default, your tenant contains no links, and the More section will not be shown.
When the first link is added, it will be visible to all users in the tenant.
For example, to create a link to qlik.dev and qlik.com:
curl -L "https://<TENANT>/api/v1/ui-config/pinned-links/actions/bulk-create-pinned-links" ^-H "Authorization: Bearer <ACCESS_TOKEN>" ^-H "Content-type: application/json" ^-d "{ \"type\": \"custom-link\", \"scope\": \"tenant\", \"links\": [ { \"name\": \"Qlik Developer Portal\", \"link\": \"https://qlik.dev\" }, { \"name\": \"Qlik.com\", \"link\": \"https://qlik.com\" } ]}"Successful requests will return an HTTP 201 status code along with the details of the created
links.
For more information, review the specification for the Pinned Links API.
Custom Groups are a powerful new capability designed to give enterprise customers greater flexibility and control over user and group management.
With Custom Groups, organizations that do not rely on Identity Provider (IdP) groups for access control can now create and maintain user-to-group relationships directly in Qlik Cloud. This enables seamless group-based provisioning for both administrative access and product feature controls.
Custom Groups offer enhanced usability and autonomy, making access management easier and more aligned with your unique organizational structure.
Here’s an example of how to create a custom group and assign a role to it using the Groups API:
curl -L "https://<TENANT>/api/v1/groups" ^-X POST ^-H "Content-Type: application/json" ^-H "Authorization: Bearer <ACCESS_TOKEN>" ^-d "{\"name\": \"<GROUP_NAME>\", \"status\": \"active\", \"providerType\": \"custom\", \"assignedRoles\": [{\"name\": \"<ROLE_NAME>\"}]}"Note: This is a non-breaking addition to the Groups API. Group creation requests sent without a
providerTypewill continue to be created as anIdPgroup.
For more information, see Managing groups.
Updated on January 16, 2025: Paths to the invoke and stream endpoints were corrected.
Qlik Answers leverages two services - Knowledgebases and Assistants - to first build the data leveraged by an assistant and then configure the assistant. The Knowledgebases API and Assistants API are now published and generally available for programmatic use cases.
These APIs support both the configuration of Qlik Answers, as well as asking questions
to an Assistant by using the /api/v1/assistants/{assistantId}/threads/{threadId}/actions/invoke
or /api/v1/assistants/{assistantId}/threads/{threadId}/actions/stream
endpoints, allowing you to create your own embedded version of Qlik Answers.
This release complements the previously available qlik-embed support for Qlik Answers, which allows you to embed the native user interface into your web applications and portals.
For more information:
The Machine Learning API is now available. This public API allows you to train, deploy, and make predictions with machine learning models using Qlik AutoML. You can use this API to integrate the power of Qlik AutoML and predictive analytics into your own software applications.
With the Machine Learning API, you can:
For more information about the new Machine Learning API:
The Data Integration Projects API manages Qlik Talend Cloud Pipeline projects.
New export/import APIs for Qlik Talend Cloud Pipelines offer a programmatic way to export and import projects across tenants and spaces for deployment purposes.
They allow programmers to export projects as a .zip file. They also include creating projects and reading or updating the project variables (referred to as bindings) before importing project contents.
5 new API endpoints are available:
For more information, review the reference documentation for the Data Integration Projects API.
The Roles API manages tenant-level security roles and user default customization.
New endpoints allow you to create, update, and delete custom roles, as well as
configure the default scopes assigned to all users in a tenant via userDefault.
For more information:
The selection bar can now be styled using custom themes.
Style the selection bar and listboxes with custom definitions for the dataColors properties.
These properties can be configured in the top-level theme definition, and at the chart level for the listBox object.
For more information, refer to:
Qlik is enhancing security and data protection for the Extensions API and Themes API. These APIs allow customization of experiences in Qlik Sense by adding custom visualization objects, colors, and styling.
