The QMC is a web-based application for configuring and administrating your Qlik Sense site.
- Manage licenses
- Manage tokens and access types
- Configure nodes
- Manage data connections
- Manage content security (by security rules)
- Manage tasks and triggers
- Synchronize users
The QMC provides you with a set of very powerful tools to create different access patterns for different QMC administrators and for the different user groups that access the hub:
- Security rules
- Admin roles
- Custom properties
Important concepts in the QMC
The resources in the QMC have an associative structure. This makes it easy for you to navigate between the different resources in the QMC. Because of the associative structure of the QMC, you can select a resource in more than one way. For example, you can select an app either from the apps overview or from the Associated items for the stream that the app belongs to. Similarly, you can select a task either from the tasks overview or from the Associated items for the app that the task belongs to.
On the QMC audit page, you can query for resources and users, and audit the security rules, load balancing rules, or license rules that have been defined in the Qlik Sense system.
Custom properties and QMC tags
In the QMC, you can create customized properties that you can connect to resources. The main purpose of custom properties is to use them in the security rules. You can also create and connect QMC tags that can be used for filtering on the overview page of a resource. Tags cannot be used in the security rules.
Application example for custom properties:
Grouping streams by department
Create a custom property called Departments with values appropriate to your organization. Apply the custom property to your streams and you can then apply security rules to streams according to their Departments property instead of managing security rules for individual streams.
You can manage security rules for all data connections from the QMC. Users can create data connections from Qlik Sense but the sharing of data connections (security rules) is managed from the QMC.
You can select several resources from the overview. By doing this, you can edit or delete multiple resources at the same time. This makes your QMC administration work more efficient.
Publish to stream
By default, Qlik Sense includes two streams: Everyone and Monitoring apps.
Content security is a critical aspect of setting up and managing your Qlik Sense system. The QMC enables you to centrally create and manage security rules for all your Qlik Sense resources. Security rules define what a user is allowed to do with a resource, for example read, update, create, or delete.
By design, security rules are written to include, not exclude, users. Users who are not included in security rules are denied access. Therefore, security rules must be created to enable users to interact with Qlik Sense content, data connections, and other resources.
Tokens and access types
The License Enabling File (LEF) determines the number of tokens that you can allocate to different access types. An access type allows the users to access streams and apps within a Qlik Sense site. You can adjust the token usage according to the usage need over time. Each access type provides the Qlik Sense user with a certain type of access to Qlik Sense apps. A user with no access type cannot see any streams.
All user data is stored in the Qlik Sense Repository Service (QRS) database. You create user directory connectors in the QMC to be able to synchronize and retrieve the user data from a configured directory service. When a user logs in to Qlik Sense or the QMC, the user data is automatically retrieved. You can change the authentication method that handles the authentication of the Qlik Sense users.
The creator of a resource (for example, an app or a stream) is by default the owner of the resource. You can change the ownership for resources in the QMC.
The following illustration gives an overview of the workflow of the resources.
The apps, sheets, and stories are created from the hub and published to a stream from the QMC.
Tasks are available for apps and user directory connectors. The reload task is used to fully reload the data in an app from the source. The user sync task is applied to a user directory connector to synchronize the users from a user directory. Triggers can execute tasks.
A stream security rule is applied to the stream and affects the access rights for the users.
The site license provides for a number of tokens that are allocated to access types. Users are given access to streams and apps on the hub by login access or user access. A security rule is applied to the login access to specify which users the login access is available for.