Skip to main content
Close announcements banner

Authentication and authorization

Considering that the user’s browser reaches out to a fort directly, as you’ve seen in the previous section on Communications security, how does the fort authenticate the user? Does it need to reach out directly to the customer’s identify provider (IdP) in the same way that Qlik Cloud does to authenticate users? Fortunately not, because this would require the fort to be a client of the customer’s IdP, which would require additional setup and potentially introduce additional operational complications.

Instead, the client authenticates directly with the customer’s IdP, and when the client connects to a fort, the fort authenticates with a Qlik Cloud OAuth server, which is capable of identifying that the user has already been authenticated by the customer’s IdP.

User authentication in Forts

How user authentication works in Forts