Currently, any user in the tenant can download the full archive of an extension or theme from the following endpoints:
/v1/extensions/{id}/file for extensions/v1/themes/{id}/file for themesTo improve security, only users with the TenantAdmin or AnalyticsAdmin
roles will be allowed to download the full archive. This brings these endpoints
in line with the permissions for import endpoints.
This change will take effect no sooner than 60 days from the date on this changelog, on, or after October 21, 2024.
Endpoints affected:
/v1/extensions/{id}/file/v1/themes/{id}/fileThe reloads API allows for triggering data refreshes in Qlik Sense applications in Qlik Cloud.
The query log default value is being changed from true to false. This
will reduce response size for the majority of queries where the log attribute
in the response is not required.
The query parameter log can have a true or false value that controls
whether the log attribute is sent in the response. Today, the default value of
this log parameter is true, when not specified - hence the log is returned
by default.
To continue receiving this attribute after the notice period, you should
specify log=true in your request.
This change will take effect no sooner than 30 days from the date on this changelog, on, or after September 19, 2024.
Endpoints affected:
/v1/reloadsThe current response, when no log query parameter is included in the request, returns the log field.
{ "data": [ { "id": "65ad4a0df4bd1ffb55555a51", "appId": "349216c2-5555-5555-5555-5555379f68bb", "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct", "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO", "type": "chronos", "status": "SUCCEEDED", "log": "ReloadID: 65ad4a0df4bd1ffb55555a51\nStarted loading data\n(A detailed script progress log can be downloaded when the reload is finished)\nreload-result-join-22-23 \u003c\u003c reload-result-join-22-23 446,756 Lines fetched\n\nApp saved\nFinished successfully\n", "partial": false, "creationTime": "2024-01-21T16:45:01Z", "startTime": "2024-01-21T16:45:02.766Z", "endTime": "2024-01-21T16:45:10.125Z", "engineTime": "2024-01-21T16:45:07.915Z", "links": { "self": { "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51" } } }, ]}In future, if the query param log=true is not specified, or is false, the
log attribute will be omitted from the response:
{ "data": [ { "id": "65ad4a0df4bd1ffb55555a51", "appId": "349216c2-5555-5555-5555-5555379f68bb", "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct", "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO", "type": "chronos", "status": "SUCCEEDED", "partial": false, "creationTime": "2024-01-21T16:45:01Z", "startTime": "2024-01-21T16:45:02.766Z", "endTime": "2024-01-21T16:45:10.125Z", "engineTime": "2024-01-21T16:45:07.915Z", "links": { "self": { "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51" } } }, ]}Add query parameter log=true to return the log attribute in the response,
such as in /reloads?appId=349216c2-5555-5555-5555-5555379f68bb&log=true:
{ "data": [ { "id": "65ad4a0df4bd1ffb55555a51", "appId": "349216c2-5555-5555-5555-5555379f68bb", "tenantId": "xqFQ0k66vSR555555-55555QkiYrCpct", "userId": "nEgFMHPnm6ye55555555PSKuCUDzEtFO", "type": "chronos", "status": "SUCCEEDED", "log": "ReloadID: 65ad4a0df4bd1ffb55555a51\nStarted loading data\n(A detailed script progress log can be downloaded when the reload is finished)\nreload-result-join-22-23 \u003c\u003c reload-result-join-22-23 446,756 Lines fetched\n\nApp saved\nFinished successfully\n", "partial": false, "creationTime": "2024-01-21T16:45:01Z", "startTime": "2024-01-21T16:45:02.766Z", "endTime": "2024-01-21T16:45:10.125Z", "engineTime": "2024-01-21T16:45:07.915Z", "links": { "self": { "href": "https://tenant.region.qlikcloud.com/api/v1/reloads/65ad4a0df4bd1ffb55555a51" } } }, ]}For more information on this API, review the Reloads API specification.
The AI assistant component brings you the Qlik Answers experience in embedded format, with the following tag:
<qlik-embed ui="ai/assistant" assistant-id="<assistant-id>"></qlik-embed>Review the ai/assistant parameters, or learn more about the other UIs and params in qlik-embed.
