Skip to main content Skip to complementary content

Identity providers

An identity provider (IdP) manages identity information for users and provides authentication services. You have the option to use an already existing IdP when setting up your deployment. You can also choose to use Qlik Account. Any IdP vendor compatible with the OpenID Connect or SAML standard is supported.

To support the use of your own IdP, your license includes IdP. With this license there is an Identity provider pane in the Management Console. If you do not have an IdP, you can use the invite option under Users in the Management Console.

Information note

This functionality is not available in Qlik Sense Business.

Information noteYour subscription only includes one of the options to add users, either through an IdP or by sending email invites. However, when you switch from Invite users to an identity provider configuration, the invite option will remain until the identity provider has been activated.

In Qlik Cloud, Qlik automatically provisions a default identity provider (IdP) called Qlik Account to make it easier to get started with the platform (not available with Qlik Cloud Government). Qlik Account is a Qlik provided authentication mechanism to access properties within the and domains. The email address for which you received the Qlik Cloud welcome email, also known as the Service Account Owner, is a member of the Qlik AccountIdP, and for Qlik Cloud tenants created via My Qlik is able to immediately log into the tenant following creation.

You can also choose to use your own IdP to a Qlik Cloud deployment. Each Qlik Cloud tenant supports one interactive IdP such as Qlik Account, Microsoft Entra ID (formerly Azure AD), OKTA, Auth0, or another IdP compliant with OpenID Connect (OIDC) or SAML. If you deploy your own interactive IdP, this will replace the Qlik Account login flow with that of your chosen IdP.

Qlik Sense Mobile SaaS and identity providers

If your Qlik Cloud users are using Qlik Sense Mobile SaaS, you must use one of the following identity providers. Identity provider vendors not listed may support Qlik Sense Mobile SaaS connectivity.

  • Okta

  • Auth0

  • Salesforce

  • Microsoft Entra ID (formerly Azure AD)

  • Google Identity (Generic integration)

  • OneLogin (Generic integration)

  • Qlik Account (not available with Qlik Cloud Government)

Information noteAn Okta configuration supports Qlik Sense Mobile SaaS connectivity, but users may notice that frequent re-login is required. To fix this, the identity provider administrator should enable the application's Refresh Token setting.
Information noteA Salesforce configuration supports Qlik Sense Mobile SaaS connectivity only if the identity provider enables offline access, which is disabled by default. If you do not enable offline access, Qlik Sense Mobile SaaS users will see an error message with text similar to "invalid or unavailable offline_access scope".

Learn more

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!