Configure tenant features and capabilities

In this topic, you will learn about how to control access to features and capabilities in a Qlik Cloud tenant.

When using the management console of a tenant as a user with the Tenant Admin role, you will see various settings that help you control which features your users have access to. The configuration method varies by service, both in terms of the API calls required, and the level at which it can be configured. Some services support user or space-level access, while others are available only at the tenant level.

Prerequisites

  • You have a basic understanding of Qlik Cloud and the features available to users.
  • cURL for running the inline examples.
  • Access to an API key or access token from an account assigned the Tenant Admin role.

Note: The cURL examples in this topic show the command syntax for Windows Command Prompt. If you are using another command line interface, different syntax may be required for line continuation. You may also need to adjust the number and type of quotes surrounding the parameters and their values.

Variable substitution

Throughout this topic, variables will be used to communicate value placement. The variable substitution format is <VARIABLE_NAME>. Here is a list of variables referred to in this tutorial.

VariableDescription
<TENANT>The URL for the tenant that you are configuring. Equivalent to tenanthostname.region.qlikcloud.com.
<ACCESS_TOKEN>A bearer token or API key for authorizing https requests to the <TENANT>.

Configure automatic entitlement assignment

If you are a customer leveraging Qlik's user entitlement model, users will be assigned a named Professional or Analyzer entitlement, or consume Analyzer Capacity as they use the platform. For more information on this model, review assigning user entitlements.

To turn off the automatic assignment of named entitlements to new users as they are created, or as they access content in the tenant, change the values of autoAssignProfessional and autoAssignAnalyzer to false in this API call:

curl -L "https://<TENANT>/api/v1/licenses/settings" ^
-X PUT ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-H "Accept: application/json" ^
-d "{\"autoAssignProfessional\":false,\"autoAssignAnalyzer\":false}"

If successful, the result of the request is returned with an http 200 code.

{
    "autoAssignProfessional": false,
    "autoAssignAnalyzer": false
}

For more information on this endpoint, review the API specification for licenses/settings.

Configure Application Automation

Qlik Application Automation is available by default to all users with the appropriate user entitlement in the tenant.

As automations exist only in personal spaces, you can determine who can create, update, and delete their automations by adding or removing the Automation Creator role from the Everyone group.

If you are not familar with groups in Qlik Cloud, review the managing groups topic.

To remove this role from the Everyone group, thereby removing the ability for users to use automations, you must first retrieve the list of roles assigned to the Everyone group. The Everyone group always has the ID of 000000000000000000000001.

curl -L "https://<TENANT>/api/v1/groups/000000000000000000000001" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-H "Accept: application/json"

This will return the group definition for the Everyone group:

{
    "id": "000000000000000000000001",
    "tenantId": "BL4tTJ4S7xrHTcq0zQxQrJ5qB1_Q6cSo",
    ...
    "name": "com.qlik.Everyone",
    ...
    "assignedRoles": [
        {
            "id": "6467dcd960754c03a3ed402c",
            "name": "AutomationCreator",
            "type": "default",
            "level": "user"
        },
        {
            "id": "63580b8d5cf9728f19217be0",
            "name": "PrivateAnalyticsContentCreator",
            "type": "default",
            "level": "user"
        },
        {
            "id": "605a1c2151382ffc836af862",
            "name": "SharedSpaceCreator",
            "type": "default",
            "level": "user"
        }
    ],
    ...
}

This response indicates that there are three roles assigned to the Everyone group; AutomationCreator, PrivateAnalyticsContentCreator and SharedSpaceCreator. Your next request will patch this group, requesting that the roles are replaced with just PrivateAnalyticsContentCreator and SharedSpaceCreator.

curl -L -X PATCH "https://<TENANT>/api/v1/groups/000000000000000000000001" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-H "Accept: application/json" ^
-d "[{\"op\": \"replace\", \"path\": \"/assignedRoles\", \"value\": [{\"name\": \"PrivateAnalyticsContentCreator\"}, {\"name\": \"SharedSpaceCreator\"}]}]"

If successful, an empty response with an http 204 code is returned.

For more information on this endpoint, review the API specification for groups.

If you then wish to add this capability back to a subset of your users, you can opt to assign this role on a user-by-user or group-by-group basis with a patch call to the users or groups APIs.

Configure Data Alerts

Data alerts are enabled by default in new tenants, and can be configured at a tenant-wide level. This setting affects all users in a tenant, and will hide the feature context menus in Qlik Sense.

To turn off data alerts, set the value of enable-data-alerting to false:

curl -L -X PUT "https://<TENANT>/api/v1/data-alerts/settings" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-H "Accept: application/json" ^
-d "{\"enable-data-alerting\": false }"

If successful, an empty response with an http 204 code is returned.

For more information on this endpoint, review the API specification for data-alerts/settings.

Configure Notes

Notes are enabled by default in new tenants, and can be configured at a tenant-wide level. This setting affects all users in a tenant, and will hide the feature context menus in Qlik Sense.

To turn off notes, set the value of toggledOn to false:

curl -L "https://<TENANT>/api/v1/notes/settings" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-d "{ \"toggledOn\": false }"

If successful, the result of the request is returned with an http 200 code.

{
    "available": false,
    "reason": "toggle",
    "lastFetch": "2023-07-21T16:26:30.158Z",
    "toggledOn": false
}

This indicates that notes is no longer available to users.

For more information on this endpoint, review the API specification for notes/settings.

Configure usage metrics in the hub

Usage metrics are enabled by default in new tenants, and can be configured at a tenant-wide level. This setting affects all users in a tenant, and will hide the usage metrics visible in the hub.

To turn off usage metrics, set the value of /usageMetricsEnabled to false:

curl -L -X PATCH "https://<TENANT>/api/v1/items/settings" ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-type: application/json" ^
-H "Accept: application/json" ^
-d "[{\"op\": \"replace\", \"path\": \"/usageMetricsEnabled\", \"value\": false }]"

If successful, the result of the request is returned with an http 200 code.

{
    "usageMetricsEnabled": false
}

This indicates that usage metrics are no longer available or visible to users.

For more information on this endpoint, review the API specification for items/settings.

Was this page helpful?