Updated on December 6, 2024: The DCaaS API has now been unpublished from qlik.dev.
The DCaaS API provides
the ability to create analytics data connections in your Qlik Cloud tenant.
In response to customer feedback, the functionalities of DCaaS were merged into
the data-connections and data-sources APIs
in March 2024, as announced in this changelog.
This post serves as notice that DCaaS will be deprecated no sooner than 120 days
from the date of this changelog, on or after November 23, 2024.
POST /v1/dcaas/actions/data-connections You must move from POST /v1/dcaas/actions/data-connections
to POST /v1/data-connections.
To prevent breaking changes for current users of POST /v1/data-connections,
some parameter names have changed to incorporate the capabilities from
POST /v1/dcaas/actions/data-connections.
Namely:
qName rather than connectionName.space rather than spaceId.With POST /v1/dcaas/actions/data-connections,
you sent:
curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections" ^--header "Content-Type: application/json" ^--header "Authorization: <ACCESS_TOKEN>" ^--data "{ \"dataSourceId\": \"DG_mysql\", \"connectionName\": \"<CONNECTION_NAME>\", \"spaceId\": \"<SPACE_ID>\", \"connectionProperties\": { \"gatewayInstance\": \"<GATEWAY_ID>\", \"host\": \"<HOST>\", \"port\": \"3306\", \"database\": \"<DATABASE_NAME>\", \"username\": \"<USERNAME>\", \"password\": \"<PASSWORD>\" }}"With POST /v1/data-connections,
you should send:
curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-connections" ^--header "Content-Type: application/json" ^--header "Authorization: <ACCESS_TOKEN>" ^--data "{ \"dataSourceId\": \"DG_mysql\", \"qName\": \"<CONNECTION_NAME>\", \"space\": \"<SPACE_ID>\", \"connectionProperties\": { \"gatewayInstance\": \"<GATEWAY_ID>\", \"host\": \"<HOST>\", \"port\": \"3306\", \"database\": \"<DATABASE_NAME>\", \"username\": \"<USERNAME>\", \"password\": \"<PASSWORD>\" }}"GET /v1/dcaas/actions/data-connections/{connectionId} You must move from GET /v1/dcaas/actions/data-connections/{connectionId}
to GET /v1/data-connections/{qID}.
Changes:
qName property is used instead of connectionName.space property is used instead of spaceId.qID property is used instead of connectionId.You must pass the parameter parseConnection=true to return
the DCaaS style response.
With GET /v1/dcaas/actions/data-connections/{connectionId},
you sent:
curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections/{connectionId}" ^--header "Authorization: <ACCESS_TOKEN>"With GET /v1/data-connections/{qID},
you should send:
curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-connections/{qID}?parseConnection=true" ^--header "Authorization: <ACCESS_TOKEN>"GET /v1/dcaas/actions/data-connections/api-specs You must move from GET /v1/dcaas/actions/data-connections/api-specs
to GET /v1/data-sources/{dataSourceId}/api-specs.
With GET /v1/dcaas/actions/data-connections/api-specs,
the dataSourceId was a query parameter, and you sent:
curl --location "https://your-tenant.us.qlikcloud.com/api/v1/dcaas/actions/data-connections/api-specs?dataSourceId={dataSourceId}" ^--header "Authorization: Bearer <API-key>"With GET /v1/data-sources/{dataSourceId}/api-specs,
you pass the dataSourceId in the path, so you should send:
curl --location "https://your-tenant.us.qlikcloud.com/api/v1/data-sources/{dataSourceId}/api-specs" ^--header "Authorization: Bearer <API-key>"Consider reviewing the guides on how to create data connections.
Qlik is making changes to the recently updated Automation Connections API to improve developer experience on this API. The change is being made to the response from three endpoints, to return all attributes at the root object, rather than in the data object. No changes are being made to payloads or parameters.
This change will take effect no sooner than sixty days from the date on this changelog entry.
Endpoints affected:
/v1/automation-connections/{id}/v1/automation-connections/{id}/v1/automation-connectionsCurrent response, with data returned in data object:
{ "data": { "id": "bf96da21-b36f-40d0-ad36-3322e95d218f", "name": "Qlik Cloud Services", "spaceId": "", "ownerId": "645a73ad73599192614c03c3", "isConnected": true, "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c", "oauthAccountName": null, "redirect": null, "params": [], "createdAt": "2024-07-09T08:42:43.000000Z", "updatedAt": "2024-07-09T08:42:43.000000Z" }}From today through to the removal date in 60 days, the API will return both the new and old structures:
{ "id": "bf96da21-b36f-40d0-ad36-3322e95d218f", "name": "Qlik Cloud Services", "spaceId": "", "ownerId": "645a73ad73599192614c03c3", "isConnected": true, "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c", "oauthAccountName": null, "redirect": null, "params": [], "createdAt": "2024-07-09T08:42:43.000000Z", "updatedAt": "2024-07-09T08:42:43.000000Z", "data": { "id": "bf96da21-b36f-40d0-ad36-3322e95d218f", "name": "Qlik Cloud Services", "spaceId": "", "ownerId": "645a73ad73599192614c03c3", "isConnected": true, "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c", "oauthAccountName": null, "redirect": null, "params": [], "createdAt": "2024-07-09T08:42:43.000000Z", "updatedAt": "2024-07-09T08:42:43.000000Z" }}After the removal date in 60 days, the API will return:
{ "id": "bf96da21-b36f-40d0-ad36-3322e95d218f", "name": "Qlik Cloud Services", "spaceId": "", "ownerId": "645a73ad73599192614c03c3", "isConnected": true, "connectorId": "61a87510-c7a3-11ea-95da-0fb0c241e75c", "oauthAccountName": null, "redirect": null, "params": [], "createdAt": "2024-07-09T08:42:43.000000Z", "updatedAt": "2024-07-09T08:42:43.000000Z"}Review the Automation Connections API specification for more information about this API.
Qlik has added the com.qlik.v1.analytics.analytics-app-client.sheet-view.opened
event to the audit service in Qlik Cloud. This event is triggered whenever a sheet is
displayed in Qlik Sense, allowing for detailed analysis of how many times a sheet
in an app has been viewed and by which user.
The audit entry structure is as follows:
{ "id": "auditEntryId", "data": { "appId": "appId", "sheetId": "sheetId", "sheetState": "analysis|edit|simpleEdit" }, "eventId": "eventId", "eventTime": "2024-05-01T01:13:16.000Z", "eventType": "com.qlik.v1.analytics.analytics-app-client.sheet-view.opened", "source": "com.qlik/analytics", "tenantId": "tenantId", "userId": "userId"}A view will be recorded each time the sheet is navigated to by users
accessing via the Qlik Sense client, via iFrame, or via the classic/app
interface with qlik-embed. Events are not generated for any other embedding approaches.
Actions such as toggling between edit and view mode without changing sheet will
not register as additional views of the sheet.
The value of sheetState details the consumption mode active when the user
opened the sheet:
analysis when in view only mode.simpleEdit when in edit mode.edit when in the advanced options edit mode.This event is available via the Audits API and can also be viewed in the Events section of the Management Console.
qlik-embed 1.2.0 adds the popular charts on the fly feature to the analytics/chart
ui. This allows you to generate charts from data in a Qlik Sense app, without
the chart existing in the app. You pass a definition, and the chart is created as
requested by your web app.
Here’s an example using qlik-embed web components:
<qlik-embed id="visualization" ui="analytics/chart" app-id="<appid>" type="barchart" dimensions='["Dimension1"]' measures='["Measure1", "=Sum(Expression2)", "=Avg(Expression2)"]' properties='{ orientation: "horizontal", barGrouping: { grouping: "stacked" } }'></qlik-embed>Note: charts on the fly works only with charts available in the
analytics/chartui in qlik-embed. Please consult the chart compatibility table for a list of compatible charts. Use the Viz on the fly ID for the type property.
Previously an html attribute to the <qlik-embed /> tag could include :json or :number
to indicate which type the string in the attribute should be parsed to. In some environments
the : is not allowed as a html parameter so it is now possible to also use ___
(triple underscore) as a delimiter.
This means you can now set context like this:
<qlik-embed context___json='{ theme: "Breeze" }' ... /> and it will be parsed as json.
Qlik is removing the com.qlik.user-identity.impersonation event from the audits service
in Qlik Cloud. Events of this type will no longer appear in the Events panel in your
tenant’s management console and responses from the audits API will no longer include
this event.
This change is a result of analysis which found the event added little customer value, with a better solution being to add the actor attribute to service events to indicate when a user was impersonated. This reduces audit complexity for customers, as well as the volume of events a customer needs to process to determine the actions their users are generating in the platform.
Note: The
com.qlik.user-identity.impersonationis not deprecated, it is simply being removed from a service that aggregates and surfaces events for external consumption.
This change will take effect no sooner than sixty days from the date on this changelog entry.
A change to the latest release of qlik-embed web components requires references
to the index.min.js file be specified for the library to run.
If you are using qlik-embed web components it is recommended you update the src
property of the script element declaring the full path to the library.
Update the attribute to include /dist/index.min.js in the path. Here is an example of
the new path for the src attribute:
src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1/dist/index.min.js".
Note: If you do not want to use the latest version of qlik-embed web components, it is possible to set the version in the path.
Here is an example of the src attribute referencing a pinned version of qlik-embed
web components:
src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1.1.1/dist/index.min.js".
Update the oauth-callback page used to handle connectivity between qlik-embed web components
and your Qlik Cloud tenant. Set the src attribute to use oauth-callback.min.js.
The resulting src attribute should look something like this:
src="https://cdn.jsdelivr.net/npm/@qlik/embed-web-components@1/dist/oauth-callback.min.js".
You can learn more about qlik-embed on the Why qlik-embed page.
classic/chart is a new UI for qlik-embed.
classic/chart renders visualizations that have not been converted
to nebula.js or use
the classic extension API.
Like other UIs available through qlik-embed, when you want to use classic/chart
in an embedded analytics context, set the ui property to classic/chart. If you use
qlik-embed web-components it will look something like this:
<qlik-embed ui="classic/chart" app-id="<appId>" object-id="<objectId>"></qlik-embed>classic/chart will render supported visualizations from Qlik Sense applications.
For a full support matrix, refer to
the supported charts page.
Third-party extensions may not render properly within embedded contexts compared to the native Qlik Sense experience if the extension manipulates private code such as CSS. Manipulating CSS in the native experience is not supported by Qlik, therefore, it’s not supported in qlik-embed.
Additionally, for best compatibility, it is suggested to enable iframe mode when working with extensions:
<qlik-embed ui="classic/chart" app-id="<appId>" object-id="<objectId>" iframe="true"></qlik-embed>To learn more about third-party extension compatibility with qlik-embed, please contact the extension author.
classic/chart does not support the following features:
You can learn more about qlik-embed on the Why qlik-embed page, or review the classic/chart example.
When you embed Qlik Cloud into your web applications, you likely require an authentication strategy that mitigates the blocking of third-party cookies by browsers.
Qlik is introducing support for OAuth impersonation tokens, which can be generated using a confidential OAuth machine-to-machine client for users in your Qlik Cloud tenant. Impersonation tokens are ideal for scenarios where:
If you intend to implement a client-side (front-end) authentication strategy or if your web application does not have a back-end component, you should leverage OAuth SPA for your application.
Considerations if moving from JWT
This capability provides a comparable experience to using JWT to authenticate from a web application to Qlik Cloud, with the benefit of not being blocked by third-party cookie restrictions.
The key difference is that OAuth impersonation requires that users already exist in the tenant and uses pre-existing user group mappings, rather than supporting update of groups on the fly during token requests. This means that:
qlik-api as part of the login flow.Learn more about OAuth impersonation
To discover more:
The admin.apps scope has additional permissions granting OAuth tokens with
this scope applied non-interactive access to the personal and private resources
end users in tenants can create and curate.
This update helps administrators address several management use cases involving resources in personal spaces and unpublished content in Qlik Sense applications.
Situations where this new ability is helpful include:
You can use this capability with qlik-cli, qlik-api, or calling tenant REST apis directly. This capability is not available in Qlik Cloud graphical user interfaces.
To learn more about how to configure and use this capability, please see the tutorial on managing personal and private content.
@qlik/api is a collection of javascript modules which each exposes an api
built to make the integration process for javascript solutions as easy as
possible. The library is built for both browser and NodeJS usage and will
seamlessly integrate with qlik-embed libraries.
@qlik/api provides Qlik Cloud REST endpoints and access to the Qlik Analytics
Engine (QIX).
@qlik/api REST interfaces are generated from open-api specifications released
from those Qlik Cloud services that exposes a restful API. The code generation
tool runs using the specs, building typescript for all api calls documented in
the specification. One module per api is generated.
You can learn more about the available modules in the REST section of the typescript types repository on Qlik Open Source.
Qlik’s Analytics Engine Service (QIX) is the runtime service for Qlik Sense
applications and several analytics services in Qlik Cloud. @qlik/api offers a
fully typed api for connecting to and consuming Qlik Sense Applications
including “Qlik Sense mixins” which previously only was used internally by
in-house Qlik developers.
More info about QIX can be found in the qix section.
Learn more about @qlik/api in the toolkits section.
This changelog provides 60 days’ deprecation notice of the Typescript version of the Platform SDK. The library is being replaced with the Qlik API.
The Qlik API offers the same capabilities and access to Qlik Cloud REST APIs and the Analytics engine, with the addition of officially supported Typescript types.
Switching from the Platform SDK to the Qlik API is straightforward, requiring only a few modifications to your code. The major change is in handling authentication when connecting to your Qlik Cloud tenant.
Authentication with @qlik/api:
//Backend applicationsimport { auth } from "@qlik/api";auth.setDefaultHostConfig({ authType: "oauth2", host: "<hostname>.<region>.qlikcloud.com", clientId: "<OAuth2_Client_ID>", clientSecret: "<OAuth2_Client_Secret>", });Authentication with Typescript Platform SDK:
const Qlik = require('@qlik/sdk').default;const { AuthType } = require("@qlik/sdk");
const config = { authType: AuthType.OAuth2, host: "<hostname>.<region>.qlikcloud.com", clientId: "<OAuth2_Client_ID>", clientSecret: "<OAuth2_Client_Secret>",};
(async () => { const qlik = new Qlik(config); await qlik.auth.authorize();})();For more information about @qlik/api, refer to
the release changelog
for @qlik/api or visit the toolkit page
at qlik-api.
Qlik is announcing a change in behavior for the Roles API. This API currently returns a list of all available roles on the tenant, and a change is being made to who can access this API.
As of April 9, 2024, only users assigned the Tenant Admin role will be able to
access the roles API. All other users will be denied access with a http 403 error.
How to access role information for non-Tenant Admin users
Today, any user can retrieve role records as shown below. Once
the change is made, any user without the TenantAdmin role
will receive a http 403 forbidden response.
curl "https://<TENANT>/api/v1/roles" \ -H "Authorization: Bearer <ACCESS_TOKEN>"# Http 200 - Ok{ "data": [ { "id": "<ROLE_ID>", "tenantId": "<TENANT_ID>", "name": "<ROLE_NAME>", }, ... ], "links": { "self": { "href": "https://<TENANT>/api/v1/roles" } }}Although users without the Tenant Admin role will not be able to return all roles in the tenant,
they remain able to list the roles that they are assigned either directly, or via group membership.
They can do this via the /api/v1/users/me endpoint.
curl "https://<TENANT>/api/v1/users/me?fields=assignedGroups,assignedRoles" \ -H "Authorization: Bearer <ACCESS_TOKEN>"# Http 200 - Ok{ "id": "<USER_ID>", "assignedRoles": [ { "id": "<ROLE_ID>", "name": "<ROLE_NAME>", "type": "default", "level": "user" }, ... ], "assignedGroups": [ { "id": "<GROUP_ID>", "name": "<GROUP_NAME>", "assignedRoles": [ { "id": "<ROLE_ID>", "name": "<ROLE_NAME>", "type": "default", "level": "user" }, ... ] }, ... ], "links": { "self": { "href": "https://<TENANT>/api/v1/users/me?fields=assignedGroups,assignedRoles" } }}Qlik is announcing a 30-day deprecation window for an unpublished endpoint on the Groups API.
No sooner than 30 days from the date of this notice,
GET /api/v1/groups/user-claims/:userID will be removed from the Groups API.
To migrate to a published endpoint, use GET /api/v1/users/:id.
curl "https://<TENANT>/api/v1/users/<USER_ID>?fields=groups" \ -H "Authorization: Bearer <ACCESS_TOKEN>"# Http 200 - Ok{ "id": "<USER_ID>", "groups": [ "accounting", "developer" ]}This changelog provides 30 days’ notice of the deprecation and removal of two attributes
in the POST /v1/sharing-tasks endpoint. This endpoint is used to create new sharing
tasks. Other methods are not affected.
Previously, the attributes allowed you to provide a different name for an asset than the system name. With the upcoming changes, the service will no longer apply user-provided values, instead, it will use the system name of the asset.
The attributes are:
root>appName - the name of the source Qlik Sense applicationroot>excelData>name - the name of the report template used to generate outputNo changes are needed to your code, as the API will continue to accept payloads with these attributes, but it will ignore any provided values.
Changes will be made no fewer than 30 days from the date of this notice.
For more information on Qlik’s API policies, please refer to the API policy page.
For more information on this API, please review the Sharing tasks API specification.
This changelog provides 60 days notice of deprecation and removal of
the /v1/automations/settings endpoints.
These endpoints turn on and off Qlik Application Automation on a tenant, and this
capability was superseded by the addition in July 2023 of a new role, Automation Creator.
This new role provides much greater flexibility in who can use automations, including
at tenant, group, and user level.
For more information on Qlik’s API policies, please refer to the API policy page.
To provide all users in the tenant with access to create and run automations,
you must add the AutomationCreator role to the Everyone group.
Assuming the Everyone group already had the PrivateAnalyticsContentCreator role
assigned, you would send a request to replace the assignedRoles with the new list
of PrivateAnalyticsContentCreator and AutomationCreator:
curl -L -X PATCH "https://<TENANT>/api/v1/groups/000000000000000000000001" ^-H "Authorization: Bearer <ACCESS_TOKEN>" ^-H "Content-type: application/json" ^-H "Accept: application/json" ^-d "[{\"op\": \"replace\", \"path\": \"/assignedRoles\", \"value\": [{\"name\": \"PrivateAnalyticsContentCreator\"}, {\"name\": \"SharedSpaceCreator\"}]}]"If successful, an empty response with an http 204 code is returned.
In a similar way, you can also assign access to groups from your Identity Provider, or to individual users.
For more information, please review the configure application automation topic.
Say hello to the new Example section on qlik.dev. This new section provides you with quick access to commonly used code snippets and scripts you can adapt and integrate into your projects.
Every example in this section will have a card providing a brief description and the language or tool you can use with it.
There are a lot of examples to share with you, and they’re being added to the gallery frequently, so make sure to subscribe to the changelog using the RSS link at the top of the page so you can stay up to date.
If you experience an issue with a snippet, please open an issue at the Qlik Cloud examples repository on Qlik’s open source Github. Include a link to the example, the problem, and if you have one, your proposed solution.
You can peruse the examples section here.
This changelog provides 60 days notice of deprecation and removal of some
undocumented attributes from the response of the /v1/licenses/assignments endpoint.
Qlik is making changes to ensure removal of user names and other identifiable information from APIs where the data is available via other, more appropriate APIs.
For more information on Qlik’s API policies, please refer to the API policy page.
The attributes name and userId will be removed from the response from the
/v1/licenses/assignments endpoint. These are optional, undocumented attributes
that can be set when assigning a license. It will still be possible to use these
attributes in the API filter.
Note: The endpoint will continue to return the user’s
subjectas their primary identifier. Qlik recommends not using personally identifiable information (PII) in thesubjectattribute in Qlik Cloud. A good practice is to use system generated GUIDs to uniquely identify users.
When set on a license assignment, the response currently looks like:
{ "subject": "QLIKBOT\\f0e92f326ac77427df155940fec39e6b", "type": "professional", "userId": "637390ec6541614d3a88d6c1", "name": "EU OAuth Client", "excess": false, "created": "2023-06-29T12:24:34.639Z"}After deprecation, the endpoint will return:
{ "subject": "QLIKBOT\\f0e92f326ac77427df155940fec39e6b", "type": "professional", "excess": false, "created": "2023-06-29T12:24:34.639Z"}If you need to look up the userId and name, you can retrieve these using
the list users endpoint.
curl --get --location 'https://<tenant>.<region>.qlikcloud.com/api/v1/users' ^--header 'Authorization: Bearer <token>' ^--header 'Content-type: application/json' ^--header 'Accept: application/json' ^--data-urlencode 'filter=subject eq "QLIKBOT\\f0e92f326ac77427df155940fec39e6b"'This will return the full user information for the user with that subject, including
the most current name and userId (returned as id) attributes.
{ "data":[ { "id":"637390ec6541614d3a88d6c2", "tenantId":"BL4tTJ4S7xrHTcq0zQxQrJ5qB1_Q6cSo", "clientId":"f0e92f326ac77427df155940fec39e6b", "status":"active", "subject":"qlikbot\\f0e92f326ac77427df155940fec39e6a", "name":"EU OAuth Client", ...For more information on the license assignment endpoint, please review the v1/licenses/assignments specification.
OAuth is a standard security protocol for authorization and delegation. It allows third party applications to access API resources without disclosing the end-user credentials.
Qlik Cloud supports OAuth 2.0 Authorization Code and Client Credentials flows. The OAuth client can obtain an authorization code or send client credentials header to exchange it with an access token that can be used to access Qlik Cloud APIs.
Alongside this delivery you will also get OAuth support for tools and libraries.
OAuth in Qlik-Cli
To quickly get started, you can use the qlik-cli command qlik context init for more
details, read the get started
section in the Qlik-Cli overview page or the
using OAuth clients with Qlik-Cli
section in
Get started with OAuth machine-to-machine
tutorial.
Platform SDKs
Back-end application, front-end application, Python or Javascript? no problem.
You can find a simple example using enigma.js in the
Platform SDKs overview page
or in the Using OAuth clients with Qlik Platform SDKs
section
Full tutorial OAuth single page applications with nebula.js can be found here
Client Id? just switch the webIntegrationId config with the clientId instead,
that’s it. See example code in the
Build a simple mashup using capability APIs
tutorial.Beginning November 1, 2022, Qlik is enforcing rate limits to API requests on Qlik Cloud REST APIs. This means any API request originating to a REST API endpoint on Qlik Cloud is subject to rejection if the number of requests to an endpoint exceeds the allowed amount in a specified duration on that endpoint.
NOTE: Read on to learn more about how you may be impacted by API rate limits.
Learn more about API rate limiting at these resources:
The qlik.dev changelog has an rss feed you can subscribe to by adding the
URL https://qlik.dev/rss.xml to
your preferred feed reader. Now updates from qlik.dev come to you in your inbox
or wherever you consume syndicated content.
Are you looking for a way to consume the latest API updates in the Qlikosphere? Wondering what new tutorials have been added without having to visit every page on qlik.dev? Need to find out if you are using the most current version of qlik-cli? Or maybe you want to know what new APIs are available to you since the last time you visited?
The developer changelog on qlik.dev is the source for all of this and more!
Check out the blog to learn